1 /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
2 * vim:expandtab:shiftwidth=8:tabstop=8:
6 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 only,
10 * as published by the Free Software Foundation.
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License version 2 for more details (a copy is included
16 * in the LICENSE file that accompanied this code).
18 * You should have received a copy of the GNU General Public License
19 * version 2 along with this program; If not, see
20 * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
22 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
23 * CA 95054 USA or visit www.sun.com if you need additional information or
29 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
30 * Use is subject to license terms.
32 * Copyright (c) 2011, Whamcloud, Inc.
35 * This file is part of Lustre, http://www.lustre.org/
36 * Lustre is a trademark of Sun Microsystems, Inc.
38 * lustre/ptlrpc/sec_plain.c
40 * Author: Eric Mei <ericm@clusterfs.com>
44 # define EXPORT_SYMTAB
46 #define DEBUG_SUBSYSTEM S_SEC
49 #include <liblustre.h>
52 #include <obd_support.h>
53 #include <obd_cksum.h>
54 #include <obd_class.h>
55 #include <lustre_net.h>
56 #include <lustre_sec.h>
59 struct ptlrpc_sec pls_base;
60 cfs_rwlock_t pls_lock;
61 struct ptlrpc_cli_ctx *pls_ctx;
64 static inline struct plain_sec *sec2plsec(struct ptlrpc_sec *sec)
66 return container_of(sec, struct plain_sec, pls_base);
69 static struct ptlrpc_sec_policy plain_policy;
70 static struct ptlrpc_ctx_ops plain_ctx_ops;
71 static struct ptlrpc_svc_ctx plain_svc_ctx;
73 static unsigned int plain_at_offset;
76 * for simplicity, plain policy rpc use fixed layout.
78 #define PLAIN_PACK_SEGMENTS (4)
80 #define PLAIN_PACK_HDR_OFF (0)
81 #define PLAIN_PACK_MSG_OFF (1)
82 #define PLAIN_PACK_USER_OFF (2)
83 #define PLAIN_PACK_BULK_OFF (3)
85 #define PLAIN_FL_USER (0x01)
86 #define PLAIN_FL_BULK (0x02)
91 __u8 ph_sp; /* source */
92 __u8 ph_bulk_hash_alg; /* complete flavor desc */
96 struct plain_bulk_token {
100 #define PLAIN_BSD_SIZE \
101 (sizeof(struct ptlrpc_bulk_sec_desc) + sizeof(struct plain_bulk_token))
103 /****************************************
104 * bulk checksum helpers *
105 ****************************************/
107 static int plain_unpack_bsd(struct lustre_msg *msg, int swabbed)
109 struct ptlrpc_bulk_sec_desc *bsd;
111 if (bulk_sec_desc_unpack(msg, PLAIN_PACK_BULK_OFF, swabbed))
114 bsd = lustre_msg_buf(msg, PLAIN_PACK_BULK_OFF, PLAIN_BSD_SIZE);
116 CERROR("bulk sec desc has short size %d\n",
117 lustre_msg_buflen(msg, PLAIN_PACK_BULK_OFF));
121 if (bsd->bsd_svc != SPTLRPC_BULK_SVC_NULL &&
122 bsd->bsd_svc != SPTLRPC_BULK_SVC_INTG) {
123 CERROR("invalid bulk svc %u\n", bsd->bsd_svc);
130 static int plain_generate_bulk_csum(struct ptlrpc_bulk_desc *desc,
132 struct plain_bulk_token *token)
134 if (hash_alg == BULK_HASH_ALG_NULL)
137 memset(token->pbt_hash, 0, sizeof(token->pbt_hash));
138 return sptlrpc_get_bulk_checksum(desc, hash_alg, token->pbt_hash,
139 sizeof(token->pbt_hash));
142 static int plain_verify_bulk_csum(struct ptlrpc_bulk_desc *desc,
144 struct plain_bulk_token *tokenr)
146 struct plain_bulk_token tokenv;
149 if (hash_alg == BULK_HASH_ALG_NULL)
152 memset(&tokenv.pbt_hash, 0, sizeof(tokenv.pbt_hash));
153 rc = sptlrpc_get_bulk_checksum(desc, hash_alg, tokenv.pbt_hash,
154 sizeof(tokenv.pbt_hash));
158 if (memcmp(tokenr->pbt_hash, tokenv.pbt_hash, sizeof(tokenr->pbt_hash)))
164 static void corrupt_bulk_data(struct ptlrpc_bulk_desc *desc)
169 for (i = 0; i < desc->bd_iov_count; i++) {
170 if (desc->bd_iov[i].kiov_len == 0)
173 ptr = cfs_kmap(desc->bd_iov[i].kiov_page);
174 off = desc->bd_iov[i].kiov_offset & ~CFS_PAGE_MASK;
176 cfs_kunmap(desc->bd_iov[i].kiov_page);
181 static void corrupt_bulk_data(struct ptlrpc_bulk_desc *desc)
185 for (i = 0; i < desc->bd_iov_count; i++) {
186 if (desc->bd_iov[i].iov_len == 0)
189 ((char *)desc->bd_iov[i].iov_base)[i] ^= 0x1;
193 #endif /* __KERNEL__ */
195 /****************************************
197 ****************************************/
200 int plain_ctx_refresh(struct ptlrpc_cli_ctx *ctx)
202 /* should never reach here */
208 int plain_ctx_validate(struct ptlrpc_cli_ctx *ctx)
214 int plain_ctx_sign(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
216 struct lustre_msg *msg = req->rq_reqbuf;
217 struct plain_header *phdr;
220 msg->lm_secflvr = req->rq_flvr.sf_rpc;
222 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, 0);
225 phdr->ph_sp = ctx->cc_sec->ps_part;
226 phdr->ph_bulk_hash_alg = req->rq_flvr.u_bulk.hash.hash_alg;
228 if (req->rq_pack_udesc)
229 phdr->ph_flags |= PLAIN_FL_USER;
230 if (req->rq_pack_bulk)
231 phdr->ph_flags |= PLAIN_FL_BULK;
233 req->rq_reqdata_len = lustre_msg_size_v2(msg->lm_bufcount,
239 int plain_ctx_verify(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
241 struct lustre_msg *msg = req->rq_repdata;
242 struct plain_header *phdr;
247 if (msg->lm_bufcount != PLAIN_PACK_SEGMENTS) {
248 CERROR("unexpected reply buf count %u\n", msg->lm_bufcount);
252 swabbed = ptlrpc_rep_need_swab(req);
254 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, sizeof(*phdr));
256 CERROR("missing plain header\n");
260 if (phdr->ph_ver != 0) {
261 CERROR("Invalid header version\n");
265 /* expect no user desc in reply */
266 if (phdr->ph_flags & PLAIN_FL_USER) {
267 CERROR("Unexpected udesc flag in reply\n");
271 if (phdr->ph_bulk_hash_alg != req->rq_flvr.u_bulk.hash.hash_alg) {
272 CERROR("reply bulk flavor %u != %u\n", phdr->ph_bulk_hash_alg,
273 req->rq_flvr.u_bulk.hash.hash_alg);
277 if (unlikely(req->rq_early)) {
278 cksum = crc32_le(!(__u32) 0,
279 lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
280 lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF));
281 if (cksum != msg->lm_cksum) {
283 "early reply checksum mismatch: %08x != %08x\n",
284 cpu_to_le32(cksum), msg->lm_cksum);
288 /* whether we sent with bulk or not, we expect the same
289 * in reply, except for early reply */
290 if (!req->rq_early &&
291 !equi(req->rq_pack_bulk == 1,
292 phdr->ph_flags & PLAIN_FL_BULK)) {
293 CERROR("%s bulk checksum in reply\n",
294 req->rq_pack_bulk ? "Missing" : "Unexpected");
298 if (phdr->ph_flags & PLAIN_FL_BULK) {
299 if (plain_unpack_bsd(msg, swabbed))
304 req->rq_repmsg = lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0);
305 req->rq_replen = lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF);
310 int plain_cli_wrap_bulk(struct ptlrpc_cli_ctx *ctx,
311 struct ptlrpc_request *req,
312 struct ptlrpc_bulk_desc *desc)
314 struct ptlrpc_bulk_sec_desc *bsd;
315 struct plain_bulk_token *token;
318 LASSERT(req->rq_pack_bulk);
319 LASSERT(req->rq_reqbuf->lm_bufcount == PLAIN_PACK_SEGMENTS);
321 bsd = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
322 token = (struct plain_bulk_token *) bsd->bsd_data;
324 bsd->bsd_version = 0;
326 bsd->bsd_type = SPTLRPC_BULK_DEFAULT;
327 bsd->bsd_svc = SPTLRPC_FLVR_BULK_SVC(req->rq_flvr.sf_rpc);
329 if (bsd->bsd_svc == SPTLRPC_BULK_SVC_NULL)
332 if (req->rq_bulk_read)
335 rc = plain_generate_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
338 CERROR("bulk write: failed to compute checksum: %d\n", rc);
341 * for sending we only compute the wrong checksum instead
342 * of corrupting the data so it is still correct on a redo
344 if (OBD_FAIL_CHECK(OBD_FAIL_OSC_CHECKSUM_SEND) &&
345 req->rq_flvr.u_bulk.hash.hash_alg != BULK_HASH_ALG_NULL)
346 token->pbt_hash[0] ^= 0x1;
353 int plain_cli_unwrap_bulk(struct ptlrpc_cli_ctx *ctx,
354 struct ptlrpc_request *req,
355 struct ptlrpc_bulk_desc *desc)
357 struct ptlrpc_bulk_sec_desc *bsdv;
358 struct plain_bulk_token *tokenv;
364 LASSERT(req->rq_pack_bulk);
365 LASSERT(req->rq_reqbuf->lm_bufcount == PLAIN_PACK_SEGMENTS);
366 LASSERT(req->rq_repdata->lm_bufcount == PLAIN_PACK_SEGMENTS);
368 bsdv = lustre_msg_buf(req->rq_repdata, PLAIN_PACK_BULK_OFF, 0);
369 tokenv = (struct plain_bulk_token *) bsdv->bsd_data;
371 if (req->rq_bulk_write) {
372 if (bsdv->bsd_flags & BSD_FL_ERR)
378 /* fix the actual data size */
379 for (i = 0, nob = 0; i < desc->bd_iov_count; i++) {
380 if (desc->bd_iov[i].kiov_len + nob > desc->bd_nob_transferred) {
381 desc->bd_iov[i].kiov_len =
382 desc->bd_nob_transferred - nob;
384 nob += desc->bd_iov[i].kiov_len;
388 rc = plain_verify_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
391 CERROR("bulk read: client verify failed: %d\n", rc);
396 /****************************************
398 ****************************************/
401 struct ptlrpc_cli_ctx *plain_sec_install_ctx(struct plain_sec *plsec)
403 struct ptlrpc_cli_ctx *ctx, *ctx_new;
405 OBD_ALLOC_PTR(ctx_new);
407 cfs_write_lock(&plsec->pls_lock);
409 ctx = plsec->pls_ctx;
411 cfs_atomic_inc(&ctx->cc_refcount);
414 OBD_FREE_PTR(ctx_new);
415 } else if (ctx_new) {
418 cfs_atomic_set(&ctx->cc_refcount, 1); /* for cache */
419 ctx->cc_sec = &plsec->pls_base;
420 ctx->cc_ops = &plain_ctx_ops;
422 ctx->cc_flags = PTLRPC_CTX_CACHED | PTLRPC_CTX_UPTODATE;
423 ctx->cc_vcred.vc_uid = 0;
424 cfs_spin_lock_init(&ctx->cc_lock);
425 CFS_INIT_LIST_HEAD(&ctx->cc_req_list);
426 CFS_INIT_LIST_HEAD(&ctx->cc_gc_chain);
428 plsec->pls_ctx = ctx;
429 cfs_atomic_inc(&plsec->pls_base.ps_nctx);
430 cfs_atomic_inc(&plsec->pls_base.ps_refcount);
432 cfs_atomic_inc(&ctx->cc_refcount); /* for caller */
435 cfs_write_unlock(&plsec->pls_lock);
441 void plain_destroy_sec(struct ptlrpc_sec *sec)
443 struct plain_sec *plsec = sec2plsec(sec);
446 LASSERT(sec->ps_policy == &plain_policy);
447 LASSERT(sec->ps_import);
448 LASSERT(cfs_atomic_read(&sec->ps_refcount) == 0);
449 LASSERT(cfs_atomic_read(&sec->ps_nctx) == 0);
450 LASSERT(plsec->pls_ctx == NULL);
452 class_import_put(sec->ps_import);
459 void plain_kill_sec(struct ptlrpc_sec *sec)
465 struct ptlrpc_sec *plain_create_sec(struct obd_import *imp,
466 struct ptlrpc_svc_ctx *svc_ctx,
467 struct sptlrpc_flavor *sf)
469 struct plain_sec *plsec;
470 struct ptlrpc_sec *sec;
471 struct ptlrpc_cli_ctx *ctx;
474 LASSERT(SPTLRPC_FLVR_POLICY(sf->sf_rpc) == SPTLRPC_POLICY_PLAIN);
476 OBD_ALLOC_PTR(plsec);
481 * initialize plain_sec
483 cfs_rwlock_init(&plsec->pls_lock);
484 plsec->pls_ctx = NULL;
486 sec = &plsec->pls_base;
487 sec->ps_policy = &plain_policy;
488 cfs_atomic_set(&sec->ps_refcount, 0);
489 cfs_atomic_set(&sec->ps_nctx, 0);
490 sec->ps_id = sptlrpc_get_next_secid();
491 sec->ps_import = class_import_get(imp);
493 cfs_spin_lock_init(&sec->ps_lock);
494 CFS_INIT_LIST_HEAD(&sec->ps_gc_list);
495 sec->ps_gc_interval = 0;
498 /* install ctx immediately if this is a reverse sec */
500 ctx = plain_sec_install_ctx(plsec);
502 plain_destroy_sec(sec);
505 sptlrpc_cli_ctx_put(ctx, 1);
512 struct ptlrpc_cli_ctx *plain_lookup_ctx(struct ptlrpc_sec *sec,
513 struct vfs_cred *vcred,
514 int create, int remove_dead)
516 struct plain_sec *plsec = sec2plsec(sec);
517 struct ptlrpc_cli_ctx *ctx;
520 cfs_read_lock(&plsec->pls_lock);
521 ctx = plsec->pls_ctx;
523 cfs_atomic_inc(&ctx->cc_refcount);
524 cfs_read_unlock(&plsec->pls_lock);
526 if (unlikely(ctx == NULL))
527 ctx = plain_sec_install_ctx(plsec);
533 void plain_release_ctx(struct ptlrpc_sec *sec,
534 struct ptlrpc_cli_ctx *ctx, int sync)
536 LASSERT(cfs_atomic_read(&sec->ps_refcount) > 0);
537 LASSERT(cfs_atomic_read(&sec->ps_nctx) > 0);
538 LASSERT(cfs_atomic_read(&ctx->cc_refcount) == 0);
539 LASSERT(ctx->cc_sec == sec);
543 cfs_atomic_dec(&sec->ps_nctx);
544 sptlrpc_sec_put(sec);
548 int plain_flush_ctx_cache(struct ptlrpc_sec *sec,
549 uid_t uid, int grace, int force)
551 struct plain_sec *plsec = sec2plsec(sec);
552 struct ptlrpc_cli_ctx *ctx;
555 /* do nothing unless caller want to flush for 'all' */
559 cfs_write_lock(&plsec->pls_lock);
560 ctx = plsec->pls_ctx;
561 plsec->pls_ctx = NULL;
562 cfs_write_unlock(&plsec->pls_lock);
565 sptlrpc_cli_ctx_put(ctx, 1);
570 int plain_alloc_reqbuf(struct ptlrpc_sec *sec,
571 struct ptlrpc_request *req,
574 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
578 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
579 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
581 if (req->rq_pack_udesc)
582 buflens[PLAIN_PACK_USER_OFF] = sptlrpc_current_user_desc_size();
584 if (req->rq_pack_bulk) {
585 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
586 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
589 alloc_len = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
591 if (!req->rq_reqbuf) {
592 LASSERT(!req->rq_pool);
594 alloc_len = size_roundup_power2(alloc_len);
595 OBD_ALLOC_LARGE(req->rq_reqbuf, alloc_len);
599 req->rq_reqbuf_len = alloc_len;
601 LASSERT(req->rq_pool);
602 LASSERT(req->rq_reqbuf_len >= alloc_len);
603 memset(req->rq_reqbuf, 0, alloc_len);
606 lustre_init_msg_v2(req->rq_reqbuf, PLAIN_PACK_SEGMENTS, buflens, NULL);
607 req->rq_reqmsg = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_MSG_OFF, 0);
609 if (req->rq_pack_udesc)
610 sptlrpc_pack_user_desc(req->rq_reqbuf, PLAIN_PACK_USER_OFF);
616 void plain_free_reqbuf(struct ptlrpc_sec *sec,
617 struct ptlrpc_request *req)
621 OBD_FREE_LARGE(req->rq_reqbuf, req->rq_reqbuf_len);
622 req->rq_reqbuf = NULL;
623 req->rq_reqbuf_len = 0;
629 int plain_alloc_repbuf(struct ptlrpc_sec *sec,
630 struct ptlrpc_request *req,
633 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
637 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
638 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
640 if (req->rq_pack_bulk) {
641 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
642 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
645 alloc_len = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
647 /* add space for early reply */
648 alloc_len += plain_at_offset;
650 alloc_len = size_roundup_power2(alloc_len);
652 OBD_ALLOC_LARGE(req->rq_repbuf, alloc_len);
656 req->rq_repbuf_len = alloc_len;
661 void plain_free_repbuf(struct ptlrpc_sec *sec,
662 struct ptlrpc_request *req)
665 OBD_FREE_LARGE(req->rq_repbuf, req->rq_repbuf_len);
666 req->rq_repbuf = NULL;
667 req->rq_repbuf_len = 0;
672 int plain_enlarge_reqbuf(struct ptlrpc_sec *sec,
673 struct ptlrpc_request *req,
674 int segment, int newsize)
676 struct lustre_msg *newbuf;
678 int newmsg_size, newbuf_size;
681 LASSERT(req->rq_reqbuf);
682 LASSERT(req->rq_reqbuf_len >= req->rq_reqlen);
683 LASSERT(lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_MSG_OFF, 0) ==
686 /* compute new embedded msg size. */
687 oldsize = req->rq_reqmsg->lm_buflens[segment];
688 req->rq_reqmsg->lm_buflens[segment] = newsize;
689 newmsg_size = lustre_msg_size_v2(req->rq_reqmsg->lm_bufcount,
690 req->rq_reqmsg->lm_buflens);
691 req->rq_reqmsg->lm_buflens[segment] = oldsize;
693 /* compute new wrapper msg size. */
694 oldsize = req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF];
695 req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF] = newmsg_size;
696 newbuf_size = lustre_msg_size_v2(req->rq_reqbuf->lm_bufcount,
697 req->rq_reqbuf->lm_buflens);
698 req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF] = oldsize;
700 /* request from pool should always have enough buffer */
701 LASSERT(!req->rq_pool || req->rq_reqbuf_len >= newbuf_size);
703 if (req->rq_reqbuf_len < newbuf_size) {
704 newbuf_size = size_roundup_power2(newbuf_size);
706 OBD_ALLOC_LARGE(newbuf, newbuf_size);
710 memcpy(newbuf, req->rq_reqbuf, req->rq_reqbuf_len);
712 OBD_FREE_LARGE(req->rq_reqbuf, req->rq_reqbuf_len);
713 req->rq_reqbuf = newbuf;
714 req->rq_reqbuf_len = newbuf_size;
715 req->rq_reqmsg = lustre_msg_buf(req->rq_reqbuf,
716 PLAIN_PACK_MSG_OFF, 0);
719 _sptlrpc_enlarge_msg_inplace(req->rq_reqbuf, PLAIN_PACK_MSG_OFF,
721 _sptlrpc_enlarge_msg_inplace(req->rq_reqmsg, segment, newsize);
723 req->rq_reqlen = newmsg_size;
727 /****************************************
729 ****************************************/
731 static struct ptlrpc_svc_ctx plain_svc_ctx = {
732 .sc_refcount = CFS_ATOMIC_INIT(1),
733 .sc_policy = &plain_policy,
737 int plain_accept(struct ptlrpc_request *req)
739 struct lustre_msg *msg = req->rq_reqbuf;
740 struct plain_header *phdr;
744 LASSERT(SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc) ==
745 SPTLRPC_POLICY_PLAIN);
747 if (SPTLRPC_FLVR_BASE(req->rq_flvr.sf_rpc) !=
748 SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_PLAIN) ||
749 SPTLRPC_FLVR_BULK_TYPE(req->rq_flvr.sf_rpc) !=
750 SPTLRPC_FLVR_BULK_TYPE(SPTLRPC_FLVR_PLAIN)) {
751 CERROR("Invalid rpc flavor %x\n", req->rq_flvr.sf_rpc);
755 if (msg->lm_bufcount < PLAIN_PACK_SEGMENTS) {
756 CERROR("unexpected request buf count %u\n", msg->lm_bufcount);
760 swabbed = ptlrpc_req_need_swab(req);
762 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, sizeof(*phdr));
764 CERROR("missing plain header\n");
768 if (phdr->ph_ver != 0) {
769 CERROR("Invalid header version\n");
773 if (phdr->ph_bulk_hash_alg >= BULK_HASH_ALG_MAX) {
774 CERROR("invalid hash algorithm: %u\n", phdr->ph_bulk_hash_alg);
778 req->rq_sp_from = phdr->ph_sp;
779 req->rq_flvr.u_bulk.hash.hash_alg = phdr->ph_bulk_hash_alg;
781 if (phdr->ph_flags & PLAIN_FL_USER) {
782 if (sptlrpc_unpack_user_desc(msg, PLAIN_PACK_USER_OFF,
784 CERROR("Mal-formed user descriptor\n");
788 req->rq_pack_udesc = 1;
789 req->rq_user_desc = lustre_msg_buf(msg, PLAIN_PACK_USER_OFF, 0);
792 if (phdr->ph_flags & PLAIN_FL_BULK) {
793 if (plain_unpack_bsd(msg, swabbed))
796 req->rq_pack_bulk = 1;
799 req->rq_reqmsg = lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0);
800 req->rq_reqlen = msg->lm_buflens[PLAIN_PACK_MSG_OFF];
802 req->rq_svc_ctx = &plain_svc_ctx;
803 cfs_atomic_inc(&req->rq_svc_ctx->sc_refcount);
809 int plain_alloc_rs(struct ptlrpc_request *req, int msgsize)
811 struct ptlrpc_reply_state *rs;
812 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
813 int rs_size = sizeof(*rs);
816 LASSERT(msgsize % 8 == 0);
818 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
819 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
821 if (req->rq_pack_bulk && (req->rq_bulk_read || req->rq_bulk_write))
822 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
824 rs_size += lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
826 rs = req->rq_reply_state;
830 LASSERT(rs->rs_size >= rs_size);
832 OBD_ALLOC_LARGE(rs, rs_size);
836 rs->rs_size = rs_size;
839 rs->rs_svc_ctx = req->rq_svc_ctx;
840 cfs_atomic_inc(&req->rq_svc_ctx->sc_refcount);
841 rs->rs_repbuf = (struct lustre_msg *) (rs + 1);
842 rs->rs_repbuf_len = rs_size - sizeof(*rs);
844 lustre_init_msg_v2(rs->rs_repbuf, PLAIN_PACK_SEGMENTS, buflens, NULL);
845 rs->rs_msg = lustre_msg_buf_v2(rs->rs_repbuf, PLAIN_PACK_MSG_OFF, 0);
847 req->rq_reply_state = rs;
852 void plain_free_rs(struct ptlrpc_reply_state *rs)
856 LASSERT(cfs_atomic_read(&rs->rs_svc_ctx->sc_refcount) > 1);
857 cfs_atomic_dec(&rs->rs_svc_ctx->sc_refcount);
859 if (!rs->rs_prealloc)
860 OBD_FREE_LARGE(rs, rs->rs_size);
865 int plain_authorize(struct ptlrpc_request *req)
867 struct ptlrpc_reply_state *rs = req->rq_reply_state;
868 struct lustre_msg_v2 *msg = rs->rs_repbuf;
869 struct plain_header *phdr;
876 if (req->rq_replen != msg->lm_buflens[PLAIN_PACK_MSG_OFF])
877 len = lustre_shrink_msg(msg, PLAIN_PACK_MSG_OFF,
880 len = lustre_msg_size_v2(msg->lm_bufcount, msg->lm_buflens);
882 msg->lm_secflvr = req->rq_flvr.sf_rpc;
884 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, 0);
887 phdr->ph_bulk_hash_alg = req->rq_flvr.u_bulk.hash.hash_alg;
889 if (req->rq_pack_bulk)
890 phdr->ph_flags |= PLAIN_FL_BULK;
892 rs->rs_repdata_len = len;
894 if (likely(req->rq_packed_final)) {
895 if (lustre_msghdr_get_flags(req->rq_reqmsg) & MSGHDR_AT_SUPPORT)
896 req->rq_reply_off = plain_at_offset;
898 req->rq_reply_off = 0;
900 msg->lm_cksum = crc32_le(!(__u32) 0,
901 lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
902 lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF));
903 req->rq_reply_off = 0;
910 int plain_svc_unwrap_bulk(struct ptlrpc_request *req,
911 struct ptlrpc_bulk_desc *desc)
913 struct ptlrpc_reply_state *rs = req->rq_reply_state;
914 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
915 struct plain_bulk_token *tokenr;
918 LASSERT(req->rq_bulk_write);
919 LASSERT(req->rq_pack_bulk);
921 bsdr = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
922 tokenr = (struct plain_bulk_token *) bsdr->bsd_data;
923 bsdv = lustre_msg_buf(rs->rs_repbuf, PLAIN_PACK_BULK_OFF, 0);
925 bsdv->bsd_version = 0;
926 bsdv->bsd_type = SPTLRPC_BULK_DEFAULT;
927 bsdv->bsd_svc = bsdr->bsd_svc;
930 if (bsdr->bsd_svc == SPTLRPC_BULK_SVC_NULL)
933 rc = plain_verify_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
936 bsdv->bsd_flags |= BSD_FL_ERR;
937 CERROR("bulk write: server verify failed: %d\n", rc);
944 int plain_svc_wrap_bulk(struct ptlrpc_request *req,
945 struct ptlrpc_bulk_desc *desc)
947 struct ptlrpc_reply_state *rs = req->rq_reply_state;
948 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
949 struct plain_bulk_token *tokenv;
952 LASSERT(req->rq_bulk_read);
953 LASSERT(req->rq_pack_bulk);
955 bsdr = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
956 bsdv = lustre_msg_buf(rs->rs_repbuf, PLAIN_PACK_BULK_OFF, 0);
957 tokenv = (struct plain_bulk_token *) bsdv->bsd_data;
959 bsdv->bsd_version = 0;
960 bsdv->bsd_type = SPTLRPC_BULK_DEFAULT;
961 bsdv->bsd_svc = bsdr->bsd_svc;
964 if (bsdr->bsd_svc == SPTLRPC_BULK_SVC_NULL)
967 rc = plain_generate_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
970 CERROR("bulk read: server failed to compute "
971 "checksum: %d\n", rc);
973 if (OBD_FAIL_CHECK(OBD_FAIL_OSC_CHECKSUM_RECEIVE))
974 corrupt_bulk_data(desc);
980 static struct ptlrpc_ctx_ops plain_ctx_ops = {
981 .refresh = plain_ctx_refresh,
982 .validate = plain_ctx_validate,
983 .sign = plain_ctx_sign,
984 .verify = plain_ctx_verify,
985 .wrap_bulk = plain_cli_wrap_bulk,
986 .unwrap_bulk = plain_cli_unwrap_bulk,
989 static struct ptlrpc_sec_cops plain_sec_cops = {
990 .create_sec = plain_create_sec,
991 .destroy_sec = plain_destroy_sec,
992 .kill_sec = plain_kill_sec,
993 .lookup_ctx = plain_lookup_ctx,
994 .release_ctx = plain_release_ctx,
995 .flush_ctx_cache = plain_flush_ctx_cache,
996 .alloc_reqbuf = plain_alloc_reqbuf,
997 .free_reqbuf = plain_free_reqbuf,
998 .alloc_repbuf = plain_alloc_repbuf,
999 .free_repbuf = plain_free_repbuf,
1000 .enlarge_reqbuf = plain_enlarge_reqbuf,
1003 static struct ptlrpc_sec_sops plain_sec_sops = {
1004 .accept = plain_accept,
1005 .alloc_rs = plain_alloc_rs,
1006 .authorize = plain_authorize,
1007 .free_rs = plain_free_rs,
1008 .unwrap_bulk = plain_svc_unwrap_bulk,
1009 .wrap_bulk = plain_svc_wrap_bulk,
1012 static struct ptlrpc_sec_policy plain_policy = {
1013 .sp_owner = THIS_MODULE,
1015 .sp_policy = SPTLRPC_POLICY_PLAIN,
1016 .sp_cops = &plain_sec_cops,
1017 .sp_sops = &plain_sec_sops,
1020 int sptlrpc_plain_init(void)
1022 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
1025 buflens[PLAIN_PACK_MSG_OFF] = lustre_msg_early_size();
1026 plain_at_offset = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
1028 rc = sptlrpc_register_policy(&plain_policy);
1030 CERROR("failed to register: %d\n", rc);
1035 void sptlrpc_plain_fini(void)
1039 rc = sptlrpc_unregister_policy(&plain_policy);
1041 CERROR("cannot unregister: %d\n", rc);