4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see
18 * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
20 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
21 * CA 95054 USA or visit www.sun.com if you need additional information or
27 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
28 * Use is subject to license terms.
30 * Copyright (c) 2011, 2015, Intel Corporation.
33 * This file is part of Lustre, http://www.lustre.org/
34 * Lustre is a trademark of Sun Microsystems, Inc.
36 * lustre/ptlrpc/sec_plain.c
38 * Author: Eric Mei <ericm@clusterfs.com>
41 #define DEBUG_SUBSYSTEM S_SEC
44 #include <obd_support.h>
45 #include <obd_cksum.h>
46 #include <obd_class.h>
47 #include <lustre_net.h>
48 #include <lustre_sec.h>
50 #include "ptlrpc_internal.h"
53 struct ptlrpc_sec pls_base;
55 struct ptlrpc_cli_ctx *pls_ctx;
58 static inline struct plain_sec *sec2plsec(struct ptlrpc_sec *sec)
60 return container_of(sec, struct plain_sec, pls_base);
63 static struct ptlrpc_sec_policy plain_policy;
64 static struct ptlrpc_ctx_ops plain_ctx_ops;
65 static struct ptlrpc_svc_ctx plain_svc_ctx;
67 static unsigned int plain_at_offset;
70 * for simplicity, plain policy rpc use fixed layout.
72 #define PLAIN_PACK_SEGMENTS (4)
74 #define PLAIN_PACK_HDR_OFF (0)
75 #define PLAIN_PACK_MSG_OFF (1)
76 #define PLAIN_PACK_USER_OFF (2)
77 #define PLAIN_PACK_BULK_OFF (3)
79 #define PLAIN_FL_USER (0x01)
80 #define PLAIN_FL_BULK (0x02)
85 __u8 ph_sp; /* source */
86 __u8 ph_bulk_hash_alg; /* complete flavor desc */
90 struct plain_bulk_token {
94 #define PLAIN_BSD_SIZE \
95 (sizeof(struct ptlrpc_bulk_sec_desc) + sizeof(struct plain_bulk_token))
97 /****************************************
98 * bulk checksum helpers *
99 ****************************************/
101 static int plain_unpack_bsd(struct lustre_msg *msg, int swabbed)
103 struct ptlrpc_bulk_sec_desc *bsd;
105 if (bulk_sec_desc_unpack(msg, PLAIN_PACK_BULK_OFF, swabbed))
108 bsd = lustre_msg_buf(msg, PLAIN_PACK_BULK_OFF, PLAIN_BSD_SIZE);
110 CERROR("bulk sec desc has short size %d\n",
111 lustre_msg_buflen(msg, PLAIN_PACK_BULK_OFF));
115 if (bsd->bsd_svc != SPTLRPC_BULK_SVC_NULL &&
116 bsd->bsd_svc != SPTLRPC_BULK_SVC_INTG) {
117 CERROR("invalid bulk svc %u\n", bsd->bsd_svc);
124 static int plain_generate_bulk_csum(struct ptlrpc_bulk_desc *desc,
126 struct plain_bulk_token *token)
128 if (hash_alg == BULK_HASH_ALG_NULL)
131 memset(token->pbt_hash, 0, sizeof(token->pbt_hash));
132 return sptlrpc_get_bulk_checksum(desc, hash_alg, token->pbt_hash,
133 sizeof(token->pbt_hash));
136 static int plain_verify_bulk_csum(struct ptlrpc_bulk_desc *desc,
138 struct plain_bulk_token *tokenr)
140 struct plain_bulk_token tokenv;
143 if (hash_alg == BULK_HASH_ALG_NULL)
146 memset(&tokenv.pbt_hash, 0, sizeof(tokenv.pbt_hash));
147 rc = sptlrpc_get_bulk_checksum(desc, hash_alg, tokenv.pbt_hash,
148 sizeof(tokenv.pbt_hash));
152 if (memcmp(tokenr->pbt_hash, tokenv.pbt_hash, sizeof(tokenr->pbt_hash)))
157 static void corrupt_bulk_data(struct ptlrpc_bulk_desc *desc)
162 LASSERT(ptlrpc_is_bulk_desc_kiov(desc->bd_type));
164 for (i = 0; i < desc->bd_iov_count; i++) {
165 if (BD_GET_KIOV(desc, i).kiov_len == 0)
168 ptr = kmap(BD_GET_KIOV(desc, i).kiov_page);
169 off = BD_GET_KIOV(desc, i).kiov_offset & ~PAGE_MASK;
171 kunmap(BD_GET_KIOV(desc, i).kiov_page);
176 /****************************************
178 ****************************************/
181 int plain_ctx_refresh(struct ptlrpc_cli_ctx *ctx)
183 /* should never reach here */
189 int plain_ctx_validate(struct ptlrpc_cli_ctx *ctx)
195 int plain_ctx_sign(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
197 struct lustre_msg *msg = req->rq_reqbuf;
198 struct plain_header *phdr;
201 msg->lm_secflvr = req->rq_flvr.sf_rpc;
203 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, 0);
206 phdr->ph_sp = ctx->cc_sec->ps_part;
207 phdr->ph_bulk_hash_alg = req->rq_flvr.u_bulk.hash.hash_alg;
209 if (req->rq_pack_udesc)
210 phdr->ph_flags |= PLAIN_FL_USER;
211 if (req->rq_pack_bulk)
212 phdr->ph_flags |= PLAIN_FL_BULK;
214 req->rq_reqdata_len = lustre_msg_size_v2(msg->lm_bufcount,
220 int plain_ctx_verify(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
222 struct lustre_msg *msg = req->rq_repdata;
223 struct plain_header *phdr;
228 if (msg->lm_bufcount != PLAIN_PACK_SEGMENTS) {
229 CERROR("unexpected reply buf count %u\n", msg->lm_bufcount);
233 swabbed = ptlrpc_rep_need_swab(req);
235 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, sizeof(*phdr));
237 CERROR("missing plain header\n");
241 if (phdr->ph_ver != 0) {
242 CERROR("Invalid header version\n");
246 /* expect no user desc in reply */
247 if (phdr->ph_flags & PLAIN_FL_USER) {
248 CERROR("Unexpected udesc flag in reply\n");
252 if (phdr->ph_bulk_hash_alg != req->rq_flvr.u_bulk.hash.hash_alg) {
253 CERROR("reply bulk flavor %u != %u\n", phdr->ph_bulk_hash_alg,
254 req->rq_flvr.u_bulk.hash.hash_alg);
258 if (unlikely(req->rq_early)) {
259 unsigned int hsize = 4;
261 cfs_crypto_hash_digest(CFS_HASH_ALG_CRC32,
262 lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
263 lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF),
264 NULL, 0, (unsigned char *)&cksum, &hsize);
265 if (cksum != msg->lm_cksum) {
267 "early reply checksum mismatch: %08x != %08x\n",
268 cpu_to_le32(cksum), msg->lm_cksum);
272 /* whether we sent with bulk or not, we expect the same
273 * in reply, except for early reply */
274 if (!req->rq_early &&
275 !equi(req->rq_pack_bulk == 1,
276 phdr->ph_flags & PLAIN_FL_BULK)) {
277 CERROR("%s bulk checksum in reply\n",
278 req->rq_pack_bulk ? "Missing" : "Unexpected");
282 if (phdr->ph_flags & PLAIN_FL_BULK) {
283 if (plain_unpack_bsd(msg, swabbed))
288 req->rq_repmsg = lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0);
289 req->rq_replen = lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF);
294 int plain_cli_wrap_bulk(struct ptlrpc_cli_ctx *ctx,
295 struct ptlrpc_request *req,
296 struct ptlrpc_bulk_desc *desc)
298 struct ptlrpc_bulk_sec_desc *bsd;
299 struct plain_bulk_token *token;
302 LASSERT(req->rq_pack_bulk);
303 LASSERT(req->rq_reqbuf->lm_bufcount == PLAIN_PACK_SEGMENTS);
305 bsd = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
306 token = (struct plain_bulk_token *) bsd->bsd_data;
308 bsd->bsd_version = 0;
310 bsd->bsd_type = SPTLRPC_BULK_DEFAULT;
311 bsd->bsd_svc = SPTLRPC_FLVR_BULK_SVC(req->rq_flvr.sf_rpc);
313 if (bsd->bsd_svc == SPTLRPC_BULK_SVC_NULL)
316 if (req->rq_bulk_read)
319 rc = plain_generate_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
322 CERROR("bulk write: failed to compute checksum: %d\n", rc);
325 * for sending we only compute the wrong checksum instead
326 * of corrupting the data so it is still correct on a redo
328 if (OBD_FAIL_CHECK(OBD_FAIL_OSC_CHECKSUM_SEND) &&
329 req->rq_flvr.u_bulk.hash.hash_alg != BULK_HASH_ALG_NULL)
330 token->pbt_hash[0] ^= 0x1;
337 int plain_cli_unwrap_bulk(struct ptlrpc_cli_ctx *ctx,
338 struct ptlrpc_request *req,
339 struct ptlrpc_bulk_desc *desc)
341 struct ptlrpc_bulk_sec_desc *bsdv;
342 struct plain_bulk_token *tokenv;
346 LASSERT(ptlrpc_is_bulk_desc_kiov(desc->bd_type));
347 LASSERT(req->rq_pack_bulk);
348 LASSERT(req->rq_reqbuf->lm_bufcount == PLAIN_PACK_SEGMENTS);
349 LASSERT(req->rq_repdata->lm_bufcount == PLAIN_PACK_SEGMENTS);
351 bsdv = lustre_msg_buf(req->rq_repdata, PLAIN_PACK_BULK_OFF, 0);
352 tokenv = (struct plain_bulk_token *) bsdv->bsd_data;
354 if (req->rq_bulk_write) {
355 if (bsdv->bsd_flags & BSD_FL_ERR)
360 /* fix the actual data size */
361 for (i = 0, nob = 0; i < desc->bd_iov_count; i++) {
362 if (BD_GET_KIOV(desc, i).kiov_len +
363 nob > desc->bd_nob_transferred) {
364 BD_GET_KIOV(desc, i).kiov_len =
365 desc->bd_nob_transferred - nob;
367 nob += BD_GET_KIOV(desc, i).kiov_len;
370 rc = plain_verify_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
373 CERROR("bulk read: client verify failed: %d\n", rc);
378 /****************************************
380 ****************************************/
383 struct ptlrpc_cli_ctx *plain_sec_install_ctx(struct plain_sec *plsec)
385 struct ptlrpc_cli_ctx *ctx, *ctx_new;
387 OBD_ALLOC_PTR(ctx_new);
389 write_lock(&plsec->pls_lock);
391 ctx = plsec->pls_ctx;
393 atomic_inc(&ctx->cc_refcount);
396 OBD_FREE_PTR(ctx_new);
397 } else if (ctx_new) {
400 atomic_set(&ctx->cc_refcount, 1); /* for cache */
401 ctx->cc_sec = &plsec->pls_base;
402 ctx->cc_ops = &plain_ctx_ops;
404 ctx->cc_flags = PTLRPC_CTX_CACHED | PTLRPC_CTX_UPTODATE;
405 ctx->cc_vcred.vc_uid = 0;
406 spin_lock_init(&ctx->cc_lock);
407 INIT_LIST_HEAD(&ctx->cc_req_list);
408 INIT_LIST_HEAD(&ctx->cc_gc_chain);
410 plsec->pls_ctx = ctx;
411 atomic_inc(&plsec->pls_base.ps_nctx);
412 atomic_inc(&plsec->pls_base.ps_refcount);
414 atomic_inc(&ctx->cc_refcount); /* for caller */
417 write_unlock(&plsec->pls_lock);
423 void plain_destroy_sec(struct ptlrpc_sec *sec)
425 struct plain_sec *plsec = sec2plsec(sec);
428 LASSERT(sec->ps_policy == &plain_policy);
429 LASSERT(sec->ps_import);
430 LASSERT(atomic_read(&sec->ps_refcount) == 0);
431 LASSERT(atomic_read(&sec->ps_nctx) == 0);
432 LASSERT(plsec->pls_ctx == NULL);
434 class_import_put(sec->ps_import);
441 void plain_kill_sec(struct ptlrpc_sec *sec)
447 struct ptlrpc_sec *plain_create_sec(struct obd_import *imp,
448 struct ptlrpc_svc_ctx *svc_ctx,
449 struct sptlrpc_flavor *sf)
451 struct plain_sec *plsec;
452 struct ptlrpc_sec *sec;
453 struct ptlrpc_cli_ctx *ctx;
456 LASSERT(SPTLRPC_FLVR_POLICY(sf->sf_rpc) == SPTLRPC_POLICY_PLAIN);
458 OBD_ALLOC_PTR(plsec);
463 * initialize plain_sec
465 rwlock_init(&plsec->pls_lock);
466 plsec->pls_ctx = NULL;
468 sec = &plsec->pls_base;
469 sec->ps_policy = &plain_policy;
470 atomic_set(&sec->ps_refcount, 0);
471 atomic_set(&sec->ps_nctx, 0);
472 sec->ps_id = sptlrpc_get_next_secid();
473 sec->ps_import = class_import_get(imp);
475 spin_lock_init(&sec->ps_lock);
476 INIT_LIST_HEAD(&sec->ps_gc_list);
477 sec->ps_gc_interval = 0;
480 /* install ctx immediately if this is a reverse sec */
482 ctx = plain_sec_install_ctx(plsec);
484 plain_destroy_sec(sec);
487 sptlrpc_cli_ctx_put(ctx, 1);
494 struct ptlrpc_cli_ctx *plain_lookup_ctx(struct ptlrpc_sec *sec,
495 struct vfs_cred *vcred,
496 int create, int remove_dead)
498 struct plain_sec *plsec = sec2plsec(sec);
499 struct ptlrpc_cli_ctx *ctx;
502 read_lock(&plsec->pls_lock);
503 ctx = plsec->pls_ctx;
505 atomic_inc(&ctx->cc_refcount);
506 read_unlock(&plsec->pls_lock);
508 if (unlikely(ctx == NULL))
509 ctx = plain_sec_install_ctx(plsec);
515 void plain_release_ctx(struct ptlrpc_sec *sec,
516 struct ptlrpc_cli_ctx *ctx, int sync)
518 LASSERT(atomic_read(&sec->ps_refcount) > 0);
519 LASSERT(atomic_read(&sec->ps_nctx) > 0);
520 LASSERT(atomic_read(&ctx->cc_refcount) == 0);
521 LASSERT(ctx->cc_sec == sec);
525 atomic_dec(&sec->ps_nctx);
526 sptlrpc_sec_put(sec);
530 int plain_flush_ctx_cache(struct ptlrpc_sec *sec,
531 uid_t uid, int grace, int force)
533 struct plain_sec *plsec = sec2plsec(sec);
534 struct ptlrpc_cli_ctx *ctx;
537 /* do nothing unless caller want to flush for 'all' */
541 write_lock(&plsec->pls_lock);
542 ctx = plsec->pls_ctx;
543 plsec->pls_ctx = NULL;
544 write_unlock(&plsec->pls_lock);
547 sptlrpc_cli_ctx_put(ctx, 1);
552 int plain_alloc_reqbuf(struct ptlrpc_sec *sec,
553 struct ptlrpc_request *req,
556 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
560 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
561 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
563 if (req->rq_pack_udesc)
564 buflens[PLAIN_PACK_USER_OFF] = sptlrpc_current_user_desc_size();
566 if (req->rq_pack_bulk) {
567 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
568 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
571 alloc_len = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
573 if (!req->rq_reqbuf) {
574 LASSERT(!req->rq_pool);
576 alloc_len = size_roundup_power2(alloc_len);
577 OBD_ALLOC_LARGE(req->rq_reqbuf, alloc_len);
581 req->rq_reqbuf_len = alloc_len;
583 LASSERT(req->rq_pool);
584 LASSERT(req->rq_reqbuf_len >= alloc_len);
585 memset(req->rq_reqbuf, 0, alloc_len);
588 lustre_init_msg_v2(req->rq_reqbuf, PLAIN_PACK_SEGMENTS, buflens, NULL);
589 req->rq_reqmsg = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_MSG_OFF, 0);
591 if (req->rq_pack_udesc)
592 sptlrpc_pack_user_desc(req->rq_reqbuf, PLAIN_PACK_USER_OFF);
598 void plain_free_reqbuf(struct ptlrpc_sec *sec,
599 struct ptlrpc_request *req)
603 OBD_FREE_LARGE(req->rq_reqbuf, req->rq_reqbuf_len);
604 req->rq_reqbuf = NULL;
605 req->rq_reqbuf_len = 0;
611 int plain_alloc_repbuf(struct ptlrpc_sec *sec,
612 struct ptlrpc_request *req,
615 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
619 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
620 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
622 if (req->rq_pack_bulk) {
623 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
624 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
627 alloc_len = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
629 /* add space for early reply */
630 alloc_len += plain_at_offset;
632 alloc_len = size_roundup_power2(alloc_len);
634 OBD_ALLOC_LARGE(req->rq_repbuf, alloc_len);
638 req->rq_repbuf_len = alloc_len;
643 void plain_free_repbuf(struct ptlrpc_sec *sec,
644 struct ptlrpc_request *req)
647 OBD_FREE_LARGE(req->rq_repbuf, req->rq_repbuf_len);
648 req->rq_repbuf = NULL;
649 req->rq_repbuf_len = 0;
654 int plain_enlarge_reqbuf(struct ptlrpc_sec *sec,
655 struct ptlrpc_request *req,
656 int segment, int newsize)
658 struct lustre_msg *newbuf;
660 int newmsg_size, newbuf_size;
663 LASSERT(req->rq_reqbuf);
664 LASSERT(req->rq_reqbuf_len >= req->rq_reqlen);
665 LASSERT(lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_MSG_OFF, 0) ==
668 /* compute new embedded msg size. */
669 oldsize = req->rq_reqmsg->lm_buflens[segment];
670 req->rq_reqmsg->lm_buflens[segment] = newsize;
671 newmsg_size = lustre_msg_size_v2(req->rq_reqmsg->lm_bufcount,
672 req->rq_reqmsg->lm_buflens);
673 req->rq_reqmsg->lm_buflens[segment] = oldsize;
675 /* compute new wrapper msg size. */
676 oldsize = req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF];
677 req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF] = newmsg_size;
678 newbuf_size = lustre_msg_size_v2(req->rq_reqbuf->lm_bufcount,
679 req->rq_reqbuf->lm_buflens);
680 req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF] = oldsize;
682 /* request from pool should always have enough buffer */
683 LASSERT(!req->rq_pool || req->rq_reqbuf_len >= newbuf_size);
685 if (req->rq_reqbuf_len < newbuf_size) {
686 newbuf_size = size_roundup_power2(newbuf_size);
688 OBD_ALLOC_LARGE(newbuf, newbuf_size);
692 /* Must lock this, so that otherwise unprotected change of
693 * rq_reqmsg is not racing with parallel processing of
694 * imp_replay_list traversing threads. See LU-3333
695 * This is a bandaid at best, we really need to deal with this
696 * in request enlarging code before unpacking that's already
699 spin_lock(&req->rq_import->imp_lock);
701 memcpy(newbuf, req->rq_reqbuf, req->rq_reqbuf_len);
703 OBD_FREE_LARGE(req->rq_reqbuf, req->rq_reqbuf_len);
704 req->rq_reqbuf = newbuf;
705 req->rq_reqbuf_len = newbuf_size;
706 req->rq_reqmsg = lustre_msg_buf(req->rq_reqbuf,
707 PLAIN_PACK_MSG_OFF, 0);
710 spin_unlock(&req->rq_import->imp_lock);
713 _sptlrpc_enlarge_msg_inplace(req->rq_reqbuf, PLAIN_PACK_MSG_OFF,
715 _sptlrpc_enlarge_msg_inplace(req->rq_reqmsg, segment, newsize);
717 req->rq_reqlen = newmsg_size;
721 /****************************************
723 ****************************************/
725 static struct ptlrpc_svc_ctx plain_svc_ctx = {
726 .sc_refcount = ATOMIC_INIT(1),
727 .sc_policy = &plain_policy,
731 int plain_accept(struct ptlrpc_request *req)
733 struct lustre_msg *msg = req->rq_reqbuf;
734 struct plain_header *phdr;
738 LASSERT(SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc) ==
739 SPTLRPC_POLICY_PLAIN);
741 if (SPTLRPC_FLVR_BASE(req->rq_flvr.sf_rpc) !=
742 SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_PLAIN) ||
743 SPTLRPC_FLVR_BULK_TYPE(req->rq_flvr.sf_rpc) !=
744 SPTLRPC_FLVR_BULK_TYPE(SPTLRPC_FLVR_PLAIN)) {
745 CERROR("Invalid rpc flavor %x\n", req->rq_flvr.sf_rpc);
749 if (msg->lm_bufcount < PLAIN_PACK_SEGMENTS) {
750 CERROR("unexpected request buf count %u\n", msg->lm_bufcount);
754 swabbed = ptlrpc_req_need_swab(req);
756 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, sizeof(*phdr));
758 CERROR("missing plain header\n");
762 if (phdr->ph_ver != 0) {
763 CERROR("Invalid header version\n");
767 if (phdr->ph_bulk_hash_alg >= BULK_HASH_ALG_MAX) {
768 CERROR("invalid hash algorithm: %u\n", phdr->ph_bulk_hash_alg);
772 req->rq_sp_from = phdr->ph_sp;
773 req->rq_flvr.u_bulk.hash.hash_alg = phdr->ph_bulk_hash_alg;
775 if (phdr->ph_flags & PLAIN_FL_USER) {
776 if (sptlrpc_unpack_user_desc(msg, PLAIN_PACK_USER_OFF,
778 CERROR("Mal-formed user descriptor\n");
782 req->rq_pack_udesc = 1;
783 req->rq_user_desc = lustre_msg_buf(msg, PLAIN_PACK_USER_OFF, 0);
786 if (phdr->ph_flags & PLAIN_FL_BULK) {
787 if (plain_unpack_bsd(msg, swabbed))
790 req->rq_pack_bulk = 1;
793 req->rq_reqmsg = lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0);
794 req->rq_reqlen = msg->lm_buflens[PLAIN_PACK_MSG_OFF];
796 req->rq_svc_ctx = &plain_svc_ctx;
797 atomic_inc(&req->rq_svc_ctx->sc_refcount);
803 int plain_alloc_rs(struct ptlrpc_request *req, int msgsize)
805 struct ptlrpc_reply_state *rs;
806 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
807 int rs_size = sizeof(*rs);
810 LASSERT(msgsize % 8 == 0);
812 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
813 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
815 if (req->rq_pack_bulk && (req->rq_bulk_read || req->rq_bulk_write))
816 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
818 rs_size += lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
820 rs = req->rq_reply_state;
824 LASSERT(rs->rs_size >= rs_size);
826 OBD_ALLOC_LARGE(rs, rs_size);
830 rs->rs_size = rs_size;
833 rs->rs_svc_ctx = req->rq_svc_ctx;
834 atomic_inc(&req->rq_svc_ctx->sc_refcount);
835 rs->rs_repbuf = (struct lustre_msg *) (rs + 1);
836 rs->rs_repbuf_len = rs_size - sizeof(*rs);
838 lustre_init_msg_v2(rs->rs_repbuf, PLAIN_PACK_SEGMENTS, buflens, NULL);
839 rs->rs_msg = lustre_msg_buf_v2(rs->rs_repbuf, PLAIN_PACK_MSG_OFF, 0);
841 req->rq_reply_state = rs;
846 void plain_free_rs(struct ptlrpc_reply_state *rs)
850 LASSERT(atomic_read(&rs->rs_svc_ctx->sc_refcount) > 1);
851 atomic_dec(&rs->rs_svc_ctx->sc_refcount);
853 if (!rs->rs_prealloc)
854 OBD_FREE_LARGE(rs, rs->rs_size);
859 int plain_authorize(struct ptlrpc_request *req)
861 struct ptlrpc_reply_state *rs = req->rq_reply_state;
862 struct lustre_msg_v2 *msg = rs->rs_repbuf;
863 struct plain_header *phdr;
870 if (req->rq_replen != msg->lm_buflens[PLAIN_PACK_MSG_OFF])
871 len = lustre_shrink_msg(msg, PLAIN_PACK_MSG_OFF,
874 len = lustre_msg_size_v2(msg->lm_bufcount, msg->lm_buflens);
876 msg->lm_secflvr = req->rq_flvr.sf_rpc;
878 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, 0);
881 phdr->ph_bulk_hash_alg = req->rq_flvr.u_bulk.hash.hash_alg;
883 if (req->rq_pack_bulk)
884 phdr->ph_flags |= PLAIN_FL_BULK;
886 rs->rs_repdata_len = len;
888 if (likely(req->rq_packed_final)) {
889 if (lustre_msghdr_get_flags(req->rq_reqmsg) & MSGHDR_AT_SUPPORT)
890 req->rq_reply_off = plain_at_offset;
892 req->rq_reply_off = 0;
894 unsigned int hsize = 4;
896 cfs_crypto_hash_digest(CFS_HASH_ALG_CRC32,
897 lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
898 lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF),
899 NULL, 0, (unsigned char *)&msg->lm_cksum, &hsize);
900 req->rq_reply_off = 0;
907 int plain_svc_unwrap_bulk(struct ptlrpc_request *req,
908 struct ptlrpc_bulk_desc *desc)
910 struct ptlrpc_reply_state *rs = req->rq_reply_state;
911 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
912 struct plain_bulk_token *tokenr;
915 LASSERT(req->rq_bulk_write);
916 LASSERT(req->rq_pack_bulk);
918 bsdr = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
919 tokenr = (struct plain_bulk_token *) bsdr->bsd_data;
920 bsdv = lustre_msg_buf(rs->rs_repbuf, PLAIN_PACK_BULK_OFF, 0);
922 bsdv->bsd_version = 0;
923 bsdv->bsd_type = SPTLRPC_BULK_DEFAULT;
924 bsdv->bsd_svc = bsdr->bsd_svc;
927 if (bsdr->bsd_svc == SPTLRPC_BULK_SVC_NULL)
930 rc = plain_verify_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
933 bsdv->bsd_flags |= BSD_FL_ERR;
934 CERROR("bulk write: server verify failed: %d\n", rc);
941 int plain_svc_wrap_bulk(struct ptlrpc_request *req,
942 struct ptlrpc_bulk_desc *desc)
944 struct ptlrpc_reply_state *rs = req->rq_reply_state;
945 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
946 struct plain_bulk_token *tokenv;
949 LASSERT(req->rq_bulk_read);
950 LASSERT(req->rq_pack_bulk);
952 bsdr = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
953 bsdv = lustre_msg_buf(rs->rs_repbuf, PLAIN_PACK_BULK_OFF, 0);
954 tokenv = (struct plain_bulk_token *) bsdv->bsd_data;
956 bsdv->bsd_version = 0;
957 bsdv->bsd_type = SPTLRPC_BULK_DEFAULT;
958 bsdv->bsd_svc = bsdr->bsd_svc;
961 if (bsdr->bsd_svc == SPTLRPC_BULK_SVC_NULL)
964 rc = plain_generate_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
967 CERROR("bulk read: server failed to compute "
968 "checksum: %d\n", rc);
970 if (OBD_FAIL_CHECK(OBD_FAIL_OSC_CHECKSUM_RECEIVE))
971 corrupt_bulk_data(desc);
977 static struct ptlrpc_ctx_ops plain_ctx_ops = {
978 .refresh = plain_ctx_refresh,
979 .validate = plain_ctx_validate,
980 .sign = plain_ctx_sign,
981 .verify = plain_ctx_verify,
982 .wrap_bulk = plain_cli_wrap_bulk,
983 .unwrap_bulk = plain_cli_unwrap_bulk,
986 static struct ptlrpc_sec_cops plain_sec_cops = {
987 .create_sec = plain_create_sec,
988 .destroy_sec = plain_destroy_sec,
989 .kill_sec = plain_kill_sec,
990 .lookup_ctx = plain_lookup_ctx,
991 .release_ctx = plain_release_ctx,
992 .flush_ctx_cache = plain_flush_ctx_cache,
993 .alloc_reqbuf = plain_alloc_reqbuf,
994 .free_reqbuf = plain_free_reqbuf,
995 .alloc_repbuf = plain_alloc_repbuf,
996 .free_repbuf = plain_free_repbuf,
997 .enlarge_reqbuf = plain_enlarge_reqbuf,
1000 static struct ptlrpc_sec_sops plain_sec_sops = {
1001 .accept = plain_accept,
1002 .alloc_rs = plain_alloc_rs,
1003 .authorize = plain_authorize,
1004 .free_rs = plain_free_rs,
1005 .unwrap_bulk = plain_svc_unwrap_bulk,
1006 .wrap_bulk = plain_svc_wrap_bulk,
1009 static struct ptlrpc_sec_policy plain_policy = {
1010 .sp_owner = THIS_MODULE,
1012 .sp_policy = SPTLRPC_POLICY_PLAIN,
1013 .sp_cops = &plain_sec_cops,
1014 .sp_sops = &plain_sec_sops,
1017 int sptlrpc_plain_init(void)
1019 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
1022 buflens[PLAIN_PACK_MSG_OFF] = lustre_msg_early_size();
1023 plain_at_offset = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
1025 rc = sptlrpc_register_policy(&plain_policy);
1027 CERROR("failed to register: %d\n", rc);
1032 void sptlrpc_plain_fini(void)
1036 rc = sptlrpc_unregister_policy(&plain_policy);
1038 CERROR("cannot unregister: %d\n", rc);