4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see
18 * http://www.gnu.org/licenses/gpl-2.0.html
23 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Use is subject to license terms.
26 * Copyright (c) 2011, 2015, Intel Corporation.
29 * This file is part of Lustre, http://www.lustre.org/
30 * Lustre is a trademark of Sun Microsystems, Inc.
32 * lustre/ptlrpc/sec_plain.c
34 * Author: Eric Mei <ericm@clusterfs.com>
37 #define DEBUG_SUBSYSTEM S_SEC
40 #include <obd_support.h>
41 #include <obd_cksum.h>
42 #include <obd_class.h>
43 #include <lustre_net.h>
44 #include <lustre_sec.h>
46 #include "ptlrpc_internal.h"
49 struct ptlrpc_sec pls_base;
51 struct ptlrpc_cli_ctx *pls_ctx;
54 static inline struct plain_sec *sec2plsec(struct ptlrpc_sec *sec)
56 return container_of(sec, struct plain_sec, pls_base);
59 static struct ptlrpc_sec_policy plain_policy;
60 static struct ptlrpc_ctx_ops plain_ctx_ops;
61 static struct ptlrpc_svc_ctx plain_svc_ctx;
63 static unsigned int plain_at_offset;
66 * for simplicity, plain policy rpc use fixed layout.
68 #define PLAIN_PACK_SEGMENTS (4)
70 #define PLAIN_PACK_HDR_OFF (0)
71 #define PLAIN_PACK_MSG_OFF (1)
72 #define PLAIN_PACK_USER_OFF (2)
73 #define PLAIN_PACK_BULK_OFF (3)
75 #define PLAIN_FL_USER (0x01)
76 #define PLAIN_FL_BULK (0x02)
81 __u8 ph_sp; /* source */
82 __u8 ph_bulk_hash_alg; /* complete flavor desc */
86 struct plain_bulk_token {
90 #define PLAIN_BSD_SIZE \
91 (sizeof(struct ptlrpc_bulk_sec_desc) + sizeof(struct plain_bulk_token))
94 * bulk checksum helpers
97 static int plain_unpack_bsd(struct lustre_msg *msg, int swabbed)
99 struct ptlrpc_bulk_sec_desc *bsd;
101 if (bulk_sec_desc_unpack(msg, PLAIN_PACK_BULK_OFF, swabbed))
104 bsd = lustre_msg_buf(msg, PLAIN_PACK_BULK_OFF, PLAIN_BSD_SIZE);
106 CERROR("bulk sec desc has short size %d\n",
107 lustre_msg_buflen(msg, PLAIN_PACK_BULK_OFF));
111 if (bsd->bsd_svc != SPTLRPC_BULK_SVC_NULL &&
112 bsd->bsd_svc != SPTLRPC_BULK_SVC_INTG) {
113 CERROR("invalid bulk svc %u\n", bsd->bsd_svc);
120 static int plain_generate_bulk_csum(struct ptlrpc_bulk_desc *desc,
122 struct plain_bulk_token *token)
124 if (hash_alg == BULK_HASH_ALG_NULL)
127 memset(token->pbt_hash, 0, sizeof(token->pbt_hash));
128 return sptlrpc_get_bulk_checksum(desc, hash_alg, token->pbt_hash,
129 sizeof(token->pbt_hash));
132 static int plain_verify_bulk_csum(struct ptlrpc_bulk_desc *desc,
134 struct plain_bulk_token *tokenr)
136 struct plain_bulk_token tokenv;
139 if (hash_alg == BULK_HASH_ALG_NULL)
142 memset(&tokenv.pbt_hash, 0, sizeof(tokenv.pbt_hash));
143 rc = sptlrpc_get_bulk_checksum(desc, hash_alg, tokenv.pbt_hash,
144 sizeof(tokenv.pbt_hash));
148 if (memcmp(tokenr->pbt_hash, tokenv.pbt_hash, sizeof(tokenr->pbt_hash)))
153 static void corrupt_bulk_data(struct ptlrpc_bulk_desc *desc)
158 for (i = 0; i < desc->bd_iov_count; i++) {
159 if (desc->bd_vec[i].bv_len == 0)
162 ptr = kmap(desc->bd_vec[i].bv_page);
163 off = desc->bd_vec[i].bv_offset & ~PAGE_MASK;
165 kunmap(desc->bd_vec[i].bv_page);
175 int plain_ctx_refresh(struct ptlrpc_cli_ctx *ctx)
177 /* should never reach here */
183 int plain_ctx_validate(struct ptlrpc_cli_ctx *ctx)
189 int plain_ctx_sign(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
191 struct lustre_msg *msg = req->rq_reqbuf;
192 struct plain_header *phdr;
196 msg->lm_secflvr = req->rq_flvr.sf_rpc;
198 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, 0);
201 phdr->ph_sp = ctx->cc_sec->ps_part;
202 phdr->ph_bulk_hash_alg = req->rq_flvr.u_bulk.hash.hash_alg;
204 if (req->rq_pack_udesc)
205 phdr->ph_flags |= PLAIN_FL_USER;
206 if (req->rq_pack_bulk)
207 phdr->ph_flags |= PLAIN_FL_BULK;
209 req->rq_reqdata_len = lustre_msg_size_v2(msg->lm_bufcount,
215 int plain_ctx_verify(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
217 struct lustre_msg *msg = req->rq_repdata;
218 struct plain_header *phdr;
223 if (msg->lm_bufcount != PLAIN_PACK_SEGMENTS) {
224 CERROR("unexpected reply buf count %u\n", msg->lm_bufcount);
228 swabbed = ptlrpc_rep_need_swab(req);
230 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, sizeof(*phdr));
232 CERROR("missing plain header\n");
236 if (phdr->ph_ver != 0) {
237 CERROR("Invalid header version\n");
241 /* expect no user desc in reply */
242 if (phdr->ph_flags & PLAIN_FL_USER) {
243 CERROR("Unexpected udesc flag in reply\n");
247 if (phdr->ph_bulk_hash_alg != req->rq_flvr.u_bulk.hash.hash_alg) {
248 CERROR("reply bulk flavor %u != %u\n", phdr->ph_bulk_hash_alg,
249 req->rq_flvr.u_bulk.hash.hash_alg);
253 if (unlikely(req->rq_early)) {
254 unsigned int hsize = 4;
256 cfs_crypto_hash_digest(CFS_HASH_ALG_CRC32,
257 lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
258 lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF),
259 NULL, 0, (unsigned char *)&cksum, &hsize);
260 if (cksum != msg->lm_cksum) {
262 "early reply checksum mismatch: %08x != %08x\n",
263 cpu_to_le32(cksum), msg->lm_cksum);
268 * whether we sent with bulk or not, we expect the same
269 * in reply, except for early reply
271 if (!req->rq_early &&
272 !equi(req->rq_pack_bulk == 1,
273 phdr->ph_flags & PLAIN_FL_BULK)) {
274 CERROR("%s bulk checksum in reply\n",
275 req->rq_pack_bulk ? "Missing" : "Unexpected");
279 if (phdr->ph_flags & PLAIN_FL_BULK) {
280 if (plain_unpack_bsd(msg, swabbed))
285 req->rq_repmsg = lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0);
286 req->rq_replen = lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF);
291 int plain_cli_wrap_bulk(struct ptlrpc_cli_ctx *ctx,
292 struct ptlrpc_request *req,
293 struct ptlrpc_bulk_desc *desc)
295 struct ptlrpc_bulk_sec_desc *bsd;
296 struct plain_bulk_token *token;
299 LASSERT(req->rq_pack_bulk);
300 LASSERT(req->rq_reqbuf->lm_bufcount == PLAIN_PACK_SEGMENTS);
302 bsd = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
303 token = (struct plain_bulk_token *) bsd->bsd_data;
305 bsd->bsd_version = 0;
307 bsd->bsd_type = SPTLRPC_BULK_DEFAULT;
308 bsd->bsd_svc = SPTLRPC_FLVR_BULK_SVC(req->rq_flvr.sf_rpc);
310 if (bsd->bsd_svc == SPTLRPC_BULK_SVC_NULL)
313 if (req->rq_bulk_read)
316 rc = plain_generate_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
319 CERROR("bulk write: failed to compute checksum: %d\n", rc);
322 * for sending we only compute the wrong checksum instead
323 * of corrupting the data so it is still correct on a redo
325 if (OBD_FAIL_CHECK(OBD_FAIL_OSC_CHECKSUM_SEND) &&
326 req->rq_flvr.u_bulk.hash.hash_alg != BULK_HASH_ALG_NULL)
327 token->pbt_hash[0] ^= 0x1;
334 int plain_cli_unwrap_bulk(struct ptlrpc_cli_ctx *ctx,
335 struct ptlrpc_request *req,
336 struct ptlrpc_bulk_desc *desc)
338 struct ptlrpc_bulk_sec_desc *bsdv;
339 struct plain_bulk_token *tokenv;
343 LASSERT(req->rq_pack_bulk);
344 LASSERT(req->rq_reqbuf->lm_bufcount == PLAIN_PACK_SEGMENTS);
345 LASSERT(req->rq_repdata->lm_bufcount == PLAIN_PACK_SEGMENTS);
347 bsdv = lustre_msg_buf(req->rq_repdata, PLAIN_PACK_BULK_OFF, 0);
348 tokenv = (struct plain_bulk_token *) bsdv->bsd_data;
350 if (req->rq_bulk_write) {
351 if (bsdv->bsd_flags & BSD_FL_ERR)
356 /* fix the actual data size */
357 for (i = 0, nob = 0; i < desc->bd_iov_count; i++) {
358 if (desc->bd_vec[i].bv_len +
359 nob > desc->bd_nob_transferred) {
360 desc->bd_vec[i].bv_len =
361 desc->bd_nob_transferred - nob;
363 nob += desc->bd_vec[i].bv_len;
366 rc = plain_verify_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
369 CERROR("bulk read: client verify failed: %d\n", rc);
379 struct ptlrpc_cli_ctx *plain_sec_install_ctx(struct plain_sec *plsec)
381 struct ptlrpc_cli_ctx *ctx, *ctx_new;
383 OBD_ALLOC_PTR(ctx_new);
385 write_lock(&plsec->pls_lock);
387 ctx = plsec->pls_ctx;
389 atomic_inc(&ctx->cc_refcount);
392 OBD_FREE_PTR(ctx_new);
393 } else if (ctx_new) {
396 atomic_set(&ctx->cc_refcount, 1); /* for cache */
397 ctx->cc_sec = &plsec->pls_base;
398 ctx->cc_ops = &plain_ctx_ops;
400 ctx->cc_flags = PTLRPC_CTX_CACHED | PTLRPC_CTX_UPTODATE;
401 ctx->cc_vcred.vc_uid = 0;
402 spin_lock_init(&ctx->cc_lock);
403 INIT_LIST_HEAD(&ctx->cc_req_list);
404 INIT_LIST_HEAD(&ctx->cc_gc_chain);
406 plsec->pls_ctx = ctx;
407 atomic_inc(&plsec->pls_base.ps_nctx);
408 atomic_inc(&plsec->pls_base.ps_refcount);
410 atomic_inc(&ctx->cc_refcount); /* for caller */
413 write_unlock(&plsec->pls_lock);
419 void plain_destroy_sec(struct ptlrpc_sec *sec)
421 struct plain_sec *plsec = sec2plsec(sec);
425 LASSERT(sec->ps_policy == &plain_policy);
426 LASSERT(sec->ps_import);
427 LASSERT(atomic_read(&sec->ps_refcount) == 0);
428 LASSERT(atomic_read(&sec->ps_nctx) == 0);
429 LASSERT(plsec->pls_ctx == NULL);
431 class_import_put(sec->ps_import);
438 void plain_kill_sec(struct ptlrpc_sec *sec)
444 struct ptlrpc_sec *plain_create_sec(struct obd_import *imp,
445 struct ptlrpc_svc_ctx *svc_ctx,
446 struct sptlrpc_flavor *sf)
448 struct plain_sec *plsec;
449 struct ptlrpc_sec *sec;
450 struct ptlrpc_cli_ctx *ctx;
454 LASSERT(SPTLRPC_FLVR_POLICY(sf->sf_rpc) == SPTLRPC_POLICY_PLAIN);
456 OBD_ALLOC_PTR(plsec);
461 * initialize plain_sec
463 rwlock_init(&plsec->pls_lock);
464 plsec->pls_ctx = NULL;
466 sec = &plsec->pls_base;
467 sec->ps_policy = &plain_policy;
468 atomic_set(&sec->ps_refcount, 0);
469 atomic_set(&sec->ps_nctx, 0);
470 sec->ps_id = sptlrpc_get_next_secid();
471 sec->ps_import = class_import_get(imp);
473 spin_lock_init(&sec->ps_lock);
474 INIT_LIST_HEAD(&sec->ps_gc_list);
475 sec->ps_gc_interval = 0;
478 /* install ctx immediately if this is a reverse sec */
480 ctx = plain_sec_install_ctx(plsec);
482 plain_destroy_sec(sec);
485 sptlrpc_cli_ctx_put(ctx, 1);
492 struct ptlrpc_cli_ctx *plain_lookup_ctx(struct ptlrpc_sec *sec,
493 struct vfs_cred *vcred,
494 int create, int remove_dead)
496 struct plain_sec *plsec = sec2plsec(sec);
497 struct ptlrpc_cli_ctx *ctx;
501 read_lock(&plsec->pls_lock);
502 ctx = plsec->pls_ctx;
504 atomic_inc(&ctx->cc_refcount);
505 read_unlock(&plsec->pls_lock);
507 if (unlikely(ctx == NULL))
508 ctx = plain_sec_install_ctx(plsec);
514 void plain_release_ctx(struct ptlrpc_sec *sec,
515 struct ptlrpc_cli_ctx *ctx, int sync)
517 LASSERT(atomic_read(&sec->ps_refcount) > 0);
518 LASSERT(atomic_read(&sec->ps_nctx) > 0);
519 LASSERT(atomic_read(&ctx->cc_refcount) == 0);
520 LASSERT(ctx->cc_sec == sec);
524 atomic_dec(&sec->ps_nctx);
525 sptlrpc_sec_put(sec);
529 int plain_flush_ctx_cache(struct ptlrpc_sec *sec,
530 uid_t uid, int grace, int force)
532 struct plain_sec *plsec = sec2plsec(sec);
533 struct ptlrpc_cli_ctx *ctx;
537 /* do nothing unless caller want to flush for 'all' */
541 write_lock(&plsec->pls_lock);
542 ctx = plsec->pls_ctx;
543 plsec->pls_ctx = NULL;
544 write_unlock(&plsec->pls_lock);
547 sptlrpc_cli_ctx_put(ctx, 1);
552 int plain_alloc_reqbuf(struct ptlrpc_sec *sec,
553 struct ptlrpc_request *req,
556 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
561 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
562 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
564 if (req->rq_pack_udesc)
565 buflens[PLAIN_PACK_USER_OFF] = sptlrpc_current_user_desc_size();
567 if (req->rq_pack_bulk) {
568 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
569 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
572 alloc_len = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
574 if (!req->rq_reqbuf) {
575 LASSERT(!req->rq_pool);
577 alloc_len = size_roundup_power2(alloc_len);
578 OBD_ALLOC_LARGE(req->rq_reqbuf, alloc_len);
582 req->rq_reqbuf_len = alloc_len;
584 LASSERT(req->rq_pool);
585 LASSERT(req->rq_reqbuf_len >= alloc_len);
586 memset(req->rq_reqbuf, 0, alloc_len);
589 lustre_init_msg_v2(req->rq_reqbuf, PLAIN_PACK_SEGMENTS, buflens, NULL);
590 req->rq_reqmsg = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_MSG_OFF, 0);
592 if (req->rq_pack_udesc)
593 sptlrpc_pack_user_desc(req->rq_reqbuf, PLAIN_PACK_USER_OFF);
599 void plain_free_reqbuf(struct ptlrpc_sec *sec,
600 struct ptlrpc_request *req)
604 OBD_FREE_LARGE(req->rq_reqbuf, req->rq_reqbuf_len);
605 req->rq_reqbuf = NULL;
606 req->rq_reqbuf_len = 0;
612 int plain_alloc_repbuf(struct ptlrpc_sec *sec,
613 struct ptlrpc_request *req,
616 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
621 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
622 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
624 if (req->rq_pack_bulk) {
625 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
626 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
629 alloc_len = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
631 /* add space for early reply */
632 alloc_len += plain_at_offset;
634 alloc_len = size_roundup_power2(alloc_len);
636 OBD_ALLOC_LARGE(req->rq_repbuf, alloc_len);
640 req->rq_repbuf_len = alloc_len;
645 void plain_free_repbuf(struct ptlrpc_sec *sec,
646 struct ptlrpc_request *req)
649 OBD_FREE_LARGE(req->rq_repbuf, req->rq_repbuf_len);
650 req->rq_repbuf = NULL;
651 req->rq_repbuf_len = 0;
656 int plain_enlarge_reqbuf(struct ptlrpc_sec *sec,
657 struct ptlrpc_request *req,
658 int segment, int newsize)
660 struct lustre_msg *newbuf;
662 int newmsg_size, newbuf_size;
666 LASSERT(req->rq_reqbuf);
667 LASSERT(req->rq_reqbuf_len >= req->rq_reqlen);
668 LASSERT(lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_MSG_OFF, 0) ==
671 /* compute new embedded msg size. */
672 oldsize = req->rq_reqmsg->lm_buflens[segment];
673 req->rq_reqmsg->lm_buflens[segment] = newsize;
674 newmsg_size = lustre_msg_size_v2(req->rq_reqmsg->lm_bufcount,
675 req->rq_reqmsg->lm_buflens);
676 req->rq_reqmsg->lm_buflens[segment] = oldsize;
678 /* compute new wrapper msg size. */
679 oldsize = req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF];
680 req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF] = newmsg_size;
681 newbuf_size = lustre_msg_size_v2(req->rq_reqbuf->lm_bufcount,
682 req->rq_reqbuf->lm_buflens);
683 req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF] = oldsize;
685 /* request from pool should always have enough buffer */
686 LASSERT(!req->rq_pool || req->rq_reqbuf_len >= newbuf_size);
688 if (req->rq_reqbuf_len < newbuf_size) {
689 newbuf_size = size_roundup_power2(newbuf_size);
691 OBD_ALLOC_LARGE(newbuf, newbuf_size);
696 * Must lock this, so that otherwise unprotected change of
697 * rq_reqmsg is not racing with parallel processing of
698 * imp_replay_list traversing threads. See LU-3333
699 * This is a bandaid at best, we really need to deal with this
700 * in request enlarging code before unpacking that's already
704 spin_lock(&req->rq_import->imp_lock);
706 memcpy(newbuf, req->rq_reqbuf, req->rq_reqbuf_len);
708 OBD_FREE_LARGE(req->rq_reqbuf, req->rq_reqbuf_len);
709 req->rq_reqbuf = newbuf;
710 req->rq_reqbuf_len = newbuf_size;
711 req->rq_reqmsg = lustre_msg_buf(req->rq_reqbuf,
712 PLAIN_PACK_MSG_OFF, 0);
715 spin_unlock(&req->rq_import->imp_lock);
718 _sptlrpc_enlarge_msg_inplace(req->rq_reqbuf, PLAIN_PACK_MSG_OFF,
720 _sptlrpc_enlarge_msg_inplace(req->rq_reqmsg, segment, newsize);
722 req->rq_reqlen = newmsg_size;
730 static struct ptlrpc_svc_ctx plain_svc_ctx = {
731 .sc_refcount = ATOMIC_INIT(1),
732 .sc_policy = &plain_policy,
735 static int plain_accept(struct ptlrpc_request *req)
737 struct lustre_msg *msg = req->rq_reqbuf;
738 struct plain_header *phdr;
742 LASSERT(SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc) ==
743 SPTLRPC_POLICY_PLAIN);
745 if (SPTLRPC_FLVR_BASE(req->rq_flvr.sf_rpc) !=
746 SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_PLAIN) ||
747 SPTLRPC_FLVR_BULK_TYPE(req->rq_flvr.sf_rpc) !=
748 SPTLRPC_FLVR_BULK_TYPE(SPTLRPC_FLVR_PLAIN)) {
749 CERROR("Invalid rpc flavor %x\n", req->rq_flvr.sf_rpc);
753 if (msg->lm_bufcount < PLAIN_PACK_SEGMENTS) {
754 CERROR("unexpected request buf count %u\n", msg->lm_bufcount);
758 swabbed = ptlrpc_req_need_swab(req);
760 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, sizeof(*phdr));
762 CERROR("missing plain header\n");
766 if (phdr->ph_ver != 0) {
767 CERROR("Invalid header version\n");
771 if (phdr->ph_bulk_hash_alg >= BULK_HASH_ALG_MAX) {
772 CERROR("invalid hash algorithm: %u\n", phdr->ph_bulk_hash_alg);
776 req->rq_sp_from = phdr->ph_sp;
777 req->rq_flvr.u_bulk.hash.hash_alg = phdr->ph_bulk_hash_alg;
779 if (phdr->ph_flags & PLAIN_FL_USER) {
780 if (sptlrpc_unpack_user_desc(msg, PLAIN_PACK_USER_OFF,
782 CERROR("Mal-formed user descriptor\n");
786 req->rq_pack_udesc = 1;
787 req->rq_user_desc = lustre_msg_buf(msg, PLAIN_PACK_USER_OFF, 0);
790 if (phdr->ph_flags & PLAIN_FL_BULK) {
791 if (plain_unpack_bsd(msg, swabbed))
794 req->rq_pack_bulk = 1;
797 req->rq_reqmsg = lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0);
798 req->rq_reqlen = msg->lm_buflens[PLAIN_PACK_MSG_OFF];
800 req->rq_svc_ctx = &plain_svc_ctx;
801 atomic_inc(&req->rq_svc_ctx->sc_refcount);
807 int plain_alloc_rs(struct ptlrpc_request *req, int msgsize)
809 struct ptlrpc_reply_state *rs;
810 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
811 int rs_size = sizeof(*rs);
815 LASSERT(msgsize % 8 == 0);
817 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
818 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
820 if (req->rq_pack_bulk && (req->rq_bulk_read || req->rq_bulk_write))
821 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
823 rs_size += lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
825 rs = req->rq_reply_state;
829 LASSERT(rs->rs_size >= rs_size);
831 OBD_ALLOC_LARGE(rs, rs_size);
835 rs->rs_size = rs_size;
838 rs->rs_svc_ctx = req->rq_svc_ctx;
839 atomic_inc(&req->rq_svc_ctx->sc_refcount);
840 rs->rs_repbuf = (struct lustre_msg *) (rs + 1);
841 rs->rs_repbuf_len = rs_size - sizeof(*rs);
843 lustre_init_msg_v2(rs->rs_repbuf, PLAIN_PACK_SEGMENTS, buflens, NULL);
844 rs->rs_msg = lustre_msg_buf_v2(rs->rs_repbuf, PLAIN_PACK_MSG_OFF, 0);
846 req->rq_reply_state = rs;
851 void plain_free_rs(struct ptlrpc_reply_state *rs)
855 LASSERT(atomic_read(&rs->rs_svc_ctx->sc_refcount) > 1);
856 atomic_dec(&rs->rs_svc_ctx->sc_refcount);
858 if (!rs->rs_prealloc)
859 OBD_FREE_LARGE(rs, rs->rs_size);
864 int plain_authorize(struct ptlrpc_request *req)
866 struct ptlrpc_reply_state *rs = req->rq_reply_state;
867 struct lustre_msg_v2 *msg = rs->rs_repbuf;
868 struct plain_header *phdr;
876 if (req->rq_replen != msg->lm_buflens[PLAIN_PACK_MSG_OFF])
877 len = lustre_shrink_msg(msg, PLAIN_PACK_MSG_OFF,
880 len = lustre_msg_size_v2(msg->lm_bufcount, msg->lm_buflens);
882 msg->lm_secflvr = req->rq_flvr.sf_rpc;
884 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, 0);
887 phdr->ph_bulk_hash_alg = req->rq_flvr.u_bulk.hash.hash_alg;
889 if (req->rq_pack_bulk)
890 phdr->ph_flags |= PLAIN_FL_BULK;
892 rs->rs_repdata_len = len;
894 if (likely(req->rq_packed_final)) {
895 if (lustre_msghdr_get_flags(req->rq_reqmsg) & MSGHDR_AT_SUPPORT)
896 req->rq_reply_off = plain_at_offset;
898 req->rq_reply_off = 0;
900 unsigned int hsize = 4;
902 cfs_crypto_hash_digest(CFS_HASH_ALG_CRC32,
903 lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
904 lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF),
905 NULL, 0, (unsigned char *)&msg->lm_cksum, &hsize);
906 req->rq_reply_off = 0;
913 int plain_svc_unwrap_bulk(struct ptlrpc_request *req,
914 struct ptlrpc_bulk_desc *desc)
916 struct ptlrpc_reply_state *rs = req->rq_reply_state;
917 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
918 struct plain_bulk_token *tokenr;
921 LASSERT(req->rq_bulk_write);
922 LASSERT(req->rq_pack_bulk);
924 bsdr = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
925 tokenr = (struct plain_bulk_token *) bsdr->bsd_data;
926 bsdv = lustre_msg_buf(rs->rs_repbuf, PLAIN_PACK_BULK_OFF, 0);
928 bsdv->bsd_version = 0;
929 bsdv->bsd_type = SPTLRPC_BULK_DEFAULT;
930 bsdv->bsd_svc = bsdr->bsd_svc;
933 if (bsdr->bsd_svc == SPTLRPC_BULK_SVC_NULL)
936 rc = plain_verify_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
939 bsdv->bsd_flags |= BSD_FL_ERR;
940 CERROR("bulk write: server verify failed: %d\n", rc);
947 int plain_svc_wrap_bulk(struct ptlrpc_request *req,
948 struct ptlrpc_bulk_desc *desc)
950 struct ptlrpc_reply_state *rs = req->rq_reply_state;
951 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
952 struct plain_bulk_token *tokenv;
955 LASSERT(req->rq_bulk_read);
956 LASSERT(req->rq_pack_bulk);
958 bsdr = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
959 bsdv = lustre_msg_buf(rs->rs_repbuf, PLAIN_PACK_BULK_OFF, 0);
960 tokenv = (struct plain_bulk_token *) bsdv->bsd_data;
962 bsdv->bsd_version = 0;
963 bsdv->bsd_type = SPTLRPC_BULK_DEFAULT;
964 bsdv->bsd_svc = bsdr->bsd_svc;
967 if (bsdr->bsd_svc == SPTLRPC_BULK_SVC_NULL)
970 rc = plain_generate_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
973 CERROR("bulk read: server failed to compute checksum: %d\n",
976 if (OBD_FAIL_CHECK(OBD_FAIL_OSC_CHECKSUM_RECEIVE))
977 corrupt_bulk_data(desc);
983 static struct ptlrpc_ctx_ops plain_ctx_ops = {
984 .refresh = plain_ctx_refresh,
985 .validate = plain_ctx_validate,
986 .sign = plain_ctx_sign,
987 .verify = plain_ctx_verify,
988 .wrap_bulk = plain_cli_wrap_bulk,
989 .unwrap_bulk = plain_cli_unwrap_bulk,
992 static struct ptlrpc_sec_cops plain_sec_cops = {
993 .create_sec = plain_create_sec,
994 .destroy_sec = plain_destroy_sec,
995 .kill_sec = plain_kill_sec,
996 .lookup_ctx = plain_lookup_ctx,
997 .release_ctx = plain_release_ctx,
998 .flush_ctx_cache = plain_flush_ctx_cache,
999 .alloc_reqbuf = plain_alloc_reqbuf,
1000 .free_reqbuf = plain_free_reqbuf,
1001 .alloc_repbuf = plain_alloc_repbuf,
1002 .free_repbuf = plain_free_repbuf,
1003 .enlarge_reqbuf = plain_enlarge_reqbuf,
1006 static struct ptlrpc_sec_sops plain_sec_sops = {
1007 .accept = plain_accept,
1008 .alloc_rs = plain_alloc_rs,
1009 .authorize = plain_authorize,
1010 .free_rs = plain_free_rs,
1011 .unwrap_bulk = plain_svc_unwrap_bulk,
1012 .wrap_bulk = plain_svc_wrap_bulk,
1015 static struct ptlrpc_sec_policy plain_policy = {
1016 .sp_owner = THIS_MODULE,
1018 .sp_policy = SPTLRPC_POLICY_PLAIN,
1019 .sp_cops = &plain_sec_cops,
1020 .sp_sops = &plain_sec_sops,
1023 int sptlrpc_plain_init(void)
1025 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
1028 buflens[PLAIN_PACK_MSG_OFF] = lustre_msg_early_size();
1029 plain_at_offset = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
1031 rc = sptlrpc_register_policy(&plain_policy);
1033 CERROR("failed to register: %d\n", rc);
1038 void sptlrpc_plain_fini(void)
1042 rc = sptlrpc_unregister_policy(&plain_policy);
1044 CERROR("cannot unregister: %d\n", rc);