*
* Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
*
- * Copyright (c) 2012, Intel Corporation.
+ * Copyright (c) 2012, 2016, Intel Corporation.
*
* Author: Eric Mei <ericm@clusterfs.com>
*/
#ifndef __PTLRPC_GSS_GSS_INTERNAL_H_
#define __PTLRPC_GSS_GSS_INTERNAL_H_
+#include <crypto/hash.h>
+#include <libcfs/libcfs_crypto.h>
#include <lustre_sec.h>
/*
* rawobj stuff
*/
-typedef struct netobj_s {
- __u32 len;
- __u8 data[0];
-} netobj_t;
-
#define NETOBJ_EMPTY ((netobj_t) { 0 })
-
-typedef struct rawobj_s {
- __u32 len;
- __u8 *data;
-} rawobj_t;
-
#define RAWOBJ_EMPTY ((rawobj_t) { 0, NULL })
typedef struct rawobj_buf_s {
*/
#define GSS_GC_INTERVAL (60 * 60) /* 60 minutes */
-static inline
-unsigned long gss_round_ctx_expiry(unsigned long expiry,
- unsigned long sec_flags)
+static inline time64_t gss_round_ctx_expiry(time64_t expiry,
+ unsigned long sec_flags)
{
- if (sec_flags & PTLRPC_SEC_FL_REVERSE)
- return expiry;
+ if (sec_flags & PTLRPC_SEC_FL_REVERSE)
+ return expiry;
- if (get_seconds() + __TIMEOUT_DELTA <= expiry)
- return expiry - __TIMEOUT_DELTA;
+ if (ktime_get_real_seconds() + __TIMEOUT_DELTA <= expiry)
+ return expiry - __TIMEOUT_DELTA;
- return expiry;
+ return expiry;
}
/*
/*
* XXX make it visible of kernel and lgssd/lsvcgssd
*/
-#define GSSD_INTERFACE_VERSION (1)
+enum {
+ GSSD_INTERFACE_VERSION_V1 = 1,
+ GSSD_INTERFACE_VERSION_V2 = 2,
+ GSSD_INTERFACE_VERSION = GSSD_INTERFACE_VERSION_V2,
+};
#define PTLRPC_GSS_VERSION (1)
};
enum ptlrpc_gss_header_flags {
- LUSTRE_GSS_PACK_BULK = 1,
- LUSTRE_GSS_PACK_USER = 2,
+ LUSTRE_GSS_PACK_BULK = 1,
+ LUSTRE_GSS_PACK_USER = 2,
+ LUSTRE_GSS_PACK_KCSUM = 4,
};
static inline
__u32 import_to_gss_svc(struct obd_import *imp)
{
- const char *name = imp->imp_obd->obd_type->typ_name;
-
- if (!strcmp(name, LUSTRE_MGC_NAME))
- return LUSTRE_GSS_TGT_MGS;
- if (!strcmp(name, LUSTRE_MDC_NAME))
- return LUSTRE_GSS_TGT_MDS;
- if (!strcmp(name, LUSTRE_OSC_NAME))
- return LUSTRE_GSS_TGT_OSS;
- LBUG();
- return 0;
+ int cl_sp_to = LUSTRE_SP_ANY;
+
+ if (imp->imp_obd)
+ cl_sp_to = imp->imp_obd->u.cli.cl_sp_to;
+
+ switch (cl_sp_to) {
+ case LUSTRE_SP_MDT:
+ return LUSTRE_GSS_TGT_MDS;
+ case LUSTRE_SP_OST:
+ return LUSTRE_GSS_TGT_OSS;
+ case LUSTRE_SP_MGC:
+ case LUSTRE_SP_MGS:
+ return LUSTRE_GSS_TGT_MGS;
+ case LUSTRE_SP_CLI:
+ case LUSTRE_SP_ANY:
+ default:
+ return 0;
+ }
}
-/*
- * following 3 header must have the same size and offset
- */
-struct gss_header {
- __u8 gh_version; /* gss version */
- __u8 gh_sp; /* sec part */
- __u16 gh_pad0;
- __u32 gh_flags; /* wrap flags */
- __u32 gh_proc; /* proc */
- __u32 gh_seq; /* sequence */
- __u32 gh_svc; /* service */
- __u32 gh_pad1;
- __u32 gh_pad2;
- __u32 gh_pad3;
- netobj_t gh_handle; /* context handle */
-};
-
-struct gss_rep_header {
- __u8 gh_version;
- __u8 gh_sp;
- __u16 gh_pad0;
- __u32 gh_flags;
- __u32 gh_proc;
- __u32 gh_major;
- __u32 gh_minor;
- __u32 gh_seqwin;
- __u32 gh_pad2;
- __u32 gh_pad3;
- netobj_t gh_handle;
-};
-
-struct gss_err_header {
- __u8 gh_version;
- __u8 gh_sp;
- __u16 gh_pad0;
- __u32 gh_flags;
- __u32 gh_proc;
- __u32 gh_major;
- __u32 gh_minor;
- __u32 gh_pad1;
- __u32 gh_pad2;
- __u32 gh_pad3;
- netobj_t gh_handle;
-};
-
-/*
- * part of wire context information send from client which be saved and
- * used later by server.
- */
-struct gss_wire_ctx {
- __u32 gw_flags;
- __u32 gw_proc;
- __u32 gw_seq;
- __u32 gw_svc;
- rawobj_t gw_handle;
-};
-
#define PTLRPC_GSS_MAX_HANDLE_SIZE (8)
#define PTLRPC_GSS_HEADER_SIZE (sizeof(struct gss_header) + \
PTLRPC_GSS_MAX_HANDLE_SIZE)
};
struct gss_cli_ctx_keyring {
- struct gss_cli_ctx gck_base;
- struct key *gck_key;
- struct timer_list *gck_timer;
+ struct gss_cli_ctx gck_base;
+ struct key *gck_key;
+ struct timer_list gck_timer;
};
struct gss_sec {
return container_of(sec2gsec(sec), struct gss_sec_keyring, gsk_base);
}
+#ifdef HAVE_CACHE_HASH_SPINLOCK
+# define sunrpc_cache_lookup(c, i, h) sunrpc_cache_lookup_rcu((c), (i), (h))
+# define cache_read_lock(cdetail) spin_lock(&((cdetail)->hash_lock))
+# define cache_read_unlock(cdetail) spin_unlock(&((cdetail)->hash_lock))
+#else /* ! HAVE_CACHE_HASH_SPINLOCK */
+# define cache_read_lock(cdetail) read_lock(&((cdetail)->hash_lock))
+# define cache_read_unlock(cdetail) read_unlock(&((cdetail)->hash_lock))
+#endif
#define GSS_CTX_INIT_MAX_LEN (1024)
int __init gss_init_keyring(void);
void __exit gss_exit_keyring(void);
#endif
+extern unsigned int gss_check_upcall_ns;
/* gss_pipefs.c */
#ifndef HAVE_GSS_PIPEFS
/* gss_cli_upcall.c */
-int gss_do_ctx_init_rpc(char *buffer, unsigned long count);
+int gss_do_ctx_init_rpc(char __user *buffer, unsigned long count);
int gss_do_ctx_fini_rpc(struct gss_cli_ctx *gctx);
int __init gss_init_cli_upcall(void);
int __init gss_init_svc_upcall(void);
void gss_exit_svc_upcall(void);
+extern unsigned int krb5_allow_old_client_csum;
/* lproc_gss.c */
void gss_stat_oos_record_cli(int behind);
void gss_stat_oos_record_svc(int phase, int replay);
-int __init gss_init_lproc(void);
-void gss_exit_lproc(void);
+int __init gss_init_tunables(void);
+void gss_exit_tunables(void);
/* gss_null_mech.c */
int __init init_null_module(void);
void cleanup_kerberos_module(void);
/* gss_sk_mech.c */
+#ifdef HAVE_OPENSSL_SSK
int __init init_sk_module(void);
void cleanup_sk_module(void);
+#else
+static inline int init_sk_module(void) { return 0; }
+static inline void cleanup_sk_module(void) { return; }
+#endif /* HAVE_OPENSSL_SSK */
/* debug */
static inline
OBD_FREE(buf, bufsize);
}
+static inline unsigned int ll_read_key_usage(struct key *key)
+{
+#ifdef HAVE_KEY_USAGE_REFCOUNT
+ return refcount_read(&key->usage);
+#else
+ return atomic_read(&key->usage);
+#endif
+}
+
#endif /* __PTLRPC_GSS_GSS_INTERNAL_H_ */
git://git.whamcloud.com / fs / lustre-release.git / blobdiff