LU-2392 kerberos: GSS keyring is broken >=2.6.29

[fs/lustre-release.git] / lustre / ptlrpc / sec_plain.c

diff --git a/lustre/ptlrpc/sec_plain.c b/lustre/ptlrpc/sec_plain.c
index ec9514d..8c1ef9c 100644 (file)
--- a/lustre/ptlrpc/sec_plain.c
+++ b/lustre/ptlrpc/sec_plain.c
@@ -27,7 +27,7 @@
  * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
  * Use is subject to license terms.
  *
- * Copyright (c) 2011, Whamcloud, Inc.
+ * Copyright (c) 2011, 2012, Intel Corporation.
  */
 /*
  * This file is part of Lustre, http://www.lustre.org/
@@ -38,9 +38,6 @@
  * Author: Eric Mei <ericm@clusterfs.com>
  */
 
-#ifndef EXPORT_SYMTAB
-# define EXPORT_SYMTAB
-#endif
 #define DEBUG_SUBSYSTEM S_SEC
 
 #ifndef __KERNEL__
@@ -55,7 +52,7 @@
 
 struct plain_sec {
         struct ptlrpc_sec       pls_base;
-        cfs_rwlock_t            pls_lock;
+       rwlock_t            pls_lock;
         struct ptlrpc_cli_ctx  *pls_ctx;
 };
 
@@ -273,15 +270,18 @@ int plain_ctx_verify(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
         }
 
         if (unlikely(req->rq_early)) {
-                cksum = crc32_le(!(__u32) 0,
-                                 lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
-                                 lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF));
-                if (cksum != msg->lm_cksum) {
-                        CDEBUG(D_SEC,
-                               "early reply checksum mismatch: %08x != %08x\n",
-                               cpu_to_le32(cksum), msg->lm_cksum);
-                        RETURN(-EINVAL);
-                }
+               unsigned int hsize = 4;
+
+               cfs_crypto_hash_digest(CFS_HASH_ALG_CRC32,
+                               lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
+                               lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF),
+                               NULL, 0, (unsigned char *)&cksum, &hsize);
+               if (cksum != msg->lm_cksum) {
+                       CDEBUG(D_SEC,
+                              "early reply checksum mismatch: %08x != %08x\n",
+                              cpu_to_le32(cksum), msg->lm_cksum);
+                       RETURN(-EINVAL);
+               }
         } else {
                 /* whether we sent with bulk or not, we expect the same
                  * in reply, except for early reply */
@@ -398,11 +398,11 @@ int plain_cli_unwrap_bulk(struct ptlrpc_cli_ctx *ctx,
 static
 struct ptlrpc_cli_ctx *plain_sec_install_ctx(struct plain_sec *plsec)
 {
-        struct ptlrpc_cli_ctx  *ctx, *ctx_new;
+       struct ptlrpc_cli_ctx  *ctx, *ctx_new;
 
-        OBD_ALLOC_PTR(ctx_new);
+       OBD_ALLOC_PTR(ctx_new);
 
-        cfs_write_lock(&plsec->pls_lock);
+       write_lock(&plsec->pls_lock);
 
         ctx = plsec->pls_ctx;
         if (ctx) {
@@ -419,7 +419,7 @@ struct ptlrpc_cli_ctx *plain_sec_install_ctx(struct plain_sec *plsec)
                 ctx->cc_expire = 0;
                 ctx->cc_flags = PTLRPC_CTX_CACHED | PTLRPC_CTX_UPTODATE;
                 ctx->cc_vcred.vc_uid = 0;
-                cfs_spin_lock_init(&ctx->cc_lock);
+               spin_lock_init(&ctx->cc_lock);
                 CFS_INIT_LIST_HEAD(&ctx->cc_req_list);
                 CFS_INIT_LIST_HEAD(&ctx->cc_gc_chain);
 
@@ -430,9 +430,9 @@ struct ptlrpc_cli_ctx *plain_sec_install_ctx(struct plain_sec *plsec)
                 cfs_atomic_inc(&ctx->cc_refcount); /* for caller */
         }
 
-        cfs_write_unlock(&plsec->pls_lock);
+       write_unlock(&plsec->pls_lock);
 
-        return ctx;
+       return ctx;
 }
 
 static
@@ -478,17 +478,17 @@ struct ptlrpc_sec *plain_create_sec(struct obd_import *imp,
         /*
          * initialize plain_sec
          */
-        cfs_rwlock_init(&plsec->pls_lock);
-        plsec->pls_ctx = NULL;
-
-        sec = &plsec->pls_base;
-        sec->ps_policy = &plain_policy;
-        cfs_atomic_set(&sec->ps_refcount, 0);
-        cfs_atomic_set(&sec->ps_nctx, 0);
-        sec->ps_id = sptlrpc_get_next_secid();
-        sec->ps_import = class_import_get(imp);
-        sec->ps_flvr = *sf;
-        cfs_spin_lock_init(&sec->ps_lock);
+       rwlock_init(&plsec->pls_lock);
+       plsec->pls_ctx = NULL;
+
+       sec = &plsec->pls_base;
+       sec->ps_policy = &plain_policy;
+       cfs_atomic_set(&sec->ps_refcount, 0);
+       cfs_atomic_set(&sec->ps_nctx, 0);
+       sec->ps_id = sptlrpc_get_next_secid();
+       sec->ps_import = class_import_get(imp);
+       sec->ps_flvr = *sf;
+       spin_lock_init(&sec->ps_lock);
         CFS_INIT_LIST_HEAD(&sec->ps_gc_list);
         sec->ps_gc_interval = 0;
         sec->ps_gc_next = 0;
@@ -511,20 +511,20 @@ struct ptlrpc_cli_ctx *plain_lookup_ctx(struct ptlrpc_sec *sec,
                                         struct vfs_cred *vcred,
                                         int create, int remove_dead)
 {
-        struct plain_sec       *plsec = sec2plsec(sec);
-        struct ptlrpc_cli_ctx  *ctx;
-        ENTRY;
+       struct plain_sec       *plsec = sec2plsec(sec);
+       struct ptlrpc_cli_ctx  *ctx;
+       ENTRY;
 
-        cfs_read_lock(&plsec->pls_lock);
-        ctx = plsec->pls_ctx;
-        if (ctx)
-                cfs_atomic_inc(&ctx->cc_refcount);
-        cfs_read_unlock(&plsec->pls_lock);
+       read_lock(&plsec->pls_lock);
+       ctx = plsec->pls_ctx;
+       if (ctx)
+               cfs_atomic_inc(&ctx->cc_refcount);
+       read_unlock(&plsec->pls_lock);
 
-        if (unlikely(ctx == NULL))
-                ctx = plain_sec_install_ctx(plsec);
+       if (unlikely(ctx == NULL))
+               ctx = plain_sec_install_ctx(plsec);
 
-        RETURN(ctx);
+       RETURN(ctx);
 }
 
 static
@@ -554,10 +554,10 @@ int plain_flush_ctx_cache(struct ptlrpc_sec *sec,
         if (uid != -1)
                 RETURN(0);
 
-        cfs_write_lock(&plsec->pls_lock);
+       write_lock(&plsec->pls_lock);
         ctx = plsec->pls_ctx;
         plsec->pls_ctx = NULL;
-        cfs_write_unlock(&plsec->pls_lock);
+       write_unlock(&plsec->pls_lock);
 
         if (ctx)
                 sptlrpc_cli_ctx_put(ctx, 1);
@@ -895,10 +895,13 @@ int plain_authorize(struct ptlrpc_request *req)
                 else
                         req->rq_reply_off = 0;
         } else {
-                msg->lm_cksum = crc32_le(!(__u32) 0,
-                                lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
-                                lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF));
-                req->rq_reply_off = 0;
+               unsigned int hsize = 4;
+
+               cfs_crypto_hash_digest(CFS_HASH_ALG_CRC32,
+                       lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
+                       lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF),
+                       NULL, 0, (unsigned char *)&msg->lm_cksum, &hsize);
+                       req->rq_reply_off = 0;
         }
 
         RETURN(0);