1 /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
2 * vim:expandtab:shiftwidth=8:tabstop=8:
4 * Copyright (C) 2004-2006 Cluster File Systems, Inc.
6 * This file is part of Lustre, http://www.lustre.org.
8 * Lustre is free software; you can redistribute it and/or
9 * modify it under the terms of version 2 of the GNU General Public
10 * License as published by the Free Software Foundation.
12 * Lustre is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with Lustre; if not, write to the Free Software
19 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
25 #define DEBUG_SUBSYSTEM S_SEC
27 #include <libcfs/libcfs.h>
29 #include <liblustre.h>
30 #include <libcfs/list.h>
32 #include <linux/crypto.h>
33 #include <linux/key.h>
37 #include <obd_class.h>
38 #include <obd_support.h>
39 #include <lustre_net.h>
40 #include <lustre_import.h>
41 #include <lustre_dlm.h>
42 #include <lustre_sec.h>
44 #include "ptlrpc_internal.h"
46 /***********************************************
48 ***********************************************/
50 static rwlock_t policy_lock = RW_LOCK_UNLOCKED;
51 static struct ptlrpc_sec_policy *policies[SPTLRPC_POLICY_MAX] = {
55 int sptlrpc_register_policy(struct ptlrpc_sec_policy *policy)
57 __u32 number = policy->sp_policy;
59 LASSERT(policy->sp_name);
60 LASSERT(policy->sp_cops);
61 LASSERT(policy->sp_sops);
63 if (number >= SPTLRPC_POLICY_MAX)
66 write_lock(&policy_lock);
67 if (unlikely(policies[number])) {
68 write_unlock(&policy_lock);
71 policies[number] = policy;
72 write_unlock(&policy_lock);
74 CDEBUG(D_SEC, "%s: registered\n", policy->sp_name);
77 EXPORT_SYMBOL(sptlrpc_register_policy);
79 int sptlrpc_unregister_policy(struct ptlrpc_sec_policy *policy)
81 __u32 number = policy->sp_policy;
83 LASSERT(number < SPTLRPC_POLICY_MAX);
85 write_lock(&policy_lock);
86 if (unlikely(policies[number] == NULL)) {
87 write_unlock(&policy_lock);
88 CERROR("%s: already unregistered\n", policy->sp_name);
92 LASSERT(policies[number] == policy);
93 policies[number] = NULL;
94 write_unlock(&policy_lock);
96 CDEBUG(D_SEC, "%s: unregistered\n", policy->sp_name);
99 EXPORT_SYMBOL(sptlrpc_unregister_policy);
102 struct ptlrpc_sec_policy * sptlrpc_flavor2policy(ptlrpc_sec_flavor_t flavor)
105 static DECLARE_MUTEX(load_mutex);
107 static atomic_t loaded = ATOMIC_INIT(0);
108 struct ptlrpc_sec_policy *policy;
109 __u32 number = SEC_FLAVOR_POLICY(flavor), flag = 0;
111 if (number >= SPTLRPC_POLICY_MAX)
117 read_lock(&policy_lock);
118 policy = policies[number];
119 if (policy && !try_module_get(policy->sp_owner))
122 flag = atomic_read(&loaded);
123 read_unlock(&policy_lock);
126 /* if failure, try to load gss module, once */
127 if (unlikely(policy == NULL) &&
129 (number == SPTLRPC_POLICY_GSS ||
130 number == SPTLRPC_POLICY_GSS_PIPEFS)) {
131 mutex_down(&load_mutex);
132 if (atomic_read(&loaded) == 0) {
133 if (request_module("ptlrpc_gss") != 0)
134 CERROR("Unable to load module ptlrpc_gss\n");
136 CWARN("module ptlrpc_gss loaded\n");
138 atomic_set(&loaded, 1);
140 mutex_up(&load_mutex);
149 ptlrpc_sec_flavor_t sptlrpc_name2flavor(const char *name)
151 if (!strcmp(name, "null"))
152 return SPTLRPC_FLVR_NULL;
153 if (!strcmp(name, "plain"))
154 return SPTLRPC_FLVR_PLAIN;
155 if (!strcmp(name, "krb5"))
156 return SPTLRPC_FLVR_KRB5;
157 if (!strcmp(name, "krb5i"))
158 return SPTLRPC_FLVR_KRB5I;
159 if (!strcmp(name, "krb5p"))
160 return SPTLRPC_FLVR_KRB5P;
162 return SPTLRPC_FLVR_INVALID;
164 EXPORT_SYMBOL(sptlrpc_name2flavor);
166 char *sptlrpc_flavor2name(ptlrpc_sec_flavor_t flavor)
169 case SPTLRPC_FLVR_NULL:
171 case SPTLRPC_FLVR_PLAIN:
173 case SPTLRPC_FLVR_KRB5:
175 case SPTLRPC_FLVR_KRB5I:
177 case SPTLRPC_FLVR_KRB5P:
180 CERROR("invalid flavor 0x%x(p%u,s%u,v%u)\n", flavor,
181 SEC_FLAVOR_POLICY(flavor), SEC_FLAVOR_SUBPOLICY(flavor),
182 SEC_FLAVOR_SVC(flavor));
186 EXPORT_SYMBOL(sptlrpc_flavor2name);
188 /**************************************************
189 * client context APIs *
190 **************************************************/
193 struct ptlrpc_cli_ctx *get_my_ctx(struct ptlrpc_sec *sec)
195 struct vfs_cred vcred;
196 int create = 1, remove_dead = 1;
199 LASSERT(sec->ps_policy->sp_cops->lookup_ctx);
201 if (sec->ps_flags & (PTLRPC_SEC_FL_REVERSE | PTLRPC_SEC_FL_ROOTONLY)) {
204 if (sec->ps_flags & PTLRPC_SEC_FL_REVERSE) {
209 vcred.vc_uid = cfs_current()->uid;
210 vcred.vc_gid = cfs_current()->gid;
213 return sec->ps_policy->sp_cops->lookup_ctx(sec, &vcred,
214 create, remove_dead);
217 struct ptlrpc_cli_ctx *sptlrpc_cli_ctx_get(struct ptlrpc_cli_ctx *ctx)
219 LASSERT(atomic_read(&ctx->cc_refcount) > 0);
220 atomic_inc(&ctx->cc_refcount);
223 EXPORT_SYMBOL(sptlrpc_cli_ctx_get);
225 void sptlrpc_cli_ctx_put(struct ptlrpc_cli_ctx *ctx, int sync)
227 struct ptlrpc_sec *sec = ctx->cc_sec;
230 LASSERT(atomic_read(&ctx->cc_refcount));
232 if (!atomic_dec_and_test(&ctx->cc_refcount))
235 sec->ps_policy->sp_cops->release_ctx(sec, ctx, sync);
237 EXPORT_SYMBOL(sptlrpc_cli_ctx_put);
240 * expire the context immediately.
241 * the caller must hold at least 1 ref on the ctx.
243 void sptlrpc_cli_ctx_expire(struct ptlrpc_cli_ctx *ctx)
245 LASSERT(ctx->cc_ops->die);
246 ctx->cc_ops->die(ctx, 0);
248 EXPORT_SYMBOL(sptlrpc_cli_ctx_expire);
250 void sptlrpc_cli_ctx_wakeup(struct ptlrpc_cli_ctx *ctx)
252 struct ptlrpc_request *req, *next;
254 spin_lock(&ctx->cc_lock);
255 list_for_each_entry_safe(req, next, &ctx->cc_req_list, rq_ctx_chain) {
256 list_del_init(&req->rq_ctx_chain);
257 ptlrpc_wake_client_req(req);
259 spin_unlock(&ctx->cc_lock);
261 EXPORT_SYMBOL(sptlrpc_cli_ctx_wakeup);
263 int sptlrpc_cli_ctx_display(struct ptlrpc_cli_ctx *ctx, char *buf, int bufsize)
265 LASSERT(ctx->cc_ops);
267 if (ctx->cc_ops->display == NULL)
270 return ctx->cc_ops->display(ctx, buf, bufsize);
273 int sptlrpc_req_get_ctx(struct ptlrpc_request *req)
275 struct obd_import *imp = req->rq_import;
278 LASSERT(!req->rq_cli_ctx);
281 if (imp->imp_sec == NULL) {
282 CERROR("import %p (%s) with no sec pointer\n",
283 imp, ptlrpc_import_state_name(imp->imp_state));
287 req->rq_cli_ctx = get_my_ctx(imp->imp_sec);
289 if (!req->rq_cli_ctx) {
290 CERROR("req %p: fail to get context\n", req);
297 void sptlrpc_req_put_ctx(struct ptlrpc_request *req)
302 LASSERT(req->rq_cli_ctx);
304 /* request might be asked to release earlier while still
305 * in the context waiting list.
307 if (!list_empty(&req->rq_ctx_chain)) {
308 spin_lock(&req->rq_cli_ctx->cc_lock);
309 list_del_init(&req->rq_ctx_chain);
310 spin_unlock(&req->rq_cli_ctx->cc_lock);
313 /* this could be called with spinlock hold, use async mode */
314 sptlrpc_cli_ctx_put(req->rq_cli_ctx, 0);
315 req->rq_cli_ctx = NULL;
320 * request must have a context. if failed to get new context,
321 * just restore the old one
323 int sptlrpc_req_replace_dead_ctx(struct ptlrpc_request *req)
325 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
330 LASSERT(test_bit(PTLRPC_CTX_DEAD_BIT, &ctx->cc_flags));
332 /* make sure not on context waiting list */
333 spin_lock(&ctx->cc_lock);
334 list_del_init(&req->rq_ctx_chain);
335 spin_unlock(&ctx->cc_lock);
337 sptlrpc_cli_ctx_get(ctx);
338 sptlrpc_req_put_ctx(req);
339 rc = sptlrpc_req_get_ctx(req);
341 LASSERT(req->rq_cli_ctx);
342 sptlrpc_cli_ctx_put(ctx, 1);
344 LASSERT(!req->rq_cli_ctx);
345 req->rq_cli_ctx = ctx;
349 EXPORT_SYMBOL(sptlrpc_req_replace_dead_ctx);
352 int ctx_check_refresh(struct ptlrpc_cli_ctx *ctx)
354 if (cli_ctx_is_refreshed(ctx))
360 int ctx_refresh_timeout(void *data)
362 struct ptlrpc_request *req = data;
365 /* conn_cnt is needed in expire_one_request */
366 lustre_msg_set_conn_cnt(req->rq_reqmsg, req->rq_import->imp_conn_cnt);
368 rc = ptlrpc_expire_one_request(req);
369 /* if we started recovery, we should mark this ctx dead; otherwise
370 * in case of lgssd died nobody would retire this ctx, following
371 * connecting will still find the same ctx thus cause deadlock.
372 * there's an assumption that expire time of the request should be
373 * later than the context refresh expire time.
376 req->rq_cli_ctx->cc_ops->die(req->rq_cli_ctx, 0);
381 void ctx_refresh_interrupt(void *data)
387 void req_off_ctx_list(struct ptlrpc_request *req, struct ptlrpc_cli_ctx *ctx)
389 spin_lock(&ctx->cc_lock);
390 if (!list_empty(&req->rq_ctx_chain))
391 list_del_init(&req->rq_ctx_chain);
392 spin_unlock(&ctx->cc_lock);
396 * the status of context could be subject to be changed by other threads at any
397 * time. we allow this race. but once we return with 0, the caller will
398 * suppose it's uptodated and keep using it until the owning rpc is done.
402 * = 0 - wait until success or fatal error occur
403 * > 0 - timeout value
405 * return 0 only if the context is uptodated.
407 int sptlrpc_req_refresh_ctx(struct ptlrpc_request *req, long timeout)
409 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
410 struct l_wait_info lwi;
416 /* skip reverse ctxs */
417 if (ctx->cc_sec->ps_flags & PTLRPC_SEC_FL_REVERSE)
420 /* skip special ctxs */
421 if (cli_ctx_is_eternal(ctx) || req->rq_ctx_init || req->rq_ctx_fini)
424 if (test_bit(PTLRPC_CTX_NEW_BIT, &ctx->cc_flags)) {
425 LASSERT(ctx->cc_ops->refresh);
426 ctx->cc_ops->refresh(ctx);
428 LASSERT(test_bit(PTLRPC_CTX_NEW_BIT, &ctx->cc_flags) == 0);
431 if (unlikely(test_bit(PTLRPC_CTX_ERROR_BIT, &ctx->cc_flags))) {
433 req_off_ctx_list(req, ctx);
437 /* This is subtle. For resent message we have to keep original
438 * context to survive following situation:
439 * 1. the request sent to server
440 * 2. recovery was kick start
441 * 3. recovery finished, the request marked as resent
442 * 4. resend the request
443 * 5. old reply from server received (because xid is the same)
444 * 6. verify reply (has to be success)
445 * 7. new reply from server received, lnet drop it
447 * Note we can't simply change xid for resent request because
448 * server reply on it for reply reconstruction.
450 * Commonly the original context should be uptodate because we
451 * have a expiry nice time; And server will keep their half part
452 * context because we at least hold a ref of old context which
453 * prevent the context detroy RPC be sent. So server still can
454 * accept the request and finish RPC. Two cases:
455 * 1. If server side context has been trimed, a NO_CONTEXT will
456 * be returned, gss_cli_ctx_verify/unseal will switch to new
458 * 2. Current context never be refreshed, then we are fine: we
459 * never really send request with old context before.
461 if (test_bit(PTLRPC_CTX_UPTODATE_BIT, &ctx->cc_flags) &&
462 unlikely(req->rq_reqmsg) &&
463 lustre_msg_get_flags(req->rq_reqmsg) & MSG_RESENT) {
464 req_off_ctx_list(req, ctx);
468 if (unlikely(test_bit(PTLRPC_CTX_DEAD_BIT, &ctx->cc_flags))) {
469 /* don't have to, but we don't want to release it too soon */
470 sptlrpc_cli_ctx_get(ctx);
472 rc = sptlrpc_req_replace_dead_ctx(req);
474 LASSERT(ctx == req->rq_cli_ctx);
475 CERROR("req %p: failed to replace dead ctx %p\n",
478 LASSERT(list_empty(&req->rq_ctx_chain));
479 sptlrpc_cli_ctx_put(ctx, 1);
484 * if ctx didn't really switch, might be cpu tight or sth,
485 * we just relax a little bit.
487 if (ctx == req->rq_cli_ctx)
490 CWARN("req %p: replace dead ctx %p(%u->%s) => %p\n",
491 req, ctx, ctx->cc_vcred.vc_uid,
492 sec2target_str(ctx->cc_sec), req->rq_cli_ctx);
494 sptlrpc_cli_ctx_put(ctx, 1);
495 ctx = req->rq_cli_ctx;
496 LASSERT(list_empty(&req->rq_ctx_chain));
501 LASSERT(ctx->cc_ops->validate);
502 if (ctx->cc_ops->validate(ctx) == 0) {
503 req_off_ctx_list(req, ctx);
507 /* Now we're sure this context is during upcall, add myself into
510 spin_lock(&ctx->cc_lock);
511 if (list_empty(&req->rq_ctx_chain))
512 list_add(&req->rq_ctx_chain, &ctx->cc_req_list);
513 spin_unlock(&ctx->cc_lock);
516 RETURN(-EWOULDBLOCK);
519 /* Clear any flags that may be present from previous sends */
520 LASSERT(req->rq_receiving_reply == 0);
521 spin_lock(&req->rq_lock);
523 req->rq_timedout = 0;
526 spin_unlock(&req->rq_lock);
528 lwi = LWI_TIMEOUT_INTR(timeout == 0 ? LONG_MAX : timeout * HZ,
529 ctx_refresh_timeout, ctx_refresh_interrupt, req);
530 rc = l_wait_event(req->rq_reply_waitq, ctx_check_refresh(ctx), &lwi);
532 /* five cases we are here:
533 * 1. successfully refreshed;
534 * 2. someone else mark this ctx dead by force;
536 * 4. timedout, and we don't want recover from the failure;
537 * 5. timedout, and waked up upon recovery finished;
539 if (!cli_ctx_is_refreshed(ctx)) {
540 /* timed out or interruptted */
541 req_off_ctx_list(req, ctx);
550 void sptlrpc_req_set_flavor(struct ptlrpc_request *req, int opcode)
552 struct sec_flavor_config *conf;
554 LASSERT(req->rq_import);
555 LASSERT(req->rq_import->imp_sec);
556 LASSERT(req->rq_cli_ctx);
557 LASSERT(req->rq_cli_ctx->cc_sec);
558 LASSERT(req->rq_bulk_read == 0 || req->rq_bulk_write == 0);
560 /* special security flags accoding to opcode */
563 req->rq_bulk_read = 1;
566 req->rq_bulk_write = 1;
569 req->rq_ctx_init = 1;
572 req->rq_ctx_fini = 1;
576 req->rq_sec_flavor = req->rq_cli_ctx->cc_sec->ps_flavor;
578 /* force SVC_NONE for context initiation rpc, SVC_AUTH for context
581 if (unlikely(req->rq_ctx_init)) {
582 req->rq_sec_flavor = SEC_MAKE_RPC_FLAVOR(
583 SEC_FLAVOR_POLICY(req->rq_sec_flavor),
584 SEC_FLAVOR_SUBPOLICY(req->rq_sec_flavor),
585 SEC_FLAVOR_SVC(SPTLRPC_SVC_NONE));
586 } else if (unlikely(req->rq_ctx_fini)) {
587 req->rq_sec_flavor = SEC_MAKE_RPC_FLAVOR(
588 SEC_FLAVOR_POLICY(req->rq_sec_flavor),
589 SEC_FLAVOR_SUBPOLICY(req->rq_sec_flavor),
590 SEC_FLAVOR_SVC(SPTLRPC_SVC_AUTH));
593 conf = &req->rq_import->imp_obd->u.cli.cl_sec_conf;
595 /* user descriptor flag, except ROOTONLY which don't need, and
596 * null security which can't
598 if ((conf->sfc_flags & PTLRPC_SEC_FL_ROOTONLY) == 0 &&
599 req->rq_sec_flavor != SPTLRPC_FLVR_NULL)
600 req->rq_sec_flavor |= SEC_FLAVOR_FL_USER;
602 /* bulk security flag */
603 if ((req->rq_bulk_read || req->rq_bulk_write) &&
604 (conf->sfc_bulk_priv != BULK_PRIV_ALG_NULL ||
605 conf->sfc_bulk_csum != BULK_CSUM_ALG_NULL))
606 req->rq_sec_flavor |= SEC_FLAVOR_FL_BULK;
609 void sptlrpc_request_out_callback(struct ptlrpc_request *req)
611 if (SEC_FLAVOR_SVC(req->rq_sec_flavor) != SPTLRPC_SVC_PRIV)
614 LASSERT(req->rq_clrbuf);
615 if (req->rq_pool || !req->rq_reqbuf)
618 OBD_FREE(req->rq_reqbuf, req->rq_reqbuf_len);
619 req->rq_reqbuf = NULL;
620 req->rq_reqbuf_len = 0;
624 * check whether current user have valid context for an import or not.
625 * might repeatedly try in case of non-fatal errors.
626 * return 0 on success, < 0 on failure
628 int sptlrpc_import_check_ctx(struct obd_import *imp)
630 struct ptlrpc_cli_ctx *ctx;
631 struct ptlrpc_request *req = NULL;
637 ctx = get_my_ctx(imp->imp_sec);
641 if (cli_ctx_is_eternal(ctx) ||
642 ctx->cc_ops->validate(ctx) == 0) {
643 sptlrpc_cli_ctx_put(ctx, 1);
651 spin_lock_init(&req->rq_lock);
652 atomic_set(&req->rq_refcount, 10000);
653 INIT_LIST_HEAD(&req->rq_ctx_chain);
654 init_waitqueue_head(&req->rq_reply_waitq);
655 req->rq_import = imp;
656 req->rq_cli_ctx = ctx;
658 rc = sptlrpc_req_refresh_ctx(req, 0);
659 LASSERT(list_empty(&req->rq_ctx_chain));
660 sptlrpc_cli_ctx_put(req->rq_cli_ctx, 1);
666 int sptlrpc_cli_wrap_request(struct ptlrpc_request *req)
668 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
673 LASSERT(ctx->cc_sec);
674 LASSERT(req->rq_reqbuf || req->rq_clrbuf);
676 /* we wrap bulk request here because now we can be sure
677 * the context is uptodate.
680 rc = sptlrpc_cli_wrap_bulk(req, req->rq_bulk);
685 switch (SEC_FLAVOR_SVC(req->rq_sec_flavor)) {
686 case SPTLRPC_SVC_NONE:
687 case SPTLRPC_SVC_AUTH:
688 LASSERT(ctx->cc_ops->sign);
689 rc = ctx->cc_ops->sign(ctx, req);
691 case SPTLRPC_SVC_PRIV:
692 LASSERT(ctx->cc_ops->seal);
693 rc = ctx->cc_ops->seal(ctx, req);
700 LASSERT(req->rq_reqdata_len);
701 LASSERT(req->rq_reqdata_len % 8 == 0);
702 LASSERT(req->rq_reqdata_len <= req->rq_reqbuf_len);
709 * rq_nob_received is the actual received data length
711 int sptlrpc_cli_unwrap_reply(struct ptlrpc_request *req)
713 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
718 LASSERT(ctx->cc_sec);
719 LASSERT(ctx->cc_ops);
720 LASSERT(req->rq_repbuf);
722 req->rq_repdata_len = req->rq_nob_received;
724 if (req->rq_nob_received < sizeof(struct lustre_msg)) {
725 CERROR("replied data length %d too small\n",
726 req->rq_nob_received);
730 if (req->rq_repbuf->lm_magic == LUSTRE_MSG_MAGIC_V1 ||
731 req->rq_repbuf->lm_magic == LUSTRE_MSG_MAGIC_V1_SWABBED) {
732 /* it's must be null flavor, so our requets also should be
734 if (SEC_FLAVOR_POLICY(req->rq_sec_flavor) !=
735 SPTLRPC_POLICY_NULL) {
736 CERROR("request flavor is %x but reply with null\n",
742 ptlrpc_sec_flavor_t tmpf = req->rq_repbuf->lm_secflvr;
744 if (req->rq_repbuf->lm_magic == LUSTRE_MSG_MAGIC_V2_SWABBED)
747 if (SEC_FLAVOR_POLICY(tmpf) !=
748 SEC_FLAVOR_POLICY(req->rq_sec_flavor)) {
749 CERROR("request policy %u while reply with %d\n",
750 SEC_FLAVOR_POLICY(req->rq_sec_flavor),
751 SEC_FLAVOR_POLICY(tmpf));
755 if ((SEC_FLAVOR_POLICY(req->rq_sec_flavor) !=
756 SPTLRPC_POLICY_NULL) &&
757 lustre_unpack_msg(req->rq_repbuf, req->rq_nob_received))
761 switch (SEC_FLAVOR_SVC(req->rq_sec_flavor)) {
762 case SPTLRPC_SVC_NONE:
763 case SPTLRPC_SVC_AUTH:
764 LASSERT(ctx->cc_ops->verify);
765 rc = ctx->cc_ops->verify(ctx, req);
767 case SPTLRPC_SVC_PRIV:
768 LASSERT(ctx->cc_ops->unseal);
769 rc = ctx->cc_ops->unseal(ctx, req);
775 LASSERT(rc || req->rq_repmsg || req->rq_resend);
779 /**************************************************
780 * client side high-level security APIs *
781 **************************************************/
784 void sec_cop_destroy_sec(struct ptlrpc_sec *sec)
786 struct ptlrpc_sec_policy *policy = sec->ps_policy;
788 LASSERT(atomic_read(&sec->ps_refcount) == 0);
789 LASSERT(atomic_read(&sec->ps_busy) == 0);
790 LASSERT(policy->sp_cops->destroy_sec);
792 CWARN("%s@%p: being destroied\n", sec->ps_policy->sp_name, sec);
794 policy->sp_cops->destroy_sec(sec);
795 sptlrpc_policy_put(policy);
799 int sec_cop_flush_ctx_cache(struct ptlrpc_sec *sec, uid_t uid,
800 int grace, int force)
802 struct ptlrpc_sec_policy *policy = sec->ps_policy;
804 LASSERT(policy->sp_cops);
805 LASSERT(policy->sp_cops->flush_ctx_cache);
807 return policy->sp_cops->flush_ctx_cache(sec, uid, grace, force);
810 void sptlrpc_sec_destroy(struct ptlrpc_sec *sec)
812 sec_cop_destroy_sec(sec);
814 EXPORT_SYMBOL(sptlrpc_sec_destroy);
817 * let policy module to determine whether take refrence of
821 struct ptlrpc_sec * import_create_sec(struct obd_import *imp,
822 struct ptlrpc_svc_ctx *ctx,
826 struct ptlrpc_sec_policy *policy;
827 struct ptlrpc_sec *sec;
830 flavor = SEC_FLAVOR_RPC(flavor);
833 LASSERT(imp->imp_dlm_fake == 1);
835 CDEBUG(D_SEC, "%s %s: reverse sec using flavor %s\n",
836 imp->imp_obd->obd_type->typ_name,
837 imp->imp_obd->obd_name,
838 sptlrpc_flavor2name(flavor));
840 policy = sptlrpc_policy_get(ctx->sc_policy);
841 flags |= PTLRPC_SEC_FL_REVERSE | PTLRPC_SEC_FL_ROOTONLY;
843 LASSERT(imp->imp_dlm_fake == 0);
845 CDEBUG(D_SEC, "%s %s: select security flavor %s\n",
846 imp->imp_obd->obd_type->typ_name,
847 imp->imp_obd->obd_name,
848 sptlrpc_flavor2name(flavor));
850 policy = sptlrpc_flavor2policy(flavor);
852 CERROR("invalid flavor 0x%x\n", flavor);
857 sec = policy->sp_cops->create_sec(imp, ctx, flavor, flags);
859 atomic_inc(&sec->ps_refcount);
861 /* take 1 busy count on behalf of sec itself,
862 * balanced in sptlrpc_set_put()
864 atomic_inc(&sec->ps_busy);
866 if (sec->ps_gc_interval && policy->sp_cops->gc_ctx)
867 sptlrpc_gc_add_sec(sec);
869 sptlrpc_policy_put(policy);
874 int sptlrpc_import_get_sec(struct obd_import *imp,
875 struct ptlrpc_svc_ctx *ctx,
881 /* old sec might be still there in reconnecting */
885 imp->imp_sec = import_create_sec(imp, ctx, flavor, flags);
892 void sptlrpc_import_put_sec(struct obd_import *imp)
894 struct ptlrpc_sec *sec;
895 struct ptlrpc_sec_policy *policy;
899 if (imp->imp_sec == NULL)
903 policy = sec->ps_policy;
905 if (!atomic_dec_and_test(&sec->ps_refcount)) {
906 sptlrpc_policy_put(policy);
910 sec_cop_flush_ctx_cache(sec, -1, 1, 1);
911 sptlrpc_gc_del_sec(sec);
913 if (atomic_dec_and_test(&sec->ps_busy))
914 sec_cop_destroy_sec(sec);
916 CWARN("delay to destroy %s@%p: busy contexts\n",
917 policy->sp_name, sec);
924 void sptlrpc_import_flush_root_ctx(struct obd_import *imp)
926 if (imp == NULL || imp->imp_sec == NULL)
929 /* it's important to use grace mode, see explain in
930 * sptlrpc_req_refresh_ctx()
932 sec_cop_flush_ctx_cache(imp->imp_sec, 0, 1, 1);
935 void sptlrpc_import_flush_my_ctx(struct obd_import *imp)
937 if (imp == NULL || imp->imp_sec == NULL)
940 sec_cop_flush_ctx_cache(imp->imp_sec, cfs_current()->uid, 1, 1);
942 EXPORT_SYMBOL(sptlrpc_import_flush_my_ctx);
944 void sptlrpc_import_flush_all_ctx(struct obd_import *imp)
946 if (imp == NULL || imp->imp_sec == NULL)
949 sec_cop_flush_ctx_cache(imp->imp_sec, -1, 0, 1);
951 EXPORT_SYMBOL(sptlrpc_import_flush_all_ctx);
954 * when complete successfully, req->rq_reqmsg should point to the
957 int sptlrpc_cli_alloc_reqbuf(struct ptlrpc_request *req, int msgsize)
959 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
960 struct ptlrpc_sec_policy *policy;
964 LASSERT(atomic_read(&ctx->cc_refcount));
965 LASSERT(ctx->cc_sec);
966 LASSERT(ctx->cc_sec->ps_policy);
967 LASSERT(req->rq_reqmsg == NULL);
969 policy = ctx->cc_sec->ps_policy;
970 rc = policy->sp_cops->alloc_reqbuf(ctx->cc_sec, req, msgsize);
972 LASSERT(req->rq_reqmsg);
973 LASSERT(req->rq_reqbuf || req->rq_clrbuf);
975 /* zeroing preallocated buffer */
977 memset(req->rq_reqmsg, 0, msgsize);
983 void sptlrpc_cli_free_reqbuf(struct ptlrpc_request *req)
985 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
986 struct ptlrpc_sec_policy *policy;
989 LASSERT(atomic_read(&ctx->cc_refcount));
990 LASSERT(ctx->cc_sec);
991 LASSERT(ctx->cc_sec->ps_policy);
992 LASSERT(req->rq_reqbuf || req->rq_clrbuf);
994 policy = ctx->cc_sec->ps_policy;
995 policy->sp_cops->free_reqbuf(ctx->cc_sec, req);
999 * NOTE caller must guarantee the buffer size is enough for the enlargement
1001 void _sptlrpc_enlarge_msg_inplace(struct lustre_msg *msg,
1002 int segment, int newsize)
1005 int oldsize, oldmsg_size, movesize;
1007 LASSERT(segment < msg->lm_bufcount);
1008 LASSERT(msg->lm_buflens[segment] <= newsize);
1010 if (msg->lm_buflens[segment] == newsize)
1013 /* nothing to do if we are enlarging the last segment */
1014 if (segment == msg->lm_bufcount - 1) {
1015 msg->lm_buflens[segment] = newsize;
1019 oldsize = msg->lm_buflens[segment];
1021 src = lustre_msg_buf(msg, segment + 1, 0);
1022 msg->lm_buflens[segment] = newsize;
1023 dst = lustre_msg_buf(msg, segment + 1, 0);
1024 msg->lm_buflens[segment] = oldsize;
1026 /* move from segment + 1 to end segment */
1027 LASSERT(msg->lm_magic == LUSTRE_MSG_MAGIC_V2);
1028 oldmsg_size = lustre_msg_size_v2(msg->lm_bufcount, msg->lm_buflens);
1029 movesize = oldmsg_size - ((unsigned long) src - (unsigned long) msg);
1030 LASSERT(movesize >= 0);
1033 memmove(dst, src, movesize);
1035 /* note we don't clear the ares where old data live, not secret */
1037 /* finally set new segment size */
1038 msg->lm_buflens[segment] = newsize;
1040 EXPORT_SYMBOL(_sptlrpc_enlarge_msg_inplace);
1043 * enlarge @segment of upper message req->rq_reqmsg to @newsize, all data
1044 * will be preserved after enlargement. this must be called after rq_reqmsg has
1045 * been intialized at least.
1047 * caller's attention: upon return, rq_reqmsg and rq_reqlen might have
1050 int sptlrpc_cli_enlarge_reqbuf(struct ptlrpc_request *req,
1051 int segment, int newsize)
1053 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
1054 struct ptlrpc_sec_cops *cops;
1055 struct lustre_msg *msg = req->rq_reqmsg;
1059 LASSERT(msg->lm_bufcount > segment);
1060 LASSERT(msg->lm_buflens[segment] <= newsize);
1062 if (msg->lm_buflens[segment] == newsize)
1065 cops = ctx->cc_sec->ps_policy->sp_cops;
1066 LASSERT(cops->enlarge_reqbuf);
1067 return cops->enlarge_reqbuf(ctx->cc_sec, req, segment, newsize);
1069 EXPORT_SYMBOL(sptlrpc_cli_enlarge_reqbuf);
1071 int sptlrpc_cli_alloc_repbuf(struct ptlrpc_request *req, int msgsize)
1073 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
1074 struct ptlrpc_sec_policy *policy;
1078 LASSERT(atomic_read(&ctx->cc_refcount));
1079 LASSERT(ctx->cc_sec);
1080 LASSERT(ctx->cc_sec->ps_policy);
1085 policy = ctx->cc_sec->ps_policy;
1086 RETURN(policy->sp_cops->alloc_repbuf(ctx->cc_sec, req, msgsize));
1089 void sptlrpc_cli_free_repbuf(struct ptlrpc_request *req)
1091 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
1092 struct ptlrpc_sec_policy *policy;
1096 LASSERT(atomic_read(&ctx->cc_refcount));
1097 LASSERT(ctx->cc_sec);
1098 LASSERT(ctx->cc_sec->ps_policy);
1099 LASSERT(req->rq_repbuf);
1101 policy = ctx->cc_sec->ps_policy;
1102 policy->sp_cops->free_repbuf(ctx->cc_sec, req);
1106 int sptlrpc_cli_install_rvs_ctx(struct obd_import *imp,
1107 struct ptlrpc_cli_ctx *ctx)
1109 struct ptlrpc_sec_policy *policy = ctx->cc_sec->ps_policy;
1111 if (!policy->sp_cops->install_rctx)
1113 return policy->sp_cops->install_rctx(imp, ctx->cc_sec, ctx);
1116 int sptlrpc_svc_install_rvs_ctx(struct obd_import *imp,
1117 struct ptlrpc_svc_ctx *ctx)
1119 struct ptlrpc_sec_policy *policy = ctx->sc_policy;
1121 if (!policy->sp_sops->install_rctx)
1123 return policy->sp_sops->install_rctx(imp, ctx);
1126 /****************************************
1127 * server side security *
1128 ****************************************/
1130 int sptlrpc_svc_unwrap_request(struct ptlrpc_request *req)
1132 struct ptlrpc_sec_policy *policy;
1133 struct lustre_msg *msg = req->rq_reqbuf;
1138 LASSERT(req->rq_reqmsg == NULL);
1139 LASSERT(req->rq_repmsg == NULL);
1142 * in any case we avoid to call unpack_msg() for request of null flavor
1143 * which will later be done by ptlrpc_server_handle_request().
1145 if (req->rq_reqdata_len < sizeof(struct lustre_msg)) {
1146 CERROR("request size %d too small\n", req->rq_reqdata_len);
1147 RETURN(SECSVC_DROP);
1150 if (msg->lm_magic == LUSTRE_MSG_MAGIC_V1 ||
1151 msg->lm_magic == LUSTRE_MSG_MAGIC_V1_SWABBED) {
1152 req->rq_sec_flavor = SPTLRPC_FLVR_NULL;
1154 req->rq_sec_flavor = msg->lm_secflvr;
1156 if (msg->lm_magic == LUSTRE_MSG_MAGIC_V2_SWABBED)
1157 __swab32s(&req->rq_sec_flavor);
1159 if ((SEC_FLAVOR_POLICY(req->rq_sec_flavor) !=
1160 SPTLRPC_POLICY_NULL) &&
1161 lustre_unpack_msg(msg, req->rq_reqdata_len))
1162 RETURN(SECSVC_DROP);
1165 policy = sptlrpc_flavor2policy(req->rq_sec_flavor);
1167 CERROR("unsupported security flavor %x\n", req->rq_sec_flavor);
1168 RETURN(SECSVC_DROP);
1171 LASSERT(policy->sp_sops->accept);
1172 rc = policy->sp_sops->accept(req);
1174 LASSERT(req->rq_reqmsg || rc != SECSVC_OK);
1175 sptlrpc_policy_put(policy);
1177 /* FIXME move to proper place */
1178 if (rc == SECSVC_OK) {
1179 __u32 opc = lustre_msg_get_opc(req->rq_reqmsg);
1181 if (opc == OST_WRITE)
1182 req->rq_bulk_write = 1;
1183 else if (opc == OST_READ)
1184 req->rq_bulk_read = 1;
1187 LASSERT(req->rq_svc_ctx || rc == SECSVC_DROP);
1191 int sptlrpc_svc_alloc_rs(struct ptlrpc_request *req,
1194 struct ptlrpc_sec_policy *policy;
1195 struct ptlrpc_reply_state *rs;
1199 LASSERT(req->rq_svc_ctx);
1200 LASSERT(req->rq_svc_ctx->sc_policy);
1202 policy = req->rq_svc_ctx->sc_policy;
1203 LASSERT(policy->sp_sops->alloc_rs);
1205 rc = policy->sp_sops->alloc_rs(req, msglen);
1206 if (unlikely(rc == -ENOMEM)) {
1207 /* failed alloc, try emergency pool */
1208 rs = lustre_get_emerg_rs(req->rq_rqbd->rqbd_service);
1212 req->rq_reply_state = rs;
1213 rc = policy->sp_sops->alloc_rs(req, msglen);
1215 lustre_put_emerg_rs(rs);
1216 req->rq_reply_state = NULL;
1221 (req->rq_reply_state && req->rq_reply_state->rs_msg));
1226 int sptlrpc_svc_wrap_reply(struct ptlrpc_request *req)
1228 struct ptlrpc_sec_policy *policy;
1232 LASSERT(req->rq_svc_ctx);
1233 LASSERT(req->rq_svc_ctx->sc_policy);
1235 policy = req->rq_svc_ctx->sc_policy;
1236 LASSERT(policy->sp_sops->authorize);
1238 rc = policy->sp_sops->authorize(req);
1239 LASSERT(rc || req->rq_reply_state->rs_repdata_len);
1244 void sptlrpc_svc_free_rs(struct ptlrpc_reply_state *rs)
1246 struct ptlrpc_sec_policy *policy;
1247 unsigned int prealloc;
1250 LASSERT(rs->rs_svc_ctx);
1251 LASSERT(rs->rs_svc_ctx->sc_policy);
1253 policy = rs->rs_svc_ctx->sc_policy;
1254 LASSERT(policy->sp_sops->free_rs);
1256 prealloc = rs->rs_prealloc;
1257 policy->sp_sops->free_rs(rs);
1260 lustre_put_emerg_rs(rs);
1264 void sptlrpc_svc_ctx_addref(struct ptlrpc_request *req)
1266 struct ptlrpc_svc_ctx *ctx = req->rq_svc_ctx;
1271 LASSERT(atomic_read(&ctx->sc_refcount) > 0);
1272 atomic_inc(&ctx->sc_refcount);
1275 void sptlrpc_svc_ctx_decref(struct ptlrpc_request *req)
1277 struct ptlrpc_svc_ctx *ctx = req->rq_svc_ctx;
1282 LASSERT(atomic_read(&ctx->sc_refcount) > 0);
1283 if (atomic_dec_and_test(&ctx->sc_refcount)) {
1284 if (ctx->sc_policy->sp_sops->free_ctx)
1285 ctx->sc_policy->sp_sops->free_ctx(ctx);
1287 req->rq_svc_ctx = NULL;
1290 void sptlrpc_svc_ctx_invalidate(struct ptlrpc_request *req)
1292 struct ptlrpc_svc_ctx *ctx = req->rq_svc_ctx;
1297 LASSERT(atomic_read(&ctx->sc_refcount) > 0);
1298 if (ctx->sc_policy->sp_sops->invalidate_ctx)
1299 ctx->sc_policy->sp_sops->invalidate_ctx(ctx);
1301 EXPORT_SYMBOL(sptlrpc_svc_ctx_invalidate);
1303 /****************************************
1305 ****************************************/
1307 int sptlrpc_cli_wrap_bulk(struct ptlrpc_request *req,
1308 struct ptlrpc_bulk_desc *desc)
1310 struct ptlrpc_cli_ctx *ctx;
1312 if (!SEC_FLAVOR_HAS_BULK(req->rq_sec_flavor))
1315 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
1317 ctx = req->rq_cli_ctx;
1318 if (ctx->cc_ops->wrap_bulk)
1319 return ctx->cc_ops->wrap_bulk(ctx, req, desc);
1322 EXPORT_SYMBOL(sptlrpc_cli_wrap_bulk);
1325 void pga_to_bulk_desc(int nob, obd_count pg_count, struct brw_page **pga,
1326 struct ptlrpc_bulk_desc *desc)
1333 for (i = 0; i < pg_count && nob > 0; i++) {
1335 desc->bd_iov[i].kiov_page = pga[i]->pg;
1336 desc->bd_iov[i].kiov_len = pga[i]->count > nob ?
1337 nob : pga[i]->count;
1338 desc->bd_iov[i].kiov_offset = pga[i]->off & ~CFS_PAGE_MASK;
1340 #warning FIXME for liblustre!
1341 desc->bd_iov[i].iov_base = pga[i]->pg->addr;
1342 desc->bd_iov[i].iov_len = pga[i]->count > nob ?
1343 nob : pga[i]->count;
1346 desc->bd_iov_count++;
1347 nob -= pga[i]->count;
1351 int sptlrpc_cli_unwrap_bulk_read(struct ptlrpc_request *req,
1352 int nob, obd_count pg_count,
1353 struct brw_page **pga)
1355 struct ptlrpc_bulk_desc *desc;
1356 struct ptlrpc_cli_ctx *ctx;
1359 if (!SEC_FLAVOR_HAS_BULK(req->rq_sec_flavor))
1362 LASSERT(req->rq_bulk_read && !req->rq_bulk_write);
1364 OBD_ALLOC(desc, offsetof(struct ptlrpc_bulk_desc, bd_iov[pg_count]));
1366 CERROR("out of memory, can't verify bulk read data\n");
1370 pga_to_bulk_desc(nob, pg_count, pga, desc);
1372 ctx = req->rq_cli_ctx;
1373 if (ctx->cc_ops->unwrap_bulk)
1374 rc = ctx->cc_ops->unwrap_bulk(ctx, req, desc);
1376 OBD_FREE(desc, offsetof(struct ptlrpc_bulk_desc, bd_iov[pg_count]));
1380 EXPORT_SYMBOL(sptlrpc_cli_unwrap_bulk_read);
1382 int sptlrpc_cli_unwrap_bulk_write(struct ptlrpc_request *req,
1383 struct ptlrpc_bulk_desc *desc)
1385 struct ptlrpc_cli_ctx *ctx;
1387 if (!SEC_FLAVOR_HAS_BULK(req->rq_sec_flavor))
1390 LASSERT(!req->rq_bulk_read && req->rq_bulk_write);
1392 ctx = req->rq_cli_ctx;
1393 if (ctx->cc_ops->unwrap_bulk)
1394 return ctx->cc_ops->unwrap_bulk(ctx, req, desc);
1398 EXPORT_SYMBOL(sptlrpc_cli_unwrap_bulk_write);
1400 int sptlrpc_svc_wrap_bulk(struct ptlrpc_request *req,
1401 struct ptlrpc_bulk_desc *desc)
1403 struct ptlrpc_svc_ctx *ctx;
1405 if (!SEC_FLAVOR_HAS_BULK(req->rq_sec_flavor))
1408 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
1410 ctx = req->rq_svc_ctx;
1411 if (ctx->sc_policy->sp_sops->wrap_bulk)
1412 return ctx->sc_policy->sp_sops->wrap_bulk(req, desc);
1416 EXPORT_SYMBOL(sptlrpc_svc_wrap_bulk);
1418 int sptlrpc_svc_unwrap_bulk(struct ptlrpc_request *req,
1419 struct ptlrpc_bulk_desc *desc)
1421 struct ptlrpc_svc_ctx *ctx;
1423 if (!SEC_FLAVOR_HAS_BULK(req->rq_sec_flavor))
1426 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
1428 ctx = req->rq_svc_ctx;
1429 if (ctx->sc_policy->sp_sops->unwrap_bulk);
1430 return ctx->sc_policy->sp_sops->unwrap_bulk(req, desc);
1434 EXPORT_SYMBOL(sptlrpc_svc_unwrap_bulk);
1437 /****************************************
1438 * user descriptor helpers *
1439 ****************************************/
1441 int sptlrpc_current_user_desc_size(void)
1446 ngroups = current_ngroups;
1448 if (ngroups > LUSTRE_MAX_GROUPS)
1449 ngroups = LUSTRE_MAX_GROUPS;
1453 return sptlrpc_user_desc_size(ngroups);
1455 EXPORT_SYMBOL(sptlrpc_current_user_desc_size);
1457 int sptlrpc_pack_user_desc(struct lustre_msg *msg, int offset)
1459 struct ptlrpc_user_desc *pud;
1461 pud = lustre_msg_buf(msg, offset, 0);
1463 pud->pud_uid = cfs_current()->uid;
1464 pud->pud_gid = cfs_current()->gid;
1465 pud->pud_fsuid = cfs_current()->fsuid;
1466 pud->pud_fsgid = cfs_current()->fsgid;
1467 pud->pud_cap = cfs_current()->cap_effective;
1468 pud->pud_ngroups = (msg->lm_buflens[offset] - sizeof(*pud)) / 4;
1472 if (pud->pud_ngroups > current_ngroups)
1473 pud->pud_ngroups = current_ngroups;
1474 memcpy(pud->pud_groups, cfs_current()->group_info->blocks[0],
1475 pud->pud_ngroups * sizeof(__u32));
1476 task_unlock(current);
1481 EXPORT_SYMBOL(sptlrpc_pack_user_desc);
1483 int sptlrpc_unpack_user_desc(struct lustre_msg *msg, int offset)
1485 struct ptlrpc_user_desc *pud;
1488 pud = lustre_msg_buf(msg, offset, sizeof(*pud));
1492 if (lustre_msg_swabbed(msg)) {
1493 __swab32s(&pud->pud_uid);
1494 __swab32s(&pud->pud_gid);
1495 __swab32s(&pud->pud_fsuid);
1496 __swab32s(&pud->pud_fsgid);
1497 __swab32s(&pud->pud_cap);
1498 __swab32s(&pud->pud_ngroups);
1501 if (pud->pud_ngroups > LUSTRE_MAX_GROUPS) {
1502 CERROR("%u groups is too large\n", pud->pud_ngroups);
1506 if (sizeof(*pud) + pud->pud_ngroups * sizeof(__u32) >
1507 msg->lm_buflens[offset]) {
1508 CERROR("%u groups are claimed but bufsize only %u\n",
1509 pud->pud_ngroups, msg->lm_buflens[offset]);
1513 if (lustre_msg_swabbed(msg)) {
1514 for (i = 0; i < pud->pud_ngroups; i++)
1515 __swab32s(&pud->pud_groups[i]);
1520 EXPORT_SYMBOL(sptlrpc_unpack_user_desc);
1522 /****************************************
1523 * user supplied flavor string parsing *
1524 ****************************************/
1527 int get_default_flavor(enum lustre_part to_part, struct sec_flavor_config *conf)
1529 conf->sfc_bulk_priv = BULK_PRIV_ALG_NULL;
1530 conf->sfc_bulk_csum = BULK_CSUM_ALG_NULL;
1531 conf->sfc_flags = 0;
1535 conf->sfc_rpc_flavor = SPTLRPC_FLVR_PLAIN;
1538 conf->sfc_rpc_flavor = SPTLRPC_FLVR_NULL;
1541 CERROR("Unknown to lustre part %d, apply defaults\n", to_part);
1542 conf->sfc_rpc_flavor = SPTLRPC_FLVR_NULL;
1548 void get_flavor_by_rpc(__u32 rpc_flavor, struct sec_flavor_config *conf)
1550 conf->sfc_rpc_flavor = rpc_flavor;
1551 conf->sfc_bulk_priv = BULK_PRIV_ALG_NULL;
1552 conf->sfc_bulk_csum = BULK_CSUM_ALG_NULL;
1553 conf->sfc_flags = 0;
1555 switch (rpc_flavor) {
1556 case SPTLRPC_FLVR_NULL:
1557 case SPTLRPC_FLVR_PLAIN:
1559 case SPTLRPC_FLVR_KRB5P:
1560 conf->sfc_bulk_priv = BULK_PRIV_ALG_ARC4;
1562 case SPTLRPC_FLVR_KRB5I:
1563 conf->sfc_bulk_csum = BULK_CSUM_ALG_SHA1;
1571 void get_flavor_by_rpc_bulk(__u32 rpc_flavor, int bulk_priv,
1572 struct sec_flavor_config *conf)
1575 conf->sfc_bulk_priv = BULK_PRIV_ALG_ARC4;
1577 conf->sfc_bulk_priv = BULK_PRIV_ALG_NULL;
1579 switch (rpc_flavor) {
1580 case SPTLRPC_FLVR_PLAIN:
1581 conf->sfc_bulk_csum = BULK_CSUM_ALG_MD5;
1583 case SPTLRPC_FLVR_KRB5I:
1584 case SPTLRPC_FLVR_KRB5P:
1585 conf->sfc_bulk_csum = BULK_CSUM_ALG_SHA1;
1592 static __u32 __flavors[] = {
1599 #define __nflavors (sizeof(__flavors)/sizeof(__u32))
1602 * flavor string format: rpc[-bulk{n|i|p}[:cksum/enc]]
1608 * krb5i-bulkp:sha512/arc4
1610 int sptlrpc_parse_flavor(enum lustre_part from_part, enum lustre_part to_part,
1611 char *str, struct sec_flavor_config *conf)
1613 char *f, *bulk, *alg, *enc;
1619 if (get_default_flavor(to_part, conf))
1624 for (i = 0; i < __nflavors; i++) {
1625 f = sptlrpc_flavor2name(__flavors[i]);
1626 if (strncmp(str, f, strlen(f)) == 0)
1630 if (i >= __nflavors)
1631 GOTO(invalid, -EINVAL);
1633 /* prepare local buffer thus we can modify it as we want */
1634 strncpy(buf, str, 64);
1637 /* find bulk string */
1638 bulk = strchr(buf, '-');
1642 /* now the first part must equal to rpc flavor name */
1643 if (strcmp(buf, f) != 0)
1644 GOTO(invalid, -EINVAL);
1646 get_flavor_by_rpc(__flavors[i], conf);
1651 /* null flavor should not have any suffix */
1652 if (__flavors[i] == SPTLRPC_FLVR_NULL)
1653 GOTO(invalid, -EINVAL);
1655 /* find bulk algorithm string */
1656 alg = strchr(bulk, ':');
1660 /* verify bulk section */
1661 if (strcmp(bulk, "bulkn") == 0) {
1662 conf->sfc_bulk_csum = BULK_CSUM_ALG_NULL;
1663 conf->sfc_bulk_priv = BULK_PRIV_ALG_NULL;
1667 if (strcmp(bulk, "bulki") == 0)
1669 else if (strcmp(bulk, "bulkp") == 0)
1672 GOTO(invalid, -EINVAL);
1674 /* plain policy dosen't support bulk encryption */
1675 if (bulk_priv && __flavors[i] == SPTLRPC_FLVR_PLAIN)
1676 GOTO(invalid, -EINVAL);
1678 get_flavor_by_rpc_bulk(__flavors[i], bulk_priv, conf);
1683 /* find encryption algorithm string */
1684 enc = strchr(alg, '/');
1688 /* bulk combination sanity check */
1689 if ((bulk_priv && enc == NULL) || (bulk_priv == 0 && enc))
1690 GOTO(invalid, -EINVAL);
1692 /* checksum algorithm */
1693 for (i = 0; i < BULK_CSUM_ALG_MAX; i++) {
1694 if (strcmp(alg, sptlrpc_bulk_csum_alg2name(i)) == 0) {
1695 conf->sfc_bulk_csum = i;
1699 if (i >= BULK_CSUM_ALG_MAX)
1700 GOTO(invalid, -EINVAL);
1702 /* privacy algorithm */
1704 if (strcmp(enc, "arc4") != 0)
1705 GOTO(invalid, -EINVAL);
1706 conf->sfc_bulk_priv = BULK_PRIV_ALG_ARC4;
1710 /* * set ROOTONLY flag:
1713 * * set BULK flag for:
1716 if (to_part == LUSTRE_OST ||
1717 (from_part == LUSTRE_MDT && to_part == LUSTRE_MDT))
1718 conf->sfc_flags |= PTLRPC_SEC_FL_ROOTONLY;
1719 if (from_part == LUSTRE_CLI && to_part == LUSTRE_OST)
1720 conf->sfc_flags |= PTLRPC_SEC_FL_BULK;
1723 __swab32s(&conf->sfc_rpc_flavor);
1724 __swab32s(&conf->sfc_bulk_csum);
1725 __swab32s(&conf->sfc_bulk_priv);
1726 __swab32s(&conf->sfc_flags);
1730 CERROR("invalid flavor string: %s\n", str);
1733 EXPORT_SYMBOL(sptlrpc_parse_flavor);
1735 /****************************************
1737 ****************************************/
1739 const char * sec2target_str(struct ptlrpc_sec *sec)
1741 if (!sec || !sec->ps_import || !sec->ps_import->imp_obd)
1743 if (sec->ps_flags & PTLRPC_SEC_FL_REVERSE)
1745 return obd_uuid2str(&sec->ps_import->imp_obd->u.cli.cl_target_uuid);
1747 EXPORT_SYMBOL(sec2target_str);
1749 /****************************************
1750 * initialize/finalize *
1751 ****************************************/
1753 int __init sptlrpc_init(void)
1757 rc = sptlrpc_gc_start_thread();
1761 rc = sptlrpc_enc_pool_init();
1765 rc = sptlrpc_null_init();
1769 rc = sptlrpc_plain_init();
1773 rc = sptlrpc_lproc_init();
1780 sptlrpc_plain_fini();
1782 sptlrpc_null_fini();
1784 sptlrpc_enc_pool_fini();
1786 sptlrpc_gc_stop_thread();
1791 void __exit sptlrpc_fini(void)
1793 sptlrpc_lproc_fini();
1794 sptlrpc_plain_fini();
1795 sptlrpc_null_fini();
1796 sptlrpc_enc_pool_fini();
1797 sptlrpc_gc_stop_thread();