lustre/ptlrpc/sec_null.c

   1 /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
   2  * vim:expandtab:shiftwidth=8:tabstop=8:
   3  *
   4  * Copyright (C) 2004-2006 Cluster File Systems, Inc.
   5  *   Author: Eric Mei <ericm@clusterfs.com>
   6  *
   7  *   This file is part of Lustre, http://www.lustre.org.
   8  *
   9  *   Lustre is free software; you can redistribute it and/or
  10  *   modify it under the terms of version 2 of the GNU General Public
  11  *   License as published by the Free Software Foundation.
  12  *
  13  *   Lustre is distributed in the hope that it will be useful,
  14  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  15  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  16  *   GNU General Public License for more details.
  17  *
  18  *   You should have received a copy of the GNU General Public License
  19  *   along with Lustre; if not, write to the Free Software
  20  *   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  21  */
  22
  23 #ifndef EXPORT_SYMTAB
  24 # define EXPORT_SYMTAB
  25 #endif
  26 #define DEBUG_SUBSYSTEM S_SEC
  27
  28 #ifndef __KERNEL__
  29 #include <liblustre.h>
  30 #endif
  31
  32 #include <obd_support.h>
  33 #include <obd_cksum.h>
  34 #include <obd_class.h>
  35 #include <lustre_net.h>
  36 #include <lustre_sec.h>
  37
  38 static struct ptlrpc_sec_policy null_policy;
  39 static struct ptlrpc_sec        null_sec;
  40 static struct ptlrpc_cli_ctx    null_cli_ctx;
  41 static struct ptlrpc_svc_ctx    null_svc_ctx;
  42
  43 /*
  44  * null sec temporarily use the third byte of lm_secflvr to identify
  45  * the source sec part.
  46  */
  47 static inline
  48 void null_encode_sec_part(struct lustre_msg *msg, enum lustre_sec_part sp)
  49 {
  50         msg->lm_secflvr |= (((__u32) sp) & 0xFF) << 16;
  51 }
  52
  53 static inline
  54 enum lustre_sec_part null_decode_sec_part(struct lustre_msg *msg)
  55 {
  56         switch (msg->lm_magic) {
  57         case LUSTRE_MSG_MAGIC_V2:
  58                 return (msg->lm_secflvr >> 16) & 0xFF;
  59         case LUSTRE_MSG_MAGIC_V2_SWABBED:
  60                 return (msg->lm_secflvr >> 8) & 0xFF;
  61         default:
  62                 return LUSTRE_SP_ANY;
  63         }
  64 }
  65
  66 static int null_ctx_refresh(struct ptlrpc_cli_ctx *ctx)
  67 {
  68         /* should never reach here */
  69         LBUG();
  70         return 0;
  71 }
  72
  73 static
  74 int null_ctx_sign(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
  75 {
  76         req->rq_reqbuf->lm_secflvr = SPTLRPC_FLVR_NULL;
  77
  78         if (!req->rq_import->imp_dlm_fake) {
  79                 struct obd_device *obd = req->rq_import->imp_obd;
  80                 null_encode_sec_part(req->rq_reqbuf,
  81                                      obd->u.cli.cl_sec_part);
  82         }
  83         req->rq_reqdata_len = req->rq_reqlen;
  84         return 0;
  85 }
  86
  87 static
  88 int null_ctx_verify(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
  89 {
  90         __u32   cksums, cksumc;
  91
  92         LASSERT(req->rq_repdata);
  93
  94         /* real reply rq_repdata point inside of rq_reqbuf; early reply
  95          * rq_repdata point to a separate allocated space */
  96         if ((char *) req->rq_repdata < req->rq_repbuf ||
  97             (char *) req->rq_repdata >= req->rq_repbuf + req->rq_repbuf_len) {
  98                 cksums = req->rq_repdata->lm_cksum;
  99                 req->rq_repdata->lm_cksum = 0;
 100
 101                 if (req->rq_repdata->lm_magic == LUSTRE_MSG_MAGIC_V2_SWABBED)
 102                         __swab32s(&cksums);
 103
 104                 cksumc = crc32_le(!(__u32) 0, (char *) req->rq_repdata,
 105                                   req->rq_repdata_len);
 106                 if (cksumc != cksums) {
 107                         CWARN("early reply checksum mismatch: %08x != %08x\n",
 108                               cksumc, cksums);
 109                         return -EINVAL;
 110                 }
 111         }
 112
 113         req->rq_repmsg = req->rq_repdata;
 114         req->rq_replen = req->rq_repdata_len;
 115         return 0;
 116 }
 117
 118 static
 119 struct ptlrpc_sec *null_create_sec(struct obd_import *imp,
 120                                    struct ptlrpc_svc_ctx *svc_ctx,
 121                                    struct sptlrpc_flavor *sf)
 122 {
 123         LASSERT(RPC_FLVR_POLICY(sf->sf_rpc) == SPTLRPC_POLICY_NULL);
 124
 125         if (sf->sf_bulk_ciph != BULK_CIPH_ALG_NULL ||
 126             sf->sf_bulk_hash != BULK_HASH_ALG_NULL) {
 127                 CERROR("null sec don't support bulk algorithm: %u/%u\n",
 128                        sf->sf_bulk_ciph, sf->sf_bulk_hash);
 129                 return NULL;
 130         }
 131
 132         /* general layer has take a module reference for us, because we never
 133          * really destroy the sec, simply release the reference here.
 134          */
 135         sptlrpc_policy_put(&null_policy);
 136         return &null_sec;
 137 }
 138
 139 static
 140 void null_destroy_sec(struct ptlrpc_sec *sec)
 141 {
 142         LASSERT(sec == &null_sec);
 143 }
 144
 145 static
 146 struct ptlrpc_cli_ctx *null_lookup_ctx(struct ptlrpc_sec *sec,
 147                                        struct vfs_cred *vcred,
 148                                        int create, int remove_dead)
 149 {
 150         atomic_inc(&null_cli_ctx.cc_refcount);
 151         return &null_cli_ctx;
 152 }
 153
 154 static
 155 int null_flush_ctx_cache(struct ptlrpc_sec *sec,
 156                          uid_t uid,
 157                          int grace, int force)
 158 {
 159         return 0;
 160 }
 161
 162 static
 163 int null_alloc_reqbuf(struct ptlrpc_sec *sec,
 164                       struct ptlrpc_request *req,
 165                       int msgsize)
 166 {
 167         if (!req->rq_reqbuf) {
 168                 int alloc_size = size_roundup_power2(msgsize);
 169
 170                 LASSERT(!req->rq_pool);
 171                 OBD_ALLOC(req->rq_reqbuf, alloc_size);
 172                 if (!req->rq_reqbuf)
 173                         return -ENOMEM;
 174
 175                 req->rq_reqbuf_len = alloc_size;
 176         } else {
 177                 LASSERT(req->rq_pool);
 178                 LASSERT(req->rq_reqbuf_len >= msgsize);
 179                 memset(req->rq_reqbuf, 0, msgsize);
 180         }
 181
 182         req->rq_reqmsg = req->rq_reqbuf;
 183         return 0;
 184 }
 185
 186 static
 187 void null_free_reqbuf(struct ptlrpc_sec *sec,
 188                       struct ptlrpc_request *req)
 189 {
 190         if (!req->rq_pool) {
 191                 LASSERTF(req->rq_reqmsg == req->rq_reqbuf,
 192                          "req %p: reqmsg %p is not reqbuf %p in null sec\n",
 193                          req, req->rq_reqmsg, req->rq_reqbuf);
 194                 LASSERTF(req->rq_reqbuf_len >= req->rq_reqlen,
 195                          "req %p: reqlen %d should smaller than buflen %d\n",
 196                          req, req->rq_reqlen, req->rq_reqbuf_len);
 197
 198                 OBD_FREE(req->rq_reqbuf, req->rq_reqbuf_len);
 199                 req->rq_reqmsg = req->rq_reqbuf = NULL;
 200                 req->rq_reqbuf_len = 0;
 201         }
 202
 203         req->rq_reqmsg = NULL;
 204 }
 205
 206 static
 207 int null_alloc_repbuf(struct ptlrpc_sec *sec,
 208                       struct ptlrpc_request *req,
 209                       int msgsize)
 210 {
 211         /* add space for early replied */
 212         msgsize += lustre_msg_early_size();
 213
 214         msgsize = size_roundup_power2(msgsize);
 215
 216         OBD_ALLOC(req->rq_repbuf, msgsize);
 217         if (!req->rq_repbuf)
 218                 return -ENOMEM;
 219
 220         req->rq_repbuf_len = msgsize;
 221         return 0;
 222 }
 223
 224 static
 225 void null_free_repbuf(struct ptlrpc_sec *sec,
 226                       struct ptlrpc_request *req)
 227 {
 228         LASSERT(req->rq_repbuf);
 229
 230         OBD_FREE(req->rq_repbuf, req->rq_repbuf_len);
 231         req->rq_repbuf = NULL;
 232         req->rq_repbuf_len = 0;
 233
 234         req->rq_repmsg = NULL;
 235 }
 236
 237 static
 238 int null_enlarge_reqbuf(struct ptlrpc_sec *sec,
 239                         struct ptlrpc_request *req,
 240                         int segment, int newsize)
 241 {
 242         struct lustre_msg      *newbuf;
 243         struct lustre_msg      *oldbuf = req->rq_reqmsg;
 244         int                     oldsize, newmsg_size, alloc_size;
 245
 246         LASSERT(req->rq_reqbuf);
 247         LASSERT(req->rq_reqbuf == req->rq_reqmsg);
 248         LASSERT(req->rq_reqbuf_len >= req->rq_reqlen);
 249         LASSERT(req->rq_reqlen == lustre_packed_msg_size(oldbuf));
 250
 251         /* compute new message size */
 252         oldsize = req->rq_reqbuf->lm_buflens[segment];
 253         req->rq_reqbuf->lm_buflens[segment] = newsize;
 254         newmsg_size = lustre_packed_msg_size(oldbuf);
 255         req->rq_reqbuf->lm_buflens[segment] = oldsize;
 256
 257         /* request from pool should always have enough buffer */
 258         LASSERT(!req->rq_pool || req->rq_reqbuf_len >= newmsg_size);
 259
 260         if (req->rq_reqbuf_len < newmsg_size) {
 261                 alloc_size = size_roundup_power2(newmsg_size);
 262
 263                 OBD_ALLOC(newbuf, alloc_size);
 264                 if (newbuf == NULL)
 265                         return -ENOMEM;
 266
 267                 memcpy(newbuf, req->rq_reqbuf, req->rq_reqlen);
 268
 269                 OBD_FREE(req->rq_reqbuf, req->rq_reqbuf_len);
 270                 req->rq_reqbuf = req->rq_reqmsg = newbuf;
 271                 req->rq_reqbuf_len = alloc_size;
 272         }
 273
 274         _sptlrpc_enlarge_msg_inplace(req->rq_reqmsg, segment, newsize);
 275         req->rq_reqlen = newmsg_size;
 276
 277         return 0;
 278 }
 279
 280 static struct ptlrpc_svc_ctx null_svc_ctx = {
 281         .sc_refcount    = ATOMIC_INIT(1),
 282         .sc_policy      = &null_policy,
 283 };
 284
 285 static
 286 int null_accept(struct ptlrpc_request *req)
 287 {
 288         LASSERT(RPC_FLVR_POLICY(req->rq_flvr.sf_rpc) == SPTLRPC_POLICY_NULL);
 289
 290         if (req->rq_flvr.sf_rpc != SPTLRPC_FLVR_NULL) {
 291                 CERROR("Invalid rpc flavor 0x%x\n", req->rq_flvr.sf_rpc);
 292                 return SECSVC_DROP;
 293         }
 294
 295         req->rq_sp_from = null_decode_sec_part(req->rq_reqbuf);
 296
 297         req->rq_reqmsg = req->rq_reqbuf;
 298         req->rq_reqlen = req->rq_reqdata_len;
 299
 300         req->rq_svc_ctx = &null_svc_ctx;
 301         atomic_inc(&req->rq_svc_ctx->sc_refcount);
 302
 303         return SECSVC_OK;
 304 }
 305
 306 static
 307 int null_alloc_rs(struct ptlrpc_request *req, int msgsize)
 308 {
 309         struct ptlrpc_reply_state *rs;
 310         int rs_size = sizeof(*rs) + msgsize;
 311
 312         LASSERT(msgsize % 8 == 0);
 313
 314         rs = req->rq_reply_state;
 315
 316         if (rs) {
 317                 /* pre-allocated */
 318                 LASSERT(rs->rs_size >= rs_size);
 319         } else {
 320                 OBD_ALLOC(rs, rs_size);
 321                 if (rs == NULL)
 322                         return -ENOMEM;
 323
 324                 rs->rs_size = rs_size;
 325         }
 326
 327         rs->rs_svc_ctx = req->rq_svc_ctx;
 328         atomic_inc(&req->rq_svc_ctx->sc_refcount);
 329
 330         rs->rs_repbuf = (struct lustre_msg *) (rs + 1);
 331         rs->rs_repbuf_len = rs_size - sizeof(*rs);
 332         rs->rs_msg = rs->rs_repbuf;
 333
 334         req->rq_reply_state = rs;
 335         return 0;
 336 }
 337
 338 static
 339 void null_free_rs(struct ptlrpc_reply_state *rs)
 340 {
 341         LASSERT(atomic_read(&rs->rs_svc_ctx->sc_refcount) > 1);
 342         atomic_dec(&rs->rs_svc_ctx->sc_refcount);
 343
 344         if (!rs->rs_prealloc)
 345                 OBD_FREE(rs, rs->rs_size);
 346 }
 347
 348 static
 349 int null_authorize(struct ptlrpc_request *req)
 350 {
 351         struct ptlrpc_reply_state *rs = req->rq_reply_state;
 352
 353         LASSERT(rs);
 354
 355         rs->rs_repbuf->lm_secflvr = SPTLRPC_FLVR_NULL;
 356         rs->rs_repdata_len = req->rq_replen;
 357
 358         if (likely(req->rq_packed_final)) {
 359                 req->rq_reply_off = lustre_msg_early_size();
 360         } else {
 361                 rs->rs_repbuf->lm_cksum =
 362                                 crc32_le(!(__u32) 0, (char *) rs->rs_repbuf,
 363                                          rs->rs_repdata_len);
 364                 req->rq_reply_off = 0;
 365         }
 366
 367         return 0;
 368 }
 369
 370 static struct ptlrpc_ctx_ops null_ctx_ops = {
 371         .refresh                = null_ctx_refresh,
 372         .sign                   = null_ctx_sign,
 373         .verify                 = null_ctx_verify,
 374 };
 375
 376 static struct ptlrpc_sec_cops null_sec_cops = {
 377         .create_sec             = null_create_sec,
 378         .destroy_sec            = null_destroy_sec,
 379         .lookup_ctx             = null_lookup_ctx,
 380         .flush_ctx_cache        = null_flush_ctx_cache,
 381         .alloc_reqbuf           = null_alloc_reqbuf,
 382         .alloc_repbuf           = null_alloc_repbuf,
 383         .free_reqbuf            = null_free_reqbuf,
 384         .free_repbuf            = null_free_repbuf,
 385         .enlarge_reqbuf         = null_enlarge_reqbuf,
 386 };
 387
 388 static struct ptlrpc_sec_sops null_sec_sops = {
 389         .accept                 = null_accept,
 390         .alloc_rs               = null_alloc_rs,
 391         .authorize              = null_authorize,
 392         .free_rs                = null_free_rs,
 393 };
 394
 395 static struct ptlrpc_sec_policy null_policy = {
 396         .sp_owner               = THIS_MODULE,
 397         .sp_name                = "sec.null",
 398         .sp_policy              = SPTLRPC_POLICY_NULL,
 399         .sp_cops                = &null_sec_cops,
 400         .sp_sops                = &null_sec_sops,
 401 };
 402
 403 static void null_init_internal(void)
 404 {
 405         static HLIST_HEAD(__list);
 406
 407         null_sec.ps_policy = &null_policy;
 408         atomic_set(&null_sec.ps_refcount, 1);     /* always busy */
 409         null_sec.ps_id = -1;
 410         null_sec.ps_import = NULL;
 411         null_sec.ps_flvr.sf_rpc = SPTLRPC_FLVR_NULL;
 412         null_sec.ps_flvr.sf_bulk_ciph = BULK_CIPH_ALG_NULL;
 413         null_sec.ps_flvr.sf_bulk_hash = BULK_HASH_ALG_NULL;
 414         null_sec.ps_flvr.sf_flags = 0;
 415         null_sec.ps_part = LUSTRE_SP_ANY;
 416         null_sec.ps_dying = 0;
 417         spin_lock_init(&null_sec.ps_lock);
 418         atomic_set(&null_sec.ps_nctx, 1);         /* for "null_cli_ctx" */
 419         CFS_INIT_LIST_HEAD(&null_sec.ps_gc_list);
 420         null_sec.ps_gc_interval = 0;
 421         null_sec.ps_gc_next = 0;
 422
 423         hlist_add_head(&null_cli_ctx.cc_cache, &__list);
 424         atomic_set(&null_cli_ctx.cc_refcount, 1);    /* for hash */
 425         null_cli_ctx.cc_sec = &null_sec;
 426         null_cli_ctx.cc_ops = &null_ctx_ops;
 427         null_cli_ctx.cc_expire = 0;
 428         null_cli_ctx.cc_flags = PTLRPC_CTX_CACHED | PTLRPC_CTX_ETERNAL |
 429                                 PTLRPC_CTX_UPTODATE;
 430         null_cli_ctx.cc_vcred.vc_uid = 0;
 431         spin_lock_init(&null_cli_ctx.cc_lock);
 432         CFS_INIT_LIST_HEAD(&null_cli_ctx.cc_req_list);
 433         CFS_INIT_LIST_HEAD(&null_cli_ctx.cc_gc_chain);
 434 }
 435
 436 int sptlrpc_null_init(void)
 437 {
 438         int rc;
 439
 440         null_init_internal();
 441
 442         rc = sptlrpc_register_policy(&null_policy);
 443         if (rc)
 444                 CERROR("failed to register %s: %d\n", null_policy.sp_name, rc);
 445
 446         return rc;
 447 }
 448
 449 void sptlrpc_null_fini(void)
 450 {
 451         int rc;
 452
 453         rc = sptlrpc_unregister_policy(&null_policy);
 454         if (rc)
 455                 CERROR("failed to unregister %s: %d\n", null_policy.sp_name,rc);
 456 }