lustre/ptlrpc/sec_null.c

   1 /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
   2  * vim:expandtab:shiftwidth=8:tabstop=8:
   3  *
   4  * GPL HEADER START
   5  *
   6  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   7  *
   8  * This program is free software; you can redistribute it and/or modify
   9  * it under the terms of the GNU General Public License version 2 only,
  10  * as published by the Free Software Foundation.
  11  *
  12  * This program is distributed in the hope that it will be useful, but
  13  * WITHOUT ANY WARRANTY; without even the implied warranty of
  14  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  15  * General Public License version 2 for more details (a copy is included
  16  * in the LICENSE file that accompanied this code).
  17  *
  18  * You should have received a copy of the GNU General Public License
  19  * version 2 along with this program; If not, see
  20  * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
  21  *
  22  * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
  23  * CA 95054 USA or visit www.sun.com if you need additional information or
  24  * have any questions.
  25  *
  26  * GPL HEADER END
  27  */
  28 /*
  29  * Copyright  2008 Sun Microsystems, Inc. All rights reserved
  30  * Use is subject to license terms.
  31  */
  32 /*
  33  * This file is part of Lustre, http://www.lustre.org/
  34  * Lustre is a trademark of Sun Microsystems, Inc.
  35  *
  36  * lustre/ptlrpc/sec_null.c
  37  *
  38  * Author: Eric Mei <ericm@clusterfs.com>
  39  */
  40
  41 #ifndef EXPORT_SYMTAB
  42 # define EXPORT_SYMTAB
  43 #endif
  44 #define DEBUG_SUBSYSTEM S_SEC
  45
  46 #ifndef __KERNEL__
  47 #include <liblustre.h>
  48 #endif
  49
  50 #include <obd_support.h>
  51 #include <obd_cksum.h>
  52 #include <obd_class.h>
  53 #include <lustre_net.h>
  54 #include <lustre_sec.h>
  55
  56 static struct ptlrpc_sec_policy null_policy;
  57 static struct ptlrpc_sec        null_sec;
  58 static struct ptlrpc_cli_ctx    null_cli_ctx;
  59 static struct ptlrpc_svc_ctx    null_svc_ctx;
  60
  61 /*
  62  * null sec temporarily use the third byte of lm_secflvr to identify
  63  * the source sec part.
  64  */
  65 static inline
  66 void null_encode_sec_part(struct lustre_msg *msg, enum lustre_sec_part sp)
  67 {
  68         msg->lm_secflvr |= (((__u32) sp) & 0xFF) << 16;
  69 }
  70
  71 static inline
  72 enum lustre_sec_part null_decode_sec_part(struct lustre_msg *msg)
  73 {
  74         switch (msg->lm_magic) {
  75         case LUSTRE_MSG_MAGIC_V2:
  76                 return (msg->lm_secflvr >> 16) & 0xFF;
  77         case LUSTRE_MSG_MAGIC_V2_SWABBED:
  78                 return (msg->lm_secflvr >> 8) & 0xFF;
  79         default:
  80                 return LUSTRE_SP_ANY;
  81         }
  82 }
  83
  84 static int null_ctx_refresh(struct ptlrpc_cli_ctx *ctx)
  85 {
  86         /* should never reach here */
  87         LBUG();
  88         return 0;
  89 }
  90
  91 static
  92 int null_ctx_sign(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
  93 {
  94         req->rq_reqbuf->lm_secflvr = SPTLRPC_FLVR_NULL;
  95
  96         if (!req->rq_import->imp_dlm_fake) {
  97                 struct obd_device *obd = req->rq_import->imp_obd;
  98                 null_encode_sec_part(req->rq_reqbuf,
  99                                      obd->u.cli.cl_sec_part);
 100         }
 101         req->rq_reqdata_len = req->rq_reqlen;
 102         return 0;
 103 }
 104
 105 static
 106 int null_ctx_verify(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
 107 {
 108         __u32   cksums, cksumc;
 109
 110         LASSERT(req->rq_repdata);
 111
 112         /* real reply rq_repdata point inside of rq_reqbuf; early reply
 113          * rq_repdata point to a separate allocated space */
 114         if ((char *) req->rq_repdata < req->rq_repbuf ||
 115             (char *) req->rq_repdata >= req->rq_repbuf + req->rq_repbuf_len) {
 116                 cksums = req->rq_repdata->lm_cksum;
 117                 req->rq_repdata->lm_cksum = 0;
 118
 119                 if (req->rq_repdata->lm_magic == LUSTRE_MSG_MAGIC_V2_SWABBED)
 120                         __swab32s(&cksums);
 121
 122                 cksumc = crc32_le(!(__u32) 0, (unsigned char *)req->rq_repdata,
 123                                   req->rq_repdata_len);
 124                 if (cksumc != cksums) {
 125                         CWARN("early reply checksum mismatch: %08x != %08x\n",
 126                               cksumc, cksums);
 127                         return -EINVAL;
 128                 }
 129         }
 130
 131         req->rq_repmsg = req->rq_repdata;
 132         req->rq_replen = req->rq_repdata_len;
 133         return 0;
 134 }
 135
 136 static
 137 struct ptlrpc_sec *null_create_sec(struct obd_import *imp,
 138                                    struct ptlrpc_svc_ctx *svc_ctx,
 139                                    struct sptlrpc_flavor *sf)
 140 {
 141         LASSERT(RPC_FLVR_POLICY(sf->sf_rpc) == SPTLRPC_POLICY_NULL);
 142
 143         if (sf->sf_bulk_ciph != BULK_CIPH_ALG_NULL ||
 144             sf->sf_bulk_hash != BULK_HASH_ALG_NULL) {
 145                 CERROR("null sec don't support bulk algorithm: %u/%u\n",
 146                        sf->sf_bulk_ciph, sf->sf_bulk_hash);
 147                 return NULL;
 148         }
 149
 150         /* general layer has take a module reference for us, because we never
 151          * really destroy the sec, simply release the reference here.
 152          */
 153         sptlrpc_policy_put(&null_policy);
 154         return &null_sec;
 155 }
 156
 157 static
 158 void null_destroy_sec(struct ptlrpc_sec *sec)
 159 {
 160         LASSERT(sec == &null_sec);
 161 }
 162
 163 static
 164 struct ptlrpc_cli_ctx *null_lookup_ctx(struct ptlrpc_sec *sec,
 165                                        struct vfs_cred *vcred,
 166                                        int create, int remove_dead)
 167 {
 168         atomic_inc(&null_cli_ctx.cc_refcount);
 169         return &null_cli_ctx;
 170 }
 171
 172 static
 173 int null_flush_ctx_cache(struct ptlrpc_sec *sec,
 174                          uid_t uid,
 175                          int grace, int force)
 176 {
 177         return 0;
 178 }
 179
 180 static
 181 int null_alloc_reqbuf(struct ptlrpc_sec *sec,
 182                       struct ptlrpc_request *req,
 183                       int msgsize)
 184 {
 185         if (!req->rq_reqbuf) {
 186                 int alloc_size = size_roundup_power2(msgsize);
 187
 188                 LASSERT(!req->rq_pool);
 189                 OBD_ALLOC(req->rq_reqbuf, alloc_size);
 190                 if (!req->rq_reqbuf)
 191                         return -ENOMEM;
 192
 193                 req->rq_reqbuf_len = alloc_size;
 194         } else {
 195                 LASSERT(req->rq_pool);
 196                 LASSERT(req->rq_reqbuf_len >= msgsize);
 197                 memset(req->rq_reqbuf, 0, msgsize);
 198         }
 199
 200         req->rq_reqmsg = req->rq_reqbuf;
 201         return 0;
 202 }
 203
 204 static
 205 void null_free_reqbuf(struct ptlrpc_sec *sec,
 206                       struct ptlrpc_request *req)
 207 {
 208         if (!req->rq_pool) {
 209                 LASSERTF(req->rq_reqmsg == req->rq_reqbuf,
 210                          "req %p: reqmsg %p is not reqbuf %p in null sec\n",
 211                          req, req->rq_reqmsg, req->rq_reqbuf);
 212                 LASSERTF(req->rq_reqbuf_len >= req->rq_reqlen,
 213                          "req %p: reqlen %d should smaller than buflen %d\n",
 214                          req, req->rq_reqlen, req->rq_reqbuf_len);
 215
 216                 OBD_FREE(req->rq_reqbuf, req->rq_reqbuf_len);
 217                 req->rq_reqmsg = req->rq_reqbuf = NULL;
 218                 req->rq_reqbuf_len = 0;
 219         }
 220
 221         req->rq_reqmsg = NULL;
 222 }
 223
 224 static
 225 int null_alloc_repbuf(struct ptlrpc_sec *sec,
 226                       struct ptlrpc_request *req,
 227                       int msgsize)
 228 {
 229         /* add space for early replied */
 230         msgsize += lustre_msg_early_size();
 231
 232         msgsize = size_roundup_power2(msgsize);
 233
 234         OBD_ALLOC(req->rq_repbuf, msgsize);
 235         if (!req->rq_repbuf)
 236                 return -ENOMEM;
 237
 238         req->rq_repbuf_len = msgsize;
 239         return 0;
 240 }
 241
 242 static
 243 void null_free_repbuf(struct ptlrpc_sec *sec,
 244                       struct ptlrpc_request *req)
 245 {
 246         LASSERT(req->rq_repbuf);
 247
 248         OBD_FREE(req->rq_repbuf, req->rq_repbuf_len);
 249         req->rq_repbuf = NULL;
 250         req->rq_repbuf_len = 0;
 251
 252         req->rq_repmsg = NULL;
 253 }
 254
 255 static
 256 int null_enlarge_reqbuf(struct ptlrpc_sec *sec,
 257                         struct ptlrpc_request *req,
 258                         int segment, int newsize)
 259 {
 260         struct lustre_msg      *newbuf;
 261         struct lustre_msg      *oldbuf = req->rq_reqmsg;
 262         int                     oldsize, newmsg_size, alloc_size;
 263
 264         LASSERT(req->rq_reqbuf);
 265         LASSERT(req->rq_reqbuf == req->rq_reqmsg);
 266         LASSERT(req->rq_reqbuf_len >= req->rq_reqlen);
 267         LASSERT(req->rq_reqlen == lustre_packed_msg_size(oldbuf));
 268
 269         /* compute new message size */
 270         oldsize = req->rq_reqbuf->lm_buflens[segment];
 271         req->rq_reqbuf->lm_buflens[segment] = newsize;
 272         newmsg_size = lustre_packed_msg_size(oldbuf);
 273         req->rq_reqbuf->lm_buflens[segment] = oldsize;
 274
 275         /* request from pool should always have enough buffer */
 276         LASSERT(!req->rq_pool || req->rq_reqbuf_len >= newmsg_size);
 277
 278         if (req->rq_reqbuf_len < newmsg_size) {
 279                 alloc_size = size_roundup_power2(newmsg_size);
 280
 281                 OBD_ALLOC(newbuf, alloc_size);
 282                 if (newbuf == NULL)
 283                         return -ENOMEM;
 284
 285                 memcpy(newbuf, req->rq_reqbuf, req->rq_reqlen);
 286
 287                 OBD_FREE(req->rq_reqbuf, req->rq_reqbuf_len);
 288                 req->rq_reqbuf = req->rq_reqmsg = newbuf;
 289                 req->rq_reqbuf_len = alloc_size;
 290         }
 291
 292         _sptlrpc_enlarge_msg_inplace(req->rq_reqmsg, segment, newsize);
 293         req->rq_reqlen = newmsg_size;
 294
 295         return 0;
 296 }
 297
 298 static struct ptlrpc_svc_ctx null_svc_ctx = {
 299         .sc_refcount    = ATOMIC_INIT(1),
 300         .sc_policy      = &null_policy,
 301 };
 302
 303 static
 304 int null_accept(struct ptlrpc_request *req)
 305 {
 306         LASSERT(RPC_FLVR_POLICY(req->rq_flvr.sf_rpc) == SPTLRPC_POLICY_NULL);
 307
 308         if (req->rq_flvr.sf_rpc != SPTLRPC_FLVR_NULL) {
 309                 CERROR("Invalid rpc flavor 0x%x\n", req->rq_flvr.sf_rpc);
 310                 return SECSVC_DROP;
 311         }
 312
 313         req->rq_sp_from = null_decode_sec_part(req->rq_reqbuf);
 314
 315         req->rq_reqmsg = req->rq_reqbuf;
 316         req->rq_reqlen = req->rq_reqdata_len;
 317
 318         req->rq_svc_ctx = &null_svc_ctx;
 319         atomic_inc(&req->rq_svc_ctx->sc_refcount);
 320
 321         return SECSVC_OK;
 322 }
 323
 324 static
 325 int null_alloc_rs(struct ptlrpc_request *req, int msgsize)
 326 {
 327         struct ptlrpc_reply_state *rs;
 328         int rs_size = sizeof(*rs) + msgsize;
 329
 330         LASSERT(msgsize % 8 == 0);
 331
 332         rs = req->rq_reply_state;
 333
 334         if (rs) {
 335                 /* pre-allocated */
 336                 LASSERT(rs->rs_size >= rs_size);
 337         } else {
 338                 OBD_ALLOC(rs, rs_size);
 339                 if (rs == NULL)
 340                         return -ENOMEM;
 341
 342                 rs->rs_size = rs_size;
 343         }
 344
 345         rs->rs_svc_ctx = req->rq_svc_ctx;
 346         atomic_inc(&req->rq_svc_ctx->sc_refcount);
 347
 348         rs->rs_repbuf = (struct lustre_msg *) (rs + 1);
 349         rs->rs_repbuf_len = rs_size - sizeof(*rs);
 350         rs->rs_msg = rs->rs_repbuf;
 351
 352         req->rq_reply_state = rs;
 353         return 0;
 354 }
 355
 356 static
 357 void null_free_rs(struct ptlrpc_reply_state *rs)
 358 {
 359         LASSERT(atomic_read(&rs->rs_svc_ctx->sc_refcount) > 1);
 360         atomic_dec(&rs->rs_svc_ctx->sc_refcount);
 361
 362         if (!rs->rs_prealloc)
 363                 OBD_FREE(rs, rs->rs_size);
 364 }
 365
 366 static
 367 int null_authorize(struct ptlrpc_request *req)
 368 {
 369         struct ptlrpc_reply_state *rs = req->rq_reply_state;
 370
 371         LASSERT(rs);
 372
 373         rs->rs_repbuf->lm_secflvr = SPTLRPC_FLVR_NULL;
 374         rs->rs_repdata_len = req->rq_replen;
 375
 376         if (likely(req->rq_packed_final)) {
 377                 req->rq_reply_off = lustre_msg_early_size();
 378         } else {
 379                 rs->rs_repbuf->lm_cksum =
 380                                 crc32_le(!(__u32) 0,
 381                                          (unsigned char *)rs->rs_repbuf,
 382                                          rs->rs_repdata_len);
 383                 req->rq_reply_off = 0;
 384         }
 385
 386         return 0;
 387 }
 388
 389 static struct ptlrpc_ctx_ops null_ctx_ops = {
 390         .refresh                = null_ctx_refresh,
 391         .sign                   = null_ctx_sign,
 392         .verify                 = null_ctx_verify,
 393 };
 394
 395 static struct ptlrpc_sec_cops null_sec_cops = {
 396         .create_sec             = null_create_sec,
 397         .destroy_sec            = null_destroy_sec,
 398         .lookup_ctx             = null_lookup_ctx,
 399         .flush_ctx_cache        = null_flush_ctx_cache,
 400         .alloc_reqbuf           = null_alloc_reqbuf,
 401         .alloc_repbuf           = null_alloc_repbuf,
 402         .free_reqbuf            = null_free_reqbuf,
 403         .free_repbuf            = null_free_repbuf,
 404         .enlarge_reqbuf         = null_enlarge_reqbuf,
 405 };
 406
 407 static struct ptlrpc_sec_sops null_sec_sops = {
 408         .accept                 = null_accept,
 409         .alloc_rs               = null_alloc_rs,
 410         .authorize              = null_authorize,
 411         .free_rs                = null_free_rs,
 412 };
 413
 414 static struct ptlrpc_sec_policy null_policy = {
 415         .sp_owner               = THIS_MODULE,
 416         .sp_name                = "sec.null",
 417         .sp_policy              = SPTLRPC_POLICY_NULL,
 418         .sp_cops                = &null_sec_cops,
 419         .sp_sops                = &null_sec_sops,
 420 };
 421
 422 static void null_init_internal(void)
 423 {
 424         static HLIST_HEAD(__list);
 425
 426         null_sec.ps_policy = &null_policy;
 427         atomic_set(&null_sec.ps_refcount, 1);     /* always busy */
 428         null_sec.ps_id = -1;
 429         null_sec.ps_import = NULL;
 430         null_sec.ps_flvr.sf_rpc = SPTLRPC_FLVR_NULL;
 431         null_sec.ps_flvr.sf_bulk_ciph = BULK_CIPH_ALG_NULL;
 432         null_sec.ps_flvr.sf_bulk_hash = BULK_HASH_ALG_NULL;
 433         null_sec.ps_flvr.sf_flags = 0;
 434         null_sec.ps_part = LUSTRE_SP_ANY;
 435         null_sec.ps_dying = 0;
 436         spin_lock_init(&null_sec.ps_lock);
 437         atomic_set(&null_sec.ps_nctx, 1);         /* for "null_cli_ctx" */
 438         CFS_INIT_LIST_HEAD(&null_sec.ps_gc_list);
 439         null_sec.ps_gc_interval = 0;
 440         null_sec.ps_gc_next = 0;
 441
 442         hlist_add_head(&null_cli_ctx.cc_cache, &__list);
 443         atomic_set(&null_cli_ctx.cc_refcount, 1);    /* for hash */
 444         null_cli_ctx.cc_sec = &null_sec;
 445         null_cli_ctx.cc_ops = &null_ctx_ops;
 446         null_cli_ctx.cc_expire = 0;
 447         null_cli_ctx.cc_flags = PTLRPC_CTX_CACHED | PTLRPC_CTX_ETERNAL |
 448                                 PTLRPC_CTX_UPTODATE;
 449         null_cli_ctx.cc_vcred.vc_uid = 0;
 450         spin_lock_init(&null_cli_ctx.cc_lock);
 451         CFS_INIT_LIST_HEAD(&null_cli_ctx.cc_req_list);
 452         CFS_INIT_LIST_HEAD(&null_cli_ctx.cc_gc_chain);
 453 }
 454
 455 int sptlrpc_null_init(void)
 456 {
 457         int rc;
 458
 459         null_init_internal();
 460
 461         rc = sptlrpc_register_policy(&null_policy);
 462         if (rc)
 463                 CERROR("failed to register %s: %d\n", null_policy.sp_name, rc);
 464
 465         return rc;
 466 }
 467
 468 void sptlrpc_null_fini(void)
 469 {
 470         int rc;
 471
 472         rc = sptlrpc_unregister_policy(&null_policy);
 473         if (rc)
 474                 CERROR("failed to unregister %s: %d\n", null_policy.sp_name,rc);
 475 }