4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see
18 * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
20 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
21 * CA 95054 USA or visit www.sun.com if you need additional information or
27 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
28 * Use is subject to license terms.
30 * Copyright (c) 2011, 2012, Intel Corporation.
33 * This file is part of Lustre, http://www.lustre.org/
34 * Lustre is a trademark of Sun Microsystems, Inc.
36 * lustre/ptlrpc/sec_plain.c
38 * Author: Eric Mei <ericm@clusterfs.com>
41 #define DEBUG_SUBSYSTEM S_SEC
44 #include <liblustre.h>
47 #include <obd_support.h>
48 #include <obd_cksum.h>
49 #include <obd_class.h>
50 #include <lustre_net.h>
51 #include <lustre_sec.h>
54 struct ptlrpc_sec pls_base;
56 struct ptlrpc_cli_ctx *pls_ctx;
59 static inline struct plain_sec *sec2plsec(struct ptlrpc_sec *sec)
61 return container_of(sec, struct plain_sec, pls_base);
64 static struct ptlrpc_sec_policy plain_policy;
65 static struct ptlrpc_ctx_ops plain_ctx_ops;
66 static struct ptlrpc_svc_ctx plain_svc_ctx;
68 static unsigned int plain_at_offset;
71 * for simplicity, plain policy rpc use fixed layout.
73 #define PLAIN_PACK_SEGMENTS (4)
75 #define PLAIN_PACK_HDR_OFF (0)
76 #define PLAIN_PACK_MSG_OFF (1)
77 #define PLAIN_PACK_USER_OFF (2)
78 #define PLAIN_PACK_BULK_OFF (3)
80 #define PLAIN_FL_USER (0x01)
81 #define PLAIN_FL_BULK (0x02)
86 __u8 ph_sp; /* source */
87 __u8 ph_bulk_hash_alg; /* complete flavor desc */
91 struct plain_bulk_token {
95 #define PLAIN_BSD_SIZE \
96 (sizeof(struct ptlrpc_bulk_sec_desc) + sizeof(struct plain_bulk_token))
98 /****************************************
99 * bulk checksum helpers *
100 ****************************************/
102 static int plain_unpack_bsd(struct lustre_msg *msg, int swabbed)
104 struct ptlrpc_bulk_sec_desc *bsd;
106 if (bulk_sec_desc_unpack(msg, PLAIN_PACK_BULK_OFF, swabbed))
109 bsd = lustre_msg_buf(msg, PLAIN_PACK_BULK_OFF, PLAIN_BSD_SIZE);
111 CERROR("bulk sec desc has short size %d\n",
112 lustre_msg_buflen(msg, PLAIN_PACK_BULK_OFF));
116 if (bsd->bsd_svc != SPTLRPC_BULK_SVC_NULL &&
117 bsd->bsd_svc != SPTLRPC_BULK_SVC_INTG) {
118 CERROR("invalid bulk svc %u\n", bsd->bsd_svc);
125 static int plain_generate_bulk_csum(struct ptlrpc_bulk_desc *desc,
127 struct plain_bulk_token *token)
129 if (hash_alg == BULK_HASH_ALG_NULL)
132 memset(token->pbt_hash, 0, sizeof(token->pbt_hash));
133 return sptlrpc_get_bulk_checksum(desc, hash_alg, token->pbt_hash,
134 sizeof(token->pbt_hash));
137 static int plain_verify_bulk_csum(struct ptlrpc_bulk_desc *desc,
139 struct plain_bulk_token *tokenr)
141 struct plain_bulk_token tokenv;
144 if (hash_alg == BULK_HASH_ALG_NULL)
147 memset(&tokenv.pbt_hash, 0, sizeof(tokenv.pbt_hash));
148 rc = sptlrpc_get_bulk_checksum(desc, hash_alg, tokenv.pbt_hash,
149 sizeof(tokenv.pbt_hash));
153 if (memcmp(tokenr->pbt_hash, tokenv.pbt_hash, sizeof(tokenr->pbt_hash)))
159 static void corrupt_bulk_data(struct ptlrpc_bulk_desc *desc)
164 for (i = 0; i < desc->bd_iov_count; i++) {
165 if (desc->bd_iov[i].kiov_len == 0)
168 ptr = kmap(desc->bd_iov[i].kiov_page);
169 off = desc->bd_iov[i].kiov_offset & ~CFS_PAGE_MASK;
171 kunmap(desc->bd_iov[i].kiov_page);
176 static void corrupt_bulk_data(struct ptlrpc_bulk_desc *desc)
180 for (i = 0; i < desc->bd_iov_count; i++) {
181 if (desc->bd_iov[i].iov_len == 0)
184 ((char *)desc->bd_iov[i].iov_base)[i] ^= 0x1;
188 #endif /* __KERNEL__ */
190 /****************************************
192 ****************************************/
195 int plain_ctx_refresh(struct ptlrpc_cli_ctx *ctx)
197 /* should never reach here */
203 int plain_ctx_validate(struct ptlrpc_cli_ctx *ctx)
209 int plain_ctx_sign(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
211 struct lustre_msg *msg = req->rq_reqbuf;
212 struct plain_header *phdr;
215 msg->lm_secflvr = req->rq_flvr.sf_rpc;
217 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, 0);
220 phdr->ph_sp = ctx->cc_sec->ps_part;
221 phdr->ph_bulk_hash_alg = req->rq_flvr.u_bulk.hash.hash_alg;
223 if (req->rq_pack_udesc)
224 phdr->ph_flags |= PLAIN_FL_USER;
225 if (req->rq_pack_bulk)
226 phdr->ph_flags |= PLAIN_FL_BULK;
228 req->rq_reqdata_len = lustre_msg_size_v2(msg->lm_bufcount,
234 int plain_ctx_verify(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
236 struct lustre_msg *msg = req->rq_repdata;
237 struct plain_header *phdr;
242 if (msg->lm_bufcount != PLAIN_PACK_SEGMENTS) {
243 CERROR("unexpected reply buf count %u\n", msg->lm_bufcount);
247 swabbed = ptlrpc_rep_need_swab(req);
249 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, sizeof(*phdr));
251 CERROR("missing plain header\n");
255 if (phdr->ph_ver != 0) {
256 CERROR("Invalid header version\n");
260 /* expect no user desc in reply */
261 if (phdr->ph_flags & PLAIN_FL_USER) {
262 CERROR("Unexpected udesc flag in reply\n");
266 if (phdr->ph_bulk_hash_alg != req->rq_flvr.u_bulk.hash.hash_alg) {
267 CERROR("reply bulk flavor %u != %u\n", phdr->ph_bulk_hash_alg,
268 req->rq_flvr.u_bulk.hash.hash_alg);
272 if (unlikely(req->rq_early)) {
273 unsigned int hsize = 4;
275 cfs_crypto_hash_digest(CFS_HASH_ALG_CRC32,
276 lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
277 lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF),
278 NULL, 0, (unsigned char *)&cksum, &hsize);
279 if (cksum != msg->lm_cksum) {
281 "early reply checksum mismatch: %08x != %08x\n",
282 cpu_to_le32(cksum), msg->lm_cksum);
286 /* whether we sent with bulk or not, we expect the same
287 * in reply, except for early reply */
288 if (!req->rq_early &&
289 !equi(req->rq_pack_bulk == 1,
290 phdr->ph_flags & PLAIN_FL_BULK)) {
291 CERROR("%s bulk checksum in reply\n",
292 req->rq_pack_bulk ? "Missing" : "Unexpected");
296 if (phdr->ph_flags & PLAIN_FL_BULK) {
297 if (plain_unpack_bsd(msg, swabbed))
302 req->rq_repmsg = lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0);
303 req->rq_replen = lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF);
308 int plain_cli_wrap_bulk(struct ptlrpc_cli_ctx *ctx,
309 struct ptlrpc_request *req,
310 struct ptlrpc_bulk_desc *desc)
312 struct ptlrpc_bulk_sec_desc *bsd;
313 struct plain_bulk_token *token;
316 LASSERT(req->rq_pack_bulk);
317 LASSERT(req->rq_reqbuf->lm_bufcount == PLAIN_PACK_SEGMENTS);
319 bsd = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
320 token = (struct plain_bulk_token *) bsd->bsd_data;
322 bsd->bsd_version = 0;
324 bsd->bsd_type = SPTLRPC_BULK_DEFAULT;
325 bsd->bsd_svc = SPTLRPC_FLVR_BULK_SVC(req->rq_flvr.sf_rpc);
327 if (bsd->bsd_svc == SPTLRPC_BULK_SVC_NULL)
330 if (req->rq_bulk_read)
333 rc = plain_generate_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
336 CERROR("bulk write: failed to compute checksum: %d\n", rc);
339 * for sending we only compute the wrong checksum instead
340 * of corrupting the data so it is still correct on a redo
342 if (OBD_FAIL_CHECK(OBD_FAIL_OSC_CHECKSUM_SEND) &&
343 req->rq_flvr.u_bulk.hash.hash_alg != BULK_HASH_ALG_NULL)
344 token->pbt_hash[0] ^= 0x1;
351 int plain_cli_unwrap_bulk(struct ptlrpc_cli_ctx *ctx,
352 struct ptlrpc_request *req,
353 struct ptlrpc_bulk_desc *desc)
355 struct ptlrpc_bulk_sec_desc *bsdv;
356 struct plain_bulk_token *tokenv;
362 LASSERT(req->rq_pack_bulk);
363 LASSERT(req->rq_reqbuf->lm_bufcount == PLAIN_PACK_SEGMENTS);
364 LASSERT(req->rq_repdata->lm_bufcount == PLAIN_PACK_SEGMENTS);
366 bsdv = lustre_msg_buf(req->rq_repdata, PLAIN_PACK_BULK_OFF, 0);
367 tokenv = (struct plain_bulk_token *) bsdv->bsd_data;
369 if (req->rq_bulk_write) {
370 if (bsdv->bsd_flags & BSD_FL_ERR)
376 /* fix the actual data size */
377 for (i = 0, nob = 0; i < desc->bd_iov_count; i++) {
378 if (desc->bd_iov[i].kiov_len + nob > desc->bd_nob_transferred) {
379 desc->bd_iov[i].kiov_len =
380 desc->bd_nob_transferred - nob;
382 nob += desc->bd_iov[i].kiov_len;
386 rc = plain_verify_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
389 CERROR("bulk read: client verify failed: %d\n", rc);
394 /****************************************
396 ****************************************/
399 struct ptlrpc_cli_ctx *plain_sec_install_ctx(struct plain_sec *plsec)
401 struct ptlrpc_cli_ctx *ctx, *ctx_new;
403 OBD_ALLOC_PTR(ctx_new);
405 write_lock(&plsec->pls_lock);
407 ctx = plsec->pls_ctx;
409 atomic_inc(&ctx->cc_refcount);
412 OBD_FREE_PTR(ctx_new);
413 } else if (ctx_new) {
416 atomic_set(&ctx->cc_refcount, 1); /* for cache */
417 ctx->cc_sec = &plsec->pls_base;
418 ctx->cc_ops = &plain_ctx_ops;
420 ctx->cc_flags = PTLRPC_CTX_CACHED | PTLRPC_CTX_UPTODATE;
421 ctx->cc_vcred.vc_uid = 0;
422 spin_lock_init(&ctx->cc_lock);
423 CFS_INIT_LIST_HEAD(&ctx->cc_req_list);
424 CFS_INIT_LIST_HEAD(&ctx->cc_gc_chain);
426 plsec->pls_ctx = ctx;
427 atomic_inc(&plsec->pls_base.ps_nctx);
428 atomic_inc(&plsec->pls_base.ps_refcount);
430 atomic_inc(&ctx->cc_refcount); /* for caller */
433 write_unlock(&plsec->pls_lock);
439 void plain_destroy_sec(struct ptlrpc_sec *sec)
441 struct plain_sec *plsec = sec2plsec(sec);
444 LASSERT(sec->ps_policy == &plain_policy);
445 LASSERT(sec->ps_import);
446 LASSERT(atomic_read(&sec->ps_refcount) == 0);
447 LASSERT(atomic_read(&sec->ps_nctx) == 0);
448 LASSERT(plsec->pls_ctx == NULL);
450 class_import_put(sec->ps_import);
457 void plain_kill_sec(struct ptlrpc_sec *sec)
463 struct ptlrpc_sec *plain_create_sec(struct obd_import *imp,
464 struct ptlrpc_svc_ctx *svc_ctx,
465 struct sptlrpc_flavor *sf)
467 struct plain_sec *plsec;
468 struct ptlrpc_sec *sec;
469 struct ptlrpc_cli_ctx *ctx;
472 LASSERT(SPTLRPC_FLVR_POLICY(sf->sf_rpc) == SPTLRPC_POLICY_PLAIN);
474 OBD_ALLOC_PTR(plsec);
479 * initialize plain_sec
481 rwlock_init(&plsec->pls_lock);
482 plsec->pls_ctx = NULL;
484 sec = &plsec->pls_base;
485 sec->ps_policy = &plain_policy;
486 atomic_set(&sec->ps_refcount, 0);
487 atomic_set(&sec->ps_nctx, 0);
488 sec->ps_id = sptlrpc_get_next_secid();
489 sec->ps_import = class_import_get(imp);
491 spin_lock_init(&sec->ps_lock);
492 CFS_INIT_LIST_HEAD(&sec->ps_gc_list);
493 sec->ps_gc_interval = 0;
496 /* install ctx immediately if this is a reverse sec */
498 ctx = plain_sec_install_ctx(plsec);
500 plain_destroy_sec(sec);
503 sptlrpc_cli_ctx_put(ctx, 1);
510 struct ptlrpc_cli_ctx *plain_lookup_ctx(struct ptlrpc_sec *sec,
511 struct vfs_cred *vcred,
512 int create, int remove_dead)
514 struct plain_sec *plsec = sec2plsec(sec);
515 struct ptlrpc_cli_ctx *ctx;
518 read_lock(&plsec->pls_lock);
519 ctx = plsec->pls_ctx;
521 atomic_inc(&ctx->cc_refcount);
522 read_unlock(&plsec->pls_lock);
524 if (unlikely(ctx == NULL))
525 ctx = plain_sec_install_ctx(plsec);
531 void plain_release_ctx(struct ptlrpc_sec *sec,
532 struct ptlrpc_cli_ctx *ctx, int sync)
534 LASSERT(atomic_read(&sec->ps_refcount) > 0);
535 LASSERT(atomic_read(&sec->ps_nctx) > 0);
536 LASSERT(atomic_read(&ctx->cc_refcount) == 0);
537 LASSERT(ctx->cc_sec == sec);
541 atomic_dec(&sec->ps_nctx);
542 sptlrpc_sec_put(sec);
546 int plain_flush_ctx_cache(struct ptlrpc_sec *sec,
547 uid_t uid, int grace, int force)
549 struct plain_sec *plsec = sec2plsec(sec);
550 struct ptlrpc_cli_ctx *ctx;
553 /* do nothing unless caller want to flush for 'all' */
557 write_lock(&plsec->pls_lock);
558 ctx = plsec->pls_ctx;
559 plsec->pls_ctx = NULL;
560 write_unlock(&plsec->pls_lock);
563 sptlrpc_cli_ctx_put(ctx, 1);
568 int plain_alloc_reqbuf(struct ptlrpc_sec *sec,
569 struct ptlrpc_request *req,
572 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
576 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
577 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
579 if (req->rq_pack_udesc)
580 buflens[PLAIN_PACK_USER_OFF] = sptlrpc_current_user_desc_size();
582 if (req->rq_pack_bulk) {
583 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
584 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
587 alloc_len = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
589 if (!req->rq_reqbuf) {
590 LASSERT(!req->rq_pool);
592 alloc_len = size_roundup_power2(alloc_len);
593 OBD_ALLOC_LARGE(req->rq_reqbuf, alloc_len);
597 req->rq_reqbuf_len = alloc_len;
599 LASSERT(req->rq_pool);
600 LASSERT(req->rq_reqbuf_len >= alloc_len);
601 memset(req->rq_reqbuf, 0, alloc_len);
604 lustre_init_msg_v2(req->rq_reqbuf, PLAIN_PACK_SEGMENTS, buflens, NULL);
605 req->rq_reqmsg = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_MSG_OFF, 0);
607 if (req->rq_pack_udesc)
608 sptlrpc_pack_user_desc(req->rq_reqbuf, PLAIN_PACK_USER_OFF);
614 void plain_free_reqbuf(struct ptlrpc_sec *sec,
615 struct ptlrpc_request *req)
619 OBD_FREE_LARGE(req->rq_reqbuf, req->rq_reqbuf_len);
620 req->rq_reqbuf = NULL;
621 req->rq_reqbuf_len = 0;
627 int plain_alloc_repbuf(struct ptlrpc_sec *sec,
628 struct ptlrpc_request *req,
631 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
635 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
636 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
638 if (req->rq_pack_bulk) {
639 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
640 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
643 alloc_len = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
645 /* add space for early reply */
646 alloc_len += plain_at_offset;
648 alloc_len = size_roundup_power2(alloc_len);
650 OBD_ALLOC_LARGE(req->rq_repbuf, alloc_len);
654 req->rq_repbuf_len = alloc_len;
659 void plain_free_repbuf(struct ptlrpc_sec *sec,
660 struct ptlrpc_request *req)
663 OBD_FREE_LARGE(req->rq_repbuf, req->rq_repbuf_len);
664 req->rq_repbuf = NULL;
665 req->rq_repbuf_len = 0;
670 int plain_enlarge_reqbuf(struct ptlrpc_sec *sec,
671 struct ptlrpc_request *req,
672 int segment, int newsize)
674 struct lustre_msg *newbuf;
676 int newmsg_size, newbuf_size;
679 LASSERT(req->rq_reqbuf);
680 LASSERT(req->rq_reqbuf_len >= req->rq_reqlen);
681 LASSERT(lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_MSG_OFF, 0) ==
684 /* compute new embedded msg size. */
685 oldsize = req->rq_reqmsg->lm_buflens[segment];
686 req->rq_reqmsg->lm_buflens[segment] = newsize;
687 newmsg_size = lustre_msg_size_v2(req->rq_reqmsg->lm_bufcount,
688 req->rq_reqmsg->lm_buflens);
689 req->rq_reqmsg->lm_buflens[segment] = oldsize;
691 /* compute new wrapper msg size. */
692 oldsize = req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF];
693 req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF] = newmsg_size;
694 newbuf_size = lustre_msg_size_v2(req->rq_reqbuf->lm_bufcount,
695 req->rq_reqbuf->lm_buflens);
696 req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF] = oldsize;
698 /* request from pool should always have enough buffer */
699 LASSERT(!req->rq_pool || req->rq_reqbuf_len >= newbuf_size);
701 if (req->rq_reqbuf_len < newbuf_size) {
702 newbuf_size = size_roundup_power2(newbuf_size);
704 OBD_ALLOC_LARGE(newbuf, newbuf_size);
708 /* Must lock this, so that otherwise unprotected change of
709 * rq_reqmsg is not racing with parallel processing of
710 * imp_replay_list traversing threads. See LU-3333
711 * This is a bandaid at best, we really need to deal with this
712 * in request enlarging code before unpacking that's already
715 spin_lock(&req->rq_import->imp_lock);
717 memcpy(newbuf, req->rq_reqbuf, req->rq_reqbuf_len);
719 OBD_FREE_LARGE(req->rq_reqbuf, req->rq_reqbuf_len);
720 req->rq_reqbuf = newbuf;
721 req->rq_reqbuf_len = newbuf_size;
722 req->rq_reqmsg = lustre_msg_buf(req->rq_reqbuf,
723 PLAIN_PACK_MSG_OFF, 0);
726 spin_unlock(&req->rq_import->imp_lock);
729 _sptlrpc_enlarge_msg_inplace(req->rq_reqbuf, PLAIN_PACK_MSG_OFF,
731 _sptlrpc_enlarge_msg_inplace(req->rq_reqmsg, segment, newsize);
733 req->rq_reqlen = newmsg_size;
737 /****************************************
739 ****************************************/
741 static struct ptlrpc_svc_ctx plain_svc_ctx = {
742 .sc_refcount = ATOMIC_INIT(1),
743 .sc_policy = &plain_policy,
747 int plain_accept(struct ptlrpc_request *req)
749 struct lustre_msg *msg = req->rq_reqbuf;
750 struct plain_header *phdr;
754 LASSERT(SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc) ==
755 SPTLRPC_POLICY_PLAIN);
757 if (SPTLRPC_FLVR_BASE(req->rq_flvr.sf_rpc) !=
758 SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_PLAIN) ||
759 SPTLRPC_FLVR_BULK_TYPE(req->rq_flvr.sf_rpc) !=
760 SPTLRPC_FLVR_BULK_TYPE(SPTLRPC_FLVR_PLAIN)) {
761 CERROR("Invalid rpc flavor %x\n", req->rq_flvr.sf_rpc);
765 if (msg->lm_bufcount < PLAIN_PACK_SEGMENTS) {
766 CERROR("unexpected request buf count %u\n", msg->lm_bufcount);
770 swabbed = ptlrpc_req_need_swab(req);
772 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, sizeof(*phdr));
774 CERROR("missing plain header\n");
778 if (phdr->ph_ver != 0) {
779 CERROR("Invalid header version\n");
783 if (phdr->ph_bulk_hash_alg >= BULK_HASH_ALG_MAX) {
784 CERROR("invalid hash algorithm: %u\n", phdr->ph_bulk_hash_alg);
788 req->rq_sp_from = phdr->ph_sp;
789 req->rq_flvr.u_bulk.hash.hash_alg = phdr->ph_bulk_hash_alg;
791 if (phdr->ph_flags & PLAIN_FL_USER) {
792 if (sptlrpc_unpack_user_desc(msg, PLAIN_PACK_USER_OFF,
794 CERROR("Mal-formed user descriptor\n");
798 req->rq_pack_udesc = 1;
799 req->rq_user_desc = lustre_msg_buf(msg, PLAIN_PACK_USER_OFF, 0);
802 if (phdr->ph_flags & PLAIN_FL_BULK) {
803 if (plain_unpack_bsd(msg, swabbed))
806 req->rq_pack_bulk = 1;
809 req->rq_reqmsg = lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0);
810 req->rq_reqlen = msg->lm_buflens[PLAIN_PACK_MSG_OFF];
812 req->rq_svc_ctx = &plain_svc_ctx;
813 atomic_inc(&req->rq_svc_ctx->sc_refcount);
819 int plain_alloc_rs(struct ptlrpc_request *req, int msgsize)
821 struct ptlrpc_reply_state *rs;
822 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
823 int rs_size = sizeof(*rs);
826 LASSERT(msgsize % 8 == 0);
828 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
829 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
831 if (req->rq_pack_bulk && (req->rq_bulk_read || req->rq_bulk_write))
832 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
834 rs_size += lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
836 rs = req->rq_reply_state;
840 LASSERT(rs->rs_size >= rs_size);
842 OBD_ALLOC_LARGE(rs, rs_size);
846 rs->rs_size = rs_size;
849 rs->rs_svc_ctx = req->rq_svc_ctx;
850 atomic_inc(&req->rq_svc_ctx->sc_refcount);
851 rs->rs_repbuf = (struct lustre_msg *) (rs + 1);
852 rs->rs_repbuf_len = rs_size - sizeof(*rs);
854 lustre_init_msg_v2(rs->rs_repbuf, PLAIN_PACK_SEGMENTS, buflens, NULL);
855 rs->rs_msg = lustre_msg_buf_v2(rs->rs_repbuf, PLAIN_PACK_MSG_OFF, 0);
857 req->rq_reply_state = rs;
862 void plain_free_rs(struct ptlrpc_reply_state *rs)
866 LASSERT(atomic_read(&rs->rs_svc_ctx->sc_refcount) > 1);
867 atomic_dec(&rs->rs_svc_ctx->sc_refcount);
869 if (!rs->rs_prealloc)
870 OBD_FREE_LARGE(rs, rs->rs_size);
875 int plain_authorize(struct ptlrpc_request *req)
877 struct ptlrpc_reply_state *rs = req->rq_reply_state;
878 struct lustre_msg_v2 *msg = rs->rs_repbuf;
879 struct plain_header *phdr;
886 if (req->rq_replen != msg->lm_buflens[PLAIN_PACK_MSG_OFF])
887 len = lustre_shrink_msg(msg, PLAIN_PACK_MSG_OFF,
890 len = lustre_msg_size_v2(msg->lm_bufcount, msg->lm_buflens);
892 msg->lm_secflvr = req->rq_flvr.sf_rpc;
894 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, 0);
897 phdr->ph_bulk_hash_alg = req->rq_flvr.u_bulk.hash.hash_alg;
899 if (req->rq_pack_bulk)
900 phdr->ph_flags |= PLAIN_FL_BULK;
902 rs->rs_repdata_len = len;
904 if (likely(req->rq_packed_final)) {
905 if (lustre_msghdr_get_flags(req->rq_reqmsg) & MSGHDR_AT_SUPPORT)
906 req->rq_reply_off = plain_at_offset;
908 req->rq_reply_off = 0;
910 unsigned int hsize = 4;
912 cfs_crypto_hash_digest(CFS_HASH_ALG_CRC32,
913 lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
914 lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF),
915 NULL, 0, (unsigned char *)&msg->lm_cksum, &hsize);
916 req->rq_reply_off = 0;
923 int plain_svc_unwrap_bulk(struct ptlrpc_request *req,
924 struct ptlrpc_bulk_desc *desc)
926 struct ptlrpc_reply_state *rs = req->rq_reply_state;
927 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
928 struct plain_bulk_token *tokenr;
931 LASSERT(req->rq_bulk_write);
932 LASSERT(req->rq_pack_bulk);
934 bsdr = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
935 tokenr = (struct plain_bulk_token *) bsdr->bsd_data;
936 bsdv = lustre_msg_buf(rs->rs_repbuf, PLAIN_PACK_BULK_OFF, 0);
938 bsdv->bsd_version = 0;
939 bsdv->bsd_type = SPTLRPC_BULK_DEFAULT;
940 bsdv->bsd_svc = bsdr->bsd_svc;
943 if (bsdr->bsd_svc == SPTLRPC_BULK_SVC_NULL)
946 rc = plain_verify_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
949 bsdv->bsd_flags |= BSD_FL_ERR;
950 CERROR("bulk write: server verify failed: %d\n", rc);
957 int plain_svc_wrap_bulk(struct ptlrpc_request *req,
958 struct ptlrpc_bulk_desc *desc)
960 struct ptlrpc_reply_state *rs = req->rq_reply_state;
961 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
962 struct plain_bulk_token *tokenv;
965 LASSERT(req->rq_bulk_read);
966 LASSERT(req->rq_pack_bulk);
968 bsdr = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
969 bsdv = lustre_msg_buf(rs->rs_repbuf, PLAIN_PACK_BULK_OFF, 0);
970 tokenv = (struct plain_bulk_token *) bsdv->bsd_data;
972 bsdv->bsd_version = 0;
973 bsdv->bsd_type = SPTLRPC_BULK_DEFAULT;
974 bsdv->bsd_svc = bsdr->bsd_svc;
977 if (bsdr->bsd_svc == SPTLRPC_BULK_SVC_NULL)
980 rc = plain_generate_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
983 CERROR("bulk read: server failed to compute "
984 "checksum: %d\n", rc);
986 if (OBD_FAIL_CHECK(OBD_FAIL_OSC_CHECKSUM_RECEIVE))
987 corrupt_bulk_data(desc);
993 static struct ptlrpc_ctx_ops plain_ctx_ops = {
994 .refresh = plain_ctx_refresh,
995 .validate = plain_ctx_validate,
996 .sign = plain_ctx_sign,
997 .verify = plain_ctx_verify,
998 .wrap_bulk = plain_cli_wrap_bulk,
999 .unwrap_bulk = plain_cli_unwrap_bulk,
1002 static struct ptlrpc_sec_cops plain_sec_cops = {
1003 .create_sec = plain_create_sec,
1004 .destroy_sec = plain_destroy_sec,
1005 .kill_sec = plain_kill_sec,
1006 .lookup_ctx = plain_lookup_ctx,
1007 .release_ctx = plain_release_ctx,
1008 .flush_ctx_cache = plain_flush_ctx_cache,
1009 .alloc_reqbuf = plain_alloc_reqbuf,
1010 .free_reqbuf = plain_free_reqbuf,
1011 .alloc_repbuf = plain_alloc_repbuf,
1012 .free_repbuf = plain_free_repbuf,
1013 .enlarge_reqbuf = plain_enlarge_reqbuf,
1016 static struct ptlrpc_sec_sops plain_sec_sops = {
1017 .accept = plain_accept,
1018 .alloc_rs = plain_alloc_rs,
1019 .authorize = plain_authorize,
1020 .free_rs = plain_free_rs,
1021 .unwrap_bulk = plain_svc_unwrap_bulk,
1022 .wrap_bulk = plain_svc_wrap_bulk,
1025 static struct ptlrpc_sec_policy plain_policy = {
1026 .sp_owner = THIS_MODULE,
1028 .sp_policy = SPTLRPC_POLICY_PLAIN,
1029 .sp_cops = &plain_sec_cops,
1030 .sp_sops = &plain_sec_sops,
1033 int sptlrpc_plain_init(void)
1035 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
1038 buflens[PLAIN_PACK_MSG_OFF] = lustre_msg_early_size();
1039 plain_at_offset = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
1041 rc = sptlrpc_register_policy(&plain_policy);
1043 CERROR("failed to register: %d\n", rc);
1048 void sptlrpc_plain_fini(void)
1052 rc = sptlrpc_unregister_policy(&plain_policy);
1054 CERROR("cannot unregister: %d\n", rc);
git://git.whamcloud.com / fs / lustre-release.git / blob