lustre/sec/sec_null.c

   1 /* -*- mode: c; c-basic-offset: 8; indent-tabs-mode: nil; -*-
   2  * vim:expandtab:shiftwidth=8:tabstop=8:
   3  *
   4  * Copyright (C) 2004 Cluster File Systems, Inc.
   5  *
   6  *   This file is part of Lustre, http://www.lustre.org.
   7  *
   8  *   Lustre is free software; you can redistribute it and/or
   9  *   modify it under the terms of version 2 of the GNU General Public
  10  *   License as published by the Free Software Foundation.
  11  *
  12  *   Lustre is distributed in the hope that it will be useful,
  13  *   but WITHOUT ANY WARRANTY; without even the implied warranty of
  14  *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  15  *   GNU General Public License for more details.
  16  *
  17  *   You should have received a copy of the GNU General Public License
  18  *   along with Lustre; if not, write to the Free Software
  19  *   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
  20  */
  21
  22 #ifndef EXPORT_SYMTAB
  23 # define EXPORT_SYMTAB
  24 #endif
  25 #define DEBUG_SUBSYSTEM S_SEC
  26 #ifdef __KERNEL__
  27 #include <linux/init.h>
  28 #include <linux/module.h>
  29 #include <linux/slab.h>
  30 #else
  31 #include <liblustre.h>
  32 #endif
  33
  34 #include <libcfs/kp30.h>
  35 #include <linux/obd_support.h>
  36 #include <linux/lustre_net.h>
  37 #include <linux/lustre_sec.h>
  38
  39 static int null_cred_refresh(struct ptlrpc_cred *cred)
  40 {
  41         ENTRY;
  42         LASSERT(cred->pc_flags & PTLRPC_CRED_UPTODATE);
  43         RETURN(0);
  44 }
  45
  46 static int null_cred_match(struct ptlrpc_cred *cred,
  47                            struct ptlrpc_request *req,
  48                            struct vfs_cred *vcred)
  49 {
  50         ENTRY;
  51         RETURN(1);
  52 }
  53
  54 static int null_cred_sign(struct ptlrpc_cred *cred,
  55                           struct ptlrpc_request *req)
  56 {
  57         struct ptlrpcs_wire_hdr *hdr = buf_to_sec_hdr(req->rq_reqbuf);
  58         ENTRY;
  59
  60         hdr->sec_len = cpu_to_le32(0);
  61
  62         RETURN(0);
  63 }
  64
  65 static int null_cred_verify(struct ptlrpc_cred *cred,
  66                             struct ptlrpc_request *req)
  67 {
  68         struct ptlrpcs_wire_hdr *hdr = buf_to_sec_hdr(req->rq_repbuf);
  69
  70         if (hdr->sec_len != 0) {
  71                 CERROR("security payload %u not zero\n", hdr->sec_len);
  72                 RETURN(-EPROTO);
  73         }
  74
  75         req->rq_repmsg = (struct lustre_msg *)(hdr + 1);
  76         req->rq_replen = hdr->msg_len;
  77         CDEBUG(D_SEC, "set repmsg at %p, len %d\n",
  78                req->rq_repmsg, req->rq_replen);
  79
  80         RETURN(0);
  81 }
  82
  83 static void null_cred_destroy(struct ptlrpc_cred *cred)
  84 {
  85         LASSERT(!atomic_read(&cred->pc_refcount));
  86
  87         CDEBUG(D_SEC, "NULL_SEC: destroy cred %p\n", cred);
  88         OBD_FREE(cred, sizeof(*cred));
  89 }
  90
  91 static struct ptlrpc_credops null_credops = {
  92         .refresh        = null_cred_refresh,
  93         .match          = null_cred_match,
  94         .sign           = null_cred_sign,
  95         .verify         = null_cred_verify,
  96         .destroy        = null_cred_destroy,
  97 };
  98
  99 static
 100 struct ptlrpc_sec* null_create_sec(ptlrpcs_flavor_t *flavor,
 101                                    const char *pipe_dir,
 102                                    void *pipe_data)
 103 {
 104         struct ptlrpc_sec *sec;
 105         ENTRY;
 106
 107         LASSERT(flavor->flavor == PTLRPC_SEC_NULL);
 108
 109         OBD_ALLOC(sec, sizeof(*sec));
 110         if (!sec)
 111                 RETURN(ERR_PTR(-ENOMEM));
 112
 113         sec->ps_sectype = PTLRPC_SEC_TYPE_NONE;
 114         sec->ps_expire = (-1UL >> 1); /* never expire */
 115         sec->ps_nextgc = (-1UL >> 1);
 116         sec->ps_flags = 0;
 117
 118         CDEBUG(D_SEC, "Create NULL security module at %p\n", sec);
 119         RETURN(sec);
 120 }
 121
 122 static
 123 void null_destroy_sec(struct ptlrpc_sec *sec)
 124 {
 125         ENTRY;
 126
 127         CDEBUG(D_SEC, "Destroy NULL security module at %p\n", sec);
 128
 129         LASSERT(!atomic_read(&sec->ps_refcount));
 130         OBD_FREE(sec, sizeof(*sec));
 131         EXIT;
 132 }
 133
 134 static
 135 struct ptlrpc_cred* null_create_cred(struct ptlrpc_sec *sec,
 136                                      struct ptlrpc_request *req,
 137                                      struct vfs_cred *vcred)
 138 {
 139         struct ptlrpc_cred *cred;
 140         ENTRY;
 141
 142         OBD_ALLOC(cred, sizeof(*cred));
 143         if (!cred)
 144                 RETURN(NULL);
 145
 146         INIT_LIST_HEAD(&cred->pc_hash);
 147         atomic_set(&cred->pc_refcount, 0);
 148         cred->pc_sec = sec;
 149         cred->pc_ops = &null_credops;
 150         cred->pc_req = req;
 151         cred->pc_expire = (-1UL >> 1); /* never expire */
 152         cred->pc_flags = PTLRPC_CRED_UPTODATE;
 153         cred->pc_pag = vcred->vc_pag;
 154         cred->pc_uid = vcred->vc_uid;
 155         CDEBUG(D_SEC, "create a null cred at %p("LPU64"/%u)\n",
 156                cred, vcred->vc_pag, vcred->vc_uid);
 157
 158         RETURN(cred);
 159 }
 160
 161 static struct ptlrpc_secops null_secops = {
 162         .create_sec     = null_create_sec,
 163         .destroy_sec    = null_destroy_sec,
 164         .create_cred    = null_create_cred,
 165 };
 166
 167 static struct ptlrpc_sec_type null_type = {
 168         .pst_owner      = THIS_MODULE,
 169         .pst_name       = "NULL_SEC",
 170         .pst_inst       = ATOMIC_INIT(0),
 171         .pst_flavor     = {PTLRPC_SEC_NULL, 0},
 172         .pst_ops        = &null_secops,
 173 };
 174
 175 int ptlrpcs_null_init(void)
 176 {
 177         int rc;
 178
 179         rc = ptlrpcs_register(&null_type);
 180         if (rc)
 181                 CERROR("failed to register NULL security: %d\n", rc);
 182
 183         return rc;
 184 }
 185
 186 int ptlrpcs_null_exit(void)
 187 {
 188         int rc;
 189
 190         rc = ptlrpcs_unregister(&null_type);
 191         if (rc)
 192                 CERROR("cannot unregister NULL security: %d\n", rc);
 193
 194         return rc;
 195 }