linux/net/ceph/auth_x.c
<<
>>
Prefs
   1// SPDX-License-Identifier: GPL-2.0
   2
   3#include <linux/ceph/ceph_debug.h>
   4
   5#include <linux/err.h>
   6#include <linux/module.h>
   7#include <linux/random.h>
   8#include <linux/slab.h>
   9
  10#include <linux/ceph/decode.h>
  11#include <linux/ceph/auth.h>
  12#include <linux/ceph/libceph.h>
  13#include <linux/ceph/messenger.h>
  14
  15#include "crypto.h"
  16#include "auth_x.h"
  17#include "auth_x_protocol.h"
  18
  19static void ceph_x_validate_tickets(struct ceph_auth_client *ac, int *pneed);
  20
  21static int ceph_x_is_authenticated(struct ceph_auth_client *ac)
  22{
  23        struct ceph_x_info *xi = ac->private;
  24        int need;
  25
  26        ceph_x_validate_tickets(ac, &need);
  27        dout("ceph_x_is_authenticated want=%d need=%d have=%d\n",
  28             ac->want_keys, need, xi->have_keys);
  29        return (ac->want_keys & xi->have_keys) == ac->want_keys;
  30}
  31
  32static int ceph_x_should_authenticate(struct ceph_auth_client *ac)
  33{
  34        struct ceph_x_info *xi = ac->private;
  35        int need;
  36
  37        ceph_x_validate_tickets(ac, &need);
  38        dout("ceph_x_should_authenticate want=%d need=%d have=%d\n",
  39             ac->want_keys, need, xi->have_keys);
  40        return need != 0;
  41}
  42
  43static int ceph_x_encrypt_offset(void)
  44{
  45        return sizeof(u32) + sizeof(struct ceph_x_encrypt_header);
  46}
  47
  48static int ceph_x_encrypt_buflen(int ilen)
  49{
  50        return ceph_x_encrypt_offset() + ilen + 16;
  51}
  52
  53static int ceph_x_encrypt(struct ceph_crypto_key *secret, void *buf,
  54                          int buf_len, int plaintext_len)
  55{
  56        struct ceph_x_encrypt_header *hdr = buf + sizeof(u32);
  57        int ciphertext_len;
  58        int ret;
  59
  60        hdr->struct_v = 1;
  61        hdr->magic = cpu_to_le64(CEPHX_ENC_MAGIC);
  62
  63        ret = ceph_crypt(secret, true, buf + sizeof(u32), buf_len - sizeof(u32),
  64                         plaintext_len + sizeof(struct ceph_x_encrypt_header),
  65                         &ciphertext_len);
  66        if (ret)
  67                return ret;
  68
  69        ceph_encode_32(&buf, ciphertext_len);
  70        return sizeof(u32) + ciphertext_len;
  71}
  72
  73static int ceph_x_decrypt(struct ceph_crypto_key *secret, void **p, void *end)
  74{
  75        struct ceph_x_encrypt_header *hdr = *p + sizeof(u32);
  76        int ciphertext_len, plaintext_len;
  77        int ret;
  78
  79        ceph_decode_32_safe(p, end, ciphertext_len, e_inval);
  80        ceph_decode_need(p, end, ciphertext_len, e_inval);
  81
  82        ret = ceph_crypt(secret, false, *p, end - *p, ciphertext_len,
  83                         &plaintext_len);
  84        if (ret)
  85                return ret;
  86
  87        if (hdr->struct_v != 1 || le64_to_cpu(hdr->magic) != CEPHX_ENC_MAGIC)
  88                return -EPERM;
  89
  90        *p += ciphertext_len;
  91        return plaintext_len - sizeof(struct ceph_x_encrypt_header);
  92
  93e_inval:
  94        return -EINVAL;
  95}
  96
  97/*
  98 * get existing (or insert new) ticket handler
  99 */
 100static struct ceph_x_ticket_handler *
 101get_ticket_handler(struct ceph_auth_client *ac, int service)
 102{
 103        struct ceph_x_ticket_handler *th;
 104        struct ceph_x_info *xi = ac->private;
 105        struct rb_node *parent = NULL, **p = &xi->ticket_handlers.rb_node;
 106
 107        while (*p) {
 108                parent = *p;
 109                th = rb_entry(parent, struct ceph_x_ticket_handler, node);
 110                if (service < th->service)
 111                        p = &(*p)->rb_left;
 112                else if (service > th->service)
 113                        p = &(*p)->rb_right;
 114                else
 115                        return th;
 116        }
 117
 118        /* add it */
 119        th = kzalloc(sizeof(*th), GFP_NOFS);
 120        if (!th)
 121                return ERR_PTR(-ENOMEM);
 122        th->service = service;
 123        rb_link_node(&th->node, parent, p);
 124        rb_insert_color(&th->node, &xi->ticket_handlers);
 125        return th;
 126}
 127
 128static void remove_ticket_handler(struct ceph_auth_client *ac,
 129                                  struct ceph_x_ticket_handler *th)
 130{
 131        struct ceph_x_info *xi = ac->private;
 132
 133        dout("remove_ticket_handler %p %d\n", th, th->service);
 134        rb_erase(&th->node, &xi->ticket_handlers);
 135        ceph_crypto_key_destroy(&th->session_key);
 136        if (th->ticket_blob)
 137                ceph_buffer_put(th->ticket_blob);
 138        kfree(th);
 139}
 140
 141static int process_one_ticket(struct ceph_auth_client *ac,
 142                              struct ceph_crypto_key *secret,
 143                              void **p, void *end)
 144{
 145        struct ceph_x_info *xi = ac->private;
 146        int type;
 147        u8 tkt_struct_v, blob_struct_v;
 148        struct ceph_x_ticket_handler *th;
 149        void *dp, *dend;
 150        int dlen;
 151        char is_enc;
 152        struct timespec validity;
 153        void *tp, *tpend;
 154        void **ptp;
 155        struct ceph_crypto_key new_session_key = { 0 };
 156        struct ceph_buffer *new_ticket_blob;
 157        unsigned long new_expires, new_renew_after;
 158        u64 new_secret_id;
 159        int ret;
 160
 161        ceph_decode_need(p, end, sizeof(u32) + 1, bad);
 162
 163        type = ceph_decode_32(p);
 164        dout(" ticket type %d %s\n", type, ceph_entity_type_name(type));
 165
 166        tkt_struct_v = ceph_decode_8(p);
 167        if (tkt_struct_v != 1)
 168                goto bad;
 169
 170        th = get_ticket_handler(ac, type);
 171        if (IS_ERR(th)) {
 172                ret = PTR_ERR(th);
 173                goto out;
 174        }
 175
 176        /* blob for me */
 177        dp = *p + ceph_x_encrypt_offset();
 178        ret = ceph_x_decrypt(secret, p, end);
 179        if (ret < 0)
 180                goto out;
 181        dout(" decrypted %d bytes\n", ret);
 182        dend = dp + ret;
 183
 184        tkt_struct_v = ceph_decode_8(&dp);
 185        if (tkt_struct_v != 1)
 186                goto bad;
 187
 188        ret = ceph_crypto_key_decode(&new_session_key, &dp, dend);
 189        if (ret)
 190                goto out;
 191
 192        ceph_decode_timespec(&validity, dp);
 193        dp += sizeof(struct ceph_timespec);
 194        new_expires = get_seconds() + validity.tv_sec;
 195        new_renew_after = new_expires - (validity.tv_sec / 4);
 196        dout(" expires=%lu renew_after=%lu\n", new_expires,
 197             new_renew_after);
 198
 199        /* ticket blob for service */
 200        ceph_decode_8_safe(p, end, is_enc, bad);
 201        if (is_enc) {
 202                /* encrypted */
 203                tp = *p + ceph_x_encrypt_offset();
 204                ret = ceph_x_decrypt(&th->session_key, p, end);
 205                if (ret < 0)
 206                        goto out;
 207                dout(" encrypted ticket, decrypted %d bytes\n", ret);
 208                ptp = &tp;
 209                tpend = tp + ret;
 210        } else {
 211                /* unencrypted */
 212                ptp = p;
 213                tpend = end;
 214        }
 215        ceph_decode_32_safe(ptp, tpend, dlen, bad);
 216        dout(" ticket blob is %d bytes\n", dlen);
 217        ceph_decode_need(ptp, tpend, 1 + sizeof(u64), bad);
 218        blob_struct_v = ceph_decode_8(ptp);
 219        if (blob_struct_v != 1)
 220                goto bad;
 221
 222        new_secret_id = ceph_decode_64(ptp);
 223        ret = ceph_decode_buffer(&new_ticket_blob, ptp, tpend);
 224        if (ret)
 225                goto out;
 226
 227        /* all is well, update our ticket */
 228        ceph_crypto_key_destroy(&th->session_key);
 229        if (th->ticket_blob)
 230                ceph_buffer_put(th->ticket_blob);
 231        th->session_key = new_session_key;
 232        th->ticket_blob = new_ticket_blob;
 233        th->secret_id = new_secret_id;
 234        th->expires = new_expires;
 235        th->renew_after = new_renew_after;
 236        th->have_key = true;
 237        dout(" got ticket service %d (%s) secret_id %lld len %d\n",
 238             type, ceph_entity_type_name(type), th->secret_id,
 239             (int)th->ticket_blob->vec.iov_len);
 240        xi->have_keys |= th->service;
 241        return 0;
 242
 243bad:
 244        ret = -EINVAL;
 245out:
 246        ceph_crypto_key_destroy(&new_session_key);
 247        return ret;
 248}
 249
 250static int ceph_x_proc_ticket_reply(struct ceph_auth_client *ac,
 251                                    struct ceph_crypto_key *secret,
 252                                    void *buf, void *end)
 253{
 254        void *p = buf;
 255        u8 reply_struct_v;
 256        u32 num;
 257        int ret;
 258
 259        ceph_decode_8_safe(&p, end, reply_struct_v, bad);
 260        if (reply_struct_v != 1)
 261                return -EINVAL;
 262
 263        ceph_decode_32_safe(&p, end, num, bad);
 264        dout("%d tickets\n", num);
 265
 266        while (num--) {
 267                ret = process_one_ticket(ac, secret, &p, end);
 268                if (ret)
 269                        return ret;
 270        }
 271
 272        return 0;
 273
 274bad:
 275        return -EINVAL;
 276}
 277
 278static void ceph_x_authorizer_cleanup(struct ceph_x_authorizer *au)
 279{
 280        ceph_crypto_key_destroy(&au->session_key);
 281        if (au->buf) {
 282                ceph_buffer_put(au->buf);
 283                au->buf = NULL;
 284        }
 285}
 286
 287static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
 288                                   struct ceph_x_ticket_handler *th,
 289                                   struct ceph_x_authorizer *au)
 290{
 291        int maxlen;
 292        struct ceph_x_authorize_a *msg_a;
 293        struct ceph_x_authorize_b *msg_b;
 294        void *p, *end;
 295        int ret;
 296        int ticket_blob_len =
 297                (th->ticket_blob ? th->ticket_blob->vec.iov_len : 0);
 298
 299        dout("build_authorizer for %s %p\n",
 300             ceph_entity_type_name(th->service), au);
 301
 302        ceph_crypto_key_destroy(&au->session_key);
 303        ret = ceph_crypto_key_clone(&au->session_key, &th->session_key);
 304        if (ret)
 305                goto out_au;
 306
 307        maxlen = sizeof(*msg_a) + ticket_blob_len +
 308                ceph_x_encrypt_buflen(sizeof(*msg_b));
 309        dout("  need len %d\n", maxlen);
 310        if (au->buf && au->buf->alloc_len < maxlen) {
 311                ceph_buffer_put(au->buf);
 312                au->buf = NULL;
 313        }
 314        if (!au->buf) {
 315                au->buf = ceph_buffer_new(maxlen, GFP_NOFS);
 316                if (!au->buf) {
 317                        ret = -ENOMEM;
 318                        goto out_au;
 319                }
 320        }
 321        au->service = th->service;
 322        au->secret_id = th->secret_id;
 323
 324        msg_a = au->buf->vec.iov_base;
 325        msg_a->struct_v = 1;
 326        msg_a->global_id = cpu_to_le64(ac->global_id);
 327        msg_a->service_id = cpu_to_le32(th->service);
 328        msg_a->ticket_blob.struct_v = 1;
 329        msg_a->ticket_blob.secret_id = cpu_to_le64(th->secret_id);
 330        msg_a->ticket_blob.blob_len = cpu_to_le32(ticket_blob_len);
 331        if (ticket_blob_len) {
 332                memcpy(msg_a->ticket_blob.blob, th->ticket_blob->vec.iov_base,
 333                       th->ticket_blob->vec.iov_len);
 334        }
 335        dout(" th %p secret_id %lld %lld\n", th, th->secret_id,
 336             le64_to_cpu(msg_a->ticket_blob.secret_id));
 337
 338        p = msg_a + 1;
 339        p += ticket_blob_len;
 340        end = au->buf->vec.iov_base + au->buf->vec.iov_len;
 341
 342        msg_b = p + ceph_x_encrypt_offset();
 343        msg_b->struct_v = 1;
 344        get_random_bytes(&au->nonce, sizeof(au->nonce));
 345        msg_b->nonce = cpu_to_le64(au->nonce);
 346        ret = ceph_x_encrypt(&au->session_key, p, end - p, sizeof(*msg_b));
 347        if (ret < 0)
 348                goto out_au;
 349
 350        p += ret;
 351        WARN_ON(p > end);
 352        au->buf->vec.iov_len = p - au->buf->vec.iov_base;
 353        dout(" built authorizer nonce %llx len %d\n", au->nonce,
 354             (int)au->buf->vec.iov_len);
 355        return 0;
 356
 357out_au:
 358        ceph_x_authorizer_cleanup(au);
 359        return ret;
 360}
 361
 362static int ceph_x_encode_ticket(struct ceph_x_ticket_handler *th,
 363                                void **p, void *end)
 364{
 365        ceph_decode_need(p, end, 1 + sizeof(u64), bad);
 366        ceph_encode_8(p, 1);
 367        ceph_encode_64(p, th->secret_id);
 368        if (th->ticket_blob) {
 369                const char *buf = th->ticket_blob->vec.iov_base;
 370                u32 len = th->ticket_blob->vec.iov_len;
 371
 372                ceph_encode_32_safe(p, end, len, bad);
 373                ceph_encode_copy_safe(p, end, buf, len, bad);
 374        } else {
 375                ceph_encode_32_safe(p, end, 0, bad);
 376        }
 377
 378        return 0;
 379bad:
 380        return -ERANGE;
 381}
 382
 383static bool need_key(struct ceph_x_ticket_handler *th)
 384{
 385        if (!th->have_key)
 386                return true;
 387
 388        return get_seconds() >= th->renew_after;
 389}
 390
 391static bool have_key(struct ceph_x_ticket_handler *th)
 392{
 393        if (th->have_key) {
 394                if (get_seconds() >= th->expires)
 395                        th->have_key = false;
 396        }
 397
 398        return th->have_key;
 399}
 400
 401static void ceph_x_validate_tickets(struct ceph_auth_client *ac, int *pneed)
 402{
 403        int want = ac->want_keys;
 404        struct ceph_x_info *xi = ac->private;
 405        int service;
 406
 407        *pneed = ac->want_keys & ~(xi->have_keys);
 408
 409        for (service = 1; service <= want; service <<= 1) {
 410                struct ceph_x_ticket_handler *th;
 411
 412                if (!(ac->want_keys & service))
 413                        continue;
 414
 415                if (*pneed & service)
 416                        continue;
 417
 418                th = get_ticket_handler(ac, service);
 419                if (IS_ERR(th)) {
 420                        *pneed |= service;
 421                        continue;
 422                }
 423
 424                if (need_key(th))
 425                        *pneed |= service;
 426                if (!have_key(th))
 427                        xi->have_keys &= ~service;
 428        }
 429}
 430
 431static int ceph_x_build_request(struct ceph_auth_client *ac,
 432                                void *buf, void *end)
 433{
 434        struct ceph_x_info *xi = ac->private;
 435        int need;
 436        struct ceph_x_request_header *head = buf;
 437        int ret;
 438        struct ceph_x_ticket_handler *th =
 439                get_ticket_handler(ac, CEPH_ENTITY_TYPE_AUTH);
 440
 441        if (IS_ERR(th))
 442                return PTR_ERR(th);
 443
 444        ceph_x_validate_tickets(ac, &need);
 445
 446        dout("build_request want %x have %x need %x\n",
 447             ac->want_keys, xi->have_keys, need);
 448
 449        if (need & CEPH_ENTITY_TYPE_AUTH) {
 450                struct ceph_x_authenticate *auth = (void *)(head + 1);
 451                void *p = auth + 1;
 452                void *enc_buf = xi->auth_authorizer.enc_buf;
 453                struct ceph_x_challenge_blob *blob = enc_buf +
 454                                                        ceph_x_encrypt_offset();
 455                u64 *u;
 456
 457                if (p > end)
 458                        return -ERANGE;
 459
 460                dout(" get_auth_session_key\n");
 461                head->op = cpu_to_le16(CEPHX_GET_AUTH_SESSION_KEY);
 462
 463                /* encrypt and hash */
 464                get_random_bytes(&auth->client_challenge, sizeof(u64));
 465                blob->client_challenge = auth->client_challenge;
 466                blob->server_challenge = cpu_to_le64(xi->server_challenge);
 467                ret = ceph_x_encrypt(&xi->secret, enc_buf, CEPHX_AU_ENC_BUF_LEN,
 468                                     sizeof(*blob));
 469                if (ret < 0)
 470                        return ret;
 471
 472                auth->struct_v = 1;
 473                auth->key = 0;
 474                for (u = (u64 *)enc_buf; u + 1 <= (u64 *)(enc_buf + ret); u++)
 475                        auth->key ^= *(__le64 *)u;
 476                dout(" server_challenge %llx client_challenge %llx key %llx\n",
 477                     xi->server_challenge, le64_to_cpu(auth->client_challenge),
 478                     le64_to_cpu(auth->key));
 479
 480                /* now encode the old ticket if exists */
 481                ret = ceph_x_encode_ticket(th, &p, end);
 482                if (ret < 0)
 483                        return ret;
 484
 485                return p - buf;
 486        }
 487
 488        if (need) {
 489                void *p = head + 1;
 490                struct ceph_x_service_ticket_request *req;
 491
 492                if (p > end)
 493                        return -ERANGE;
 494                head->op = cpu_to_le16(CEPHX_GET_PRINCIPAL_SESSION_KEY);
 495
 496                ret = ceph_x_build_authorizer(ac, th, &xi->auth_authorizer);
 497                if (ret)
 498                        return ret;
 499                ceph_encode_copy(&p, xi->auth_authorizer.buf->vec.iov_base,
 500                                 xi->auth_authorizer.buf->vec.iov_len);
 501
 502                req = p;
 503                req->keys = cpu_to_le32(need);
 504                p += sizeof(*req);
 505                return p - buf;
 506        }
 507
 508        return 0;
 509}
 510
 511static int ceph_x_handle_reply(struct ceph_auth_client *ac, int result,
 512                               void *buf, void *end)
 513{
 514        struct ceph_x_info *xi = ac->private;
 515        struct ceph_x_reply_header *head = buf;
 516        struct ceph_x_ticket_handler *th;
 517        int len = end - buf;
 518        int op;
 519        int ret;
 520
 521        if (result)
 522                return result;  /* XXX hmm? */
 523
 524        if (xi->starting) {
 525                /* it's a hello */
 526                struct ceph_x_server_challenge *sc = buf;
 527
 528                if (len != sizeof(*sc))
 529                        return -EINVAL;
 530                xi->server_challenge = le64_to_cpu(sc->server_challenge);
 531                dout("handle_reply got server challenge %llx\n",
 532                     xi->server_challenge);
 533                xi->starting = false;
 534                xi->have_keys &= ~CEPH_ENTITY_TYPE_AUTH;
 535                return -EAGAIN;
 536        }
 537
 538        op = le16_to_cpu(head->op);
 539        result = le32_to_cpu(head->result);
 540        dout("handle_reply op %d result %d\n", op, result);
 541        switch (op) {
 542        case CEPHX_GET_AUTH_SESSION_KEY:
 543                /* verify auth key */
 544                ret = ceph_x_proc_ticket_reply(ac, &xi->secret,
 545                                               buf + sizeof(*head), end);
 546                break;
 547
 548        case CEPHX_GET_PRINCIPAL_SESSION_KEY:
 549                th = get_ticket_handler(ac, CEPH_ENTITY_TYPE_AUTH);
 550                if (IS_ERR(th))
 551                        return PTR_ERR(th);
 552                ret = ceph_x_proc_ticket_reply(ac, &th->session_key,
 553                                               buf + sizeof(*head), end);
 554                break;
 555
 556        default:
 557                return -EINVAL;
 558        }
 559        if (ret)
 560                return ret;
 561        if (ac->want_keys == xi->have_keys)
 562                return 0;
 563        return -EAGAIN;
 564}
 565
 566static void ceph_x_destroy_authorizer(struct ceph_authorizer *a)
 567{
 568        struct ceph_x_authorizer *au = (void *)a;
 569
 570        ceph_x_authorizer_cleanup(au);
 571        kfree(au);
 572}
 573
 574static int ceph_x_create_authorizer(
 575        struct ceph_auth_client *ac, int peer_type,
 576        struct ceph_auth_handshake *auth)
 577{
 578        struct ceph_x_authorizer *au;
 579        struct ceph_x_ticket_handler *th;
 580        int ret;
 581
 582        th = get_ticket_handler(ac, peer_type);
 583        if (IS_ERR(th))
 584                return PTR_ERR(th);
 585
 586        au = kzalloc(sizeof(*au), GFP_NOFS);
 587        if (!au)
 588                return -ENOMEM;
 589
 590        au->base.destroy = ceph_x_destroy_authorizer;
 591
 592        ret = ceph_x_build_authorizer(ac, th, au);
 593        if (ret) {
 594                kfree(au);
 595                return ret;
 596        }
 597
 598        auth->authorizer = (struct ceph_authorizer *) au;
 599        auth->authorizer_buf = au->buf->vec.iov_base;
 600        auth->authorizer_buf_len = au->buf->vec.iov_len;
 601        auth->authorizer_reply_buf = au->enc_buf;
 602        auth->authorizer_reply_buf_len = CEPHX_AU_ENC_BUF_LEN;
 603        auth->sign_message = ac->ops->sign_message;
 604        auth->check_message_signature = ac->ops->check_message_signature;
 605
 606        return 0;
 607}
 608
 609static int ceph_x_update_authorizer(
 610        struct ceph_auth_client *ac, int peer_type,
 611        struct ceph_auth_handshake *auth)
 612{
 613        struct ceph_x_authorizer *au;
 614        struct ceph_x_ticket_handler *th;
 615
 616        th = get_ticket_handler(ac, peer_type);
 617        if (IS_ERR(th))
 618                return PTR_ERR(th);
 619
 620        au = (struct ceph_x_authorizer *)auth->authorizer;
 621        if (au->secret_id < th->secret_id) {
 622                dout("ceph_x_update_authorizer service %u secret %llu < %llu\n",
 623                     au->service, au->secret_id, th->secret_id);
 624                return ceph_x_build_authorizer(ac, th, au);
 625        }
 626        return 0;
 627}
 628
 629static int ceph_x_verify_authorizer_reply(struct ceph_auth_client *ac,
 630                                          struct ceph_authorizer *a)
 631{
 632        struct ceph_x_authorizer *au = (void *)a;
 633        void *p = au->enc_buf;
 634        struct ceph_x_authorize_reply *reply = p + ceph_x_encrypt_offset();
 635        int ret;
 636
 637        ret = ceph_x_decrypt(&au->session_key, &p, p + CEPHX_AU_ENC_BUF_LEN);
 638        if (ret < 0)
 639                return ret;
 640        if (ret != sizeof(*reply))
 641                return -EPERM;
 642
 643        if (au->nonce + 1 != le64_to_cpu(reply->nonce_plus_one))
 644                ret = -EPERM;
 645        else
 646                ret = 0;
 647        dout("verify_authorizer_reply nonce %llx got %llx ret %d\n",
 648             au->nonce, le64_to_cpu(reply->nonce_plus_one), ret);
 649        return ret;
 650}
 651
 652static void ceph_x_reset(struct ceph_auth_client *ac)
 653{
 654        struct ceph_x_info *xi = ac->private;
 655
 656        dout("reset\n");
 657        xi->starting = true;
 658        xi->server_challenge = 0;
 659}
 660
 661static void ceph_x_destroy(struct ceph_auth_client *ac)
 662{
 663        struct ceph_x_info *xi = ac->private;
 664        struct rb_node *p;
 665
 666        dout("ceph_x_destroy %p\n", ac);
 667        ceph_crypto_key_destroy(&xi->secret);
 668
 669        while ((p = rb_first(&xi->ticket_handlers)) != NULL) {
 670                struct ceph_x_ticket_handler *th =
 671                        rb_entry(p, struct ceph_x_ticket_handler, node);
 672                remove_ticket_handler(ac, th);
 673        }
 674
 675        ceph_x_authorizer_cleanup(&xi->auth_authorizer);
 676
 677        kfree(ac->private);
 678        ac->private = NULL;
 679}
 680
 681static void invalidate_ticket(struct ceph_auth_client *ac, int peer_type)
 682{
 683        struct ceph_x_ticket_handler *th;
 684
 685        th = get_ticket_handler(ac, peer_type);
 686        if (!IS_ERR(th))
 687                th->have_key = false;
 688}
 689
 690static void ceph_x_invalidate_authorizer(struct ceph_auth_client *ac,
 691                                         int peer_type)
 692{
 693        /*
 694         * We are to invalidate a service ticket in the hopes of
 695         * getting a new, hopefully more valid, one.  But, we won't get
 696         * it unless our AUTH ticket is good, so invalidate AUTH ticket
 697         * as well, just in case.
 698         */
 699        invalidate_ticket(ac, peer_type);
 700        invalidate_ticket(ac, CEPH_ENTITY_TYPE_AUTH);
 701}
 702
 703static int calc_signature(struct ceph_x_authorizer *au, struct ceph_msg *msg,
 704                          __le64 *psig)
 705{
 706        void *enc_buf = au->enc_buf;
 707        struct {
 708                __le32 len;
 709                __le32 header_crc;
 710                __le32 front_crc;
 711                __le32 middle_crc;
 712                __le32 data_crc;
 713        } __packed *sigblock = enc_buf + ceph_x_encrypt_offset();
 714        int ret;
 715
 716        sigblock->len = cpu_to_le32(4*sizeof(u32));
 717        sigblock->header_crc = msg->hdr.crc;
 718        sigblock->front_crc = msg->footer.front_crc;
 719        sigblock->middle_crc = msg->footer.middle_crc;
 720        sigblock->data_crc =  msg->footer.data_crc;
 721        ret = ceph_x_encrypt(&au->session_key, enc_buf, CEPHX_AU_ENC_BUF_LEN,
 722                             sizeof(*sigblock));
 723        if (ret < 0)
 724                return ret;
 725
 726        *psig = *(__le64 *)(enc_buf + sizeof(u32));
 727        return 0;
 728}
 729
 730static int ceph_x_sign_message(struct ceph_auth_handshake *auth,
 731                               struct ceph_msg *msg)
 732{
 733        __le64 sig;
 734        int ret;
 735
 736        if (ceph_test_opt(from_msgr(msg->con->msgr), NOMSGSIGN))
 737                return 0;
 738
 739        ret = calc_signature((struct ceph_x_authorizer *)auth->authorizer,
 740                             msg, &sig);
 741        if (ret)
 742                return ret;
 743
 744        msg->footer.sig = sig;
 745        msg->footer.flags |= CEPH_MSG_FOOTER_SIGNED;
 746        return 0;
 747}
 748
 749static int ceph_x_check_message_signature(struct ceph_auth_handshake *auth,
 750                                          struct ceph_msg *msg)
 751{
 752        __le64 sig_check;
 753        int ret;
 754
 755        if (ceph_test_opt(from_msgr(msg->con->msgr), NOMSGSIGN))
 756                return 0;
 757
 758        ret = calc_signature((struct ceph_x_authorizer *)auth->authorizer,
 759                             msg, &sig_check);
 760        if (ret)
 761                return ret;
 762        if (sig_check == msg->footer.sig)
 763                return 0;
 764        if (msg->footer.flags & CEPH_MSG_FOOTER_SIGNED)
 765                dout("ceph_x_check_message_signature %p has signature %llx "
 766                     "expect %llx\n", msg, msg->footer.sig, sig_check);
 767        else
 768                dout("ceph_x_check_message_signature %p sender did not set "
 769                     "CEPH_MSG_FOOTER_SIGNED\n", msg);
 770        return -EBADMSG;
 771}
 772
 773static const struct ceph_auth_client_ops ceph_x_ops = {
 774        .name = "x",
 775        .is_authenticated = ceph_x_is_authenticated,
 776        .should_authenticate = ceph_x_should_authenticate,
 777        .build_request = ceph_x_build_request,
 778        .handle_reply = ceph_x_handle_reply,
 779        .create_authorizer = ceph_x_create_authorizer,
 780        .update_authorizer = ceph_x_update_authorizer,
 781        .verify_authorizer_reply = ceph_x_verify_authorizer_reply,
 782        .invalidate_authorizer = ceph_x_invalidate_authorizer,
 783        .reset =  ceph_x_reset,
 784        .destroy = ceph_x_destroy,
 785        .sign_message = ceph_x_sign_message,
 786        .check_message_signature = ceph_x_check_message_signature,
 787};
 788
 789
 790int ceph_x_init(struct ceph_auth_client *ac)
 791{
 792        struct ceph_x_info *xi;
 793        int ret;
 794
 795        dout("ceph_x_init %p\n", ac);
 796        ret = -ENOMEM;
 797        xi = kzalloc(sizeof(*xi), GFP_NOFS);
 798        if (!xi)
 799                goto out;
 800
 801        ret = -EINVAL;
 802        if (!ac->key) {
 803                pr_err("no secret set (for auth_x protocol)\n");
 804                goto out_nomem;
 805        }
 806
 807        ret = ceph_crypto_key_clone(&xi->secret, ac->key);
 808        if (ret < 0) {
 809                pr_err("cannot clone key: %d\n", ret);
 810                goto out_nomem;
 811        }
 812
 813        xi->starting = true;
 814        xi->ticket_handlers = RB_ROOT;
 815
 816        ac->protocol = CEPH_AUTH_CEPHX;
 817        ac->private = xi;
 818        ac->ops = &ceph_x_ops;
 819        return 0;
 820
 821out_nomem:
 822        kfree(xi);
 823out:
 824        return ret;
 825}
 826
 827
 828