1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41#define DEBUG_SUBSYSTEM S_SEC
42
43#include "../include/obd_support.h"
44#include "../include/obd_cksum.h"
45#include "../include/obd_class.h"
46#include "../include/lustre_net.h"
47#include "../include/lustre_sec.h"
48
49#include "ptlrpc_internal.h"
50
51static struct ptlrpc_sec_policy null_policy;
52static struct ptlrpc_sec null_sec;
53static struct ptlrpc_cli_ctx null_cli_ctx;
54static struct ptlrpc_svc_ctx null_svc_ctx;
55
56
57
58
59
60static inline
61void null_encode_sec_part(struct lustre_msg *msg, enum lustre_sec_part sp)
62{
63 msg->lm_secflvr |= (((__u32) sp) & 0xFF) << 24;
64}
65
66static inline
67enum lustre_sec_part null_decode_sec_part(struct lustre_msg *msg)
68{
69 return (msg->lm_secflvr >> 24) & 0xFF;
70}
71
72static int null_ctx_refresh(struct ptlrpc_cli_ctx *ctx)
73{
74
75 LBUG();
76 return 0;
77}
78
79static
80int null_ctx_sign(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
81{
82 req->rq_reqbuf->lm_secflvr = SPTLRPC_FLVR_NULL;
83
84 if (!req->rq_import->imp_dlm_fake) {
85 struct obd_device *obd = req->rq_import->imp_obd;
86
87 null_encode_sec_part(req->rq_reqbuf,
88 obd->u.cli.cl_sp_me);
89 }
90 req->rq_reqdata_len = req->rq_reqlen;
91 return 0;
92}
93
94static
95int null_ctx_verify(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
96{
97 __u32 cksums, cksumc;
98
99 LASSERT(req->rq_repdata);
100
101 req->rq_repmsg = req->rq_repdata;
102 req->rq_replen = req->rq_repdata_len;
103
104 if (req->rq_early) {
105 cksums = lustre_msg_get_cksum(req->rq_repdata);
106 cksumc = lustre_msg_calc_cksum(req->rq_repmsg);
107 if (cksumc != cksums) {
108 CDEBUG(D_SEC,
109 "early reply checksum mismatch: %08x != %08x\n",
110 cksumc, cksums);
111 return -EINVAL;
112 }
113 }
114
115 return 0;
116}
117
118static
119struct ptlrpc_sec *null_create_sec(struct obd_import *imp,
120 struct ptlrpc_svc_ctx *svc_ctx,
121 struct sptlrpc_flavor *sf)
122{
123 LASSERT(SPTLRPC_FLVR_POLICY(sf->sf_rpc) == SPTLRPC_POLICY_NULL);
124
125
126
127
128 sptlrpc_policy_put(&null_policy);
129 return &null_sec;
130}
131
132static
133void null_destroy_sec(struct ptlrpc_sec *sec)
134{
135 LASSERT(sec == &null_sec);
136}
137
138static
139struct ptlrpc_cli_ctx *null_lookup_ctx(struct ptlrpc_sec *sec,
140 struct vfs_cred *vcred,
141 int create, int remove_dead)
142{
143 atomic_inc(&null_cli_ctx.cc_refcount);
144 return &null_cli_ctx;
145}
146
147static
148int null_flush_ctx_cache(struct ptlrpc_sec *sec,
149 uid_t uid,
150 int grace, int force)
151{
152 return 0;
153}
154
155static
156int null_alloc_reqbuf(struct ptlrpc_sec *sec,
157 struct ptlrpc_request *req,
158 int msgsize)
159{
160 if (!req->rq_reqbuf) {
161 int alloc_size = size_roundup_power2(msgsize);
162
163 LASSERT(!req->rq_pool);
164 req->rq_reqbuf = libcfs_kvzalloc(alloc_size, GFP_NOFS);
165 if (!req->rq_reqbuf)
166 return -ENOMEM;
167
168 req->rq_reqbuf_len = alloc_size;
169 } else {
170 LASSERT(req->rq_pool);
171 LASSERT(req->rq_reqbuf_len >= msgsize);
172 memset(req->rq_reqbuf, 0, msgsize);
173 }
174
175 req->rq_reqmsg = req->rq_reqbuf;
176 return 0;
177}
178
179static
180void null_free_reqbuf(struct ptlrpc_sec *sec,
181 struct ptlrpc_request *req)
182{
183 if (!req->rq_pool) {
184 LASSERTF(req->rq_reqmsg == req->rq_reqbuf,
185 "req %p: reqmsg %p is not reqbuf %p in null sec\n",
186 req, req->rq_reqmsg, req->rq_reqbuf);
187 LASSERTF(req->rq_reqbuf_len >= req->rq_reqlen,
188 "req %p: reqlen %d should smaller than buflen %d\n",
189 req, req->rq_reqlen, req->rq_reqbuf_len);
190
191 kvfree(req->rq_reqbuf);
192 req->rq_reqbuf = NULL;
193 req->rq_reqbuf_len = 0;
194 }
195}
196
197static
198int null_alloc_repbuf(struct ptlrpc_sec *sec,
199 struct ptlrpc_request *req,
200 int msgsize)
201{
202
203 msgsize += lustre_msg_early_size();
204
205 msgsize = size_roundup_power2(msgsize);
206
207 req->rq_repbuf = libcfs_kvzalloc(msgsize, GFP_NOFS);
208 if (!req->rq_repbuf)
209 return -ENOMEM;
210
211 req->rq_repbuf_len = msgsize;
212 return 0;
213}
214
215static
216void null_free_repbuf(struct ptlrpc_sec *sec,
217 struct ptlrpc_request *req)
218{
219 LASSERT(req->rq_repbuf);
220
221 kvfree(req->rq_repbuf);
222 req->rq_repbuf = NULL;
223 req->rq_repbuf_len = 0;
224}
225
226static
227int null_enlarge_reqbuf(struct ptlrpc_sec *sec,
228 struct ptlrpc_request *req,
229 int segment, int newsize)
230{
231 struct lustre_msg *newbuf;
232 struct lustre_msg *oldbuf = req->rq_reqmsg;
233 int oldsize, newmsg_size, alloc_size;
234
235 LASSERT(req->rq_reqbuf);
236 LASSERT(req->rq_reqbuf == req->rq_reqmsg);
237 LASSERT(req->rq_reqbuf_len >= req->rq_reqlen);
238 LASSERT(req->rq_reqlen == lustre_packed_msg_size(oldbuf));
239
240
241 oldsize = req->rq_reqbuf->lm_buflens[segment];
242 req->rq_reqbuf->lm_buflens[segment] = newsize;
243 newmsg_size = lustre_packed_msg_size(oldbuf);
244 req->rq_reqbuf->lm_buflens[segment] = oldsize;
245
246
247 LASSERT(!req->rq_pool || req->rq_reqbuf_len >= newmsg_size);
248
249 if (req->rq_reqbuf_len < newmsg_size) {
250 alloc_size = size_roundup_power2(newmsg_size);
251
252 newbuf = libcfs_kvzalloc(alloc_size, GFP_NOFS);
253 if (!newbuf)
254 return -ENOMEM;
255
256
257
258
259
260
261
262
263 if (req->rq_import)
264 spin_lock(&req->rq_import->imp_lock);
265 memcpy(newbuf, req->rq_reqbuf, req->rq_reqlen);
266
267 kvfree(req->rq_reqbuf);
268 req->rq_reqbuf = req->rq_reqmsg = newbuf;
269 req->rq_reqbuf_len = alloc_size;
270
271 if (req->rq_import)
272 spin_unlock(&req->rq_import->imp_lock);
273 }
274
275 _sptlrpc_enlarge_msg_inplace(req->rq_reqmsg, segment, newsize);
276 req->rq_reqlen = newmsg_size;
277
278 return 0;
279}
280
281static struct ptlrpc_svc_ctx null_svc_ctx = {
282 .sc_refcount = ATOMIC_INIT(1),
283 .sc_policy = &null_policy,
284};
285
286static
287int null_accept(struct ptlrpc_request *req)
288{
289 LASSERT(SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc) ==
290 SPTLRPC_POLICY_NULL);
291
292 if (req->rq_flvr.sf_rpc != SPTLRPC_FLVR_NULL) {
293 CERROR("Invalid rpc flavor 0x%x\n", req->rq_flvr.sf_rpc);
294 return SECSVC_DROP;
295 }
296
297 req->rq_sp_from = null_decode_sec_part(req->rq_reqbuf);
298
299 req->rq_reqmsg = req->rq_reqbuf;
300 req->rq_reqlen = req->rq_reqdata_len;
301
302 req->rq_svc_ctx = &null_svc_ctx;
303 atomic_inc(&req->rq_svc_ctx->sc_refcount);
304
305 return SECSVC_OK;
306}
307
308static
309int null_alloc_rs(struct ptlrpc_request *req, int msgsize)
310{
311 struct ptlrpc_reply_state *rs;
312 int rs_size = sizeof(*rs) + msgsize;
313
314 LASSERT(msgsize % 8 == 0);
315
316 rs = req->rq_reply_state;
317
318 if (rs) {
319
320 LASSERT(rs->rs_size >= rs_size);
321 } else {
322 rs = libcfs_kvzalloc(rs_size, GFP_NOFS);
323 if (!rs)
324 return -ENOMEM;
325
326 rs->rs_size = rs_size;
327 }
328
329 rs->rs_svc_ctx = req->rq_svc_ctx;
330 atomic_inc(&req->rq_svc_ctx->sc_refcount);
331
332 rs->rs_repbuf = (struct lustre_msg *) (rs + 1);
333 rs->rs_repbuf_len = rs_size - sizeof(*rs);
334 rs->rs_msg = rs->rs_repbuf;
335
336 req->rq_reply_state = rs;
337 return 0;
338}
339
340static
341void null_free_rs(struct ptlrpc_reply_state *rs)
342{
343 LASSERT_ATOMIC_GT(&rs->rs_svc_ctx->sc_refcount, 1);
344 atomic_dec(&rs->rs_svc_ctx->sc_refcount);
345
346 if (!rs->rs_prealloc)
347 kvfree(rs);
348}
349
350static
351int null_authorize(struct ptlrpc_request *req)
352{
353 struct ptlrpc_reply_state *rs = req->rq_reply_state;
354
355 LASSERT(rs);
356
357 rs->rs_repbuf->lm_secflvr = SPTLRPC_FLVR_NULL;
358 rs->rs_repdata_len = req->rq_replen;
359
360 if (likely(req->rq_packed_final)) {
361 if (lustre_msghdr_get_flags(req->rq_reqmsg) & MSGHDR_AT_SUPPORT)
362 req->rq_reply_off = lustre_msg_early_size();
363 else
364 req->rq_reply_off = 0;
365 } else {
366 __u32 cksum;
367
368 cksum = lustre_msg_calc_cksum(rs->rs_repbuf);
369 lustre_msg_set_cksum(rs->rs_repbuf, cksum);
370 req->rq_reply_off = 0;
371 }
372
373 return 0;
374}
375
376static struct ptlrpc_ctx_ops null_ctx_ops = {
377 .refresh = null_ctx_refresh,
378 .sign = null_ctx_sign,
379 .verify = null_ctx_verify,
380};
381
382static struct ptlrpc_sec_cops null_sec_cops = {
383 .create_sec = null_create_sec,
384 .destroy_sec = null_destroy_sec,
385 .lookup_ctx = null_lookup_ctx,
386 .flush_ctx_cache = null_flush_ctx_cache,
387 .alloc_reqbuf = null_alloc_reqbuf,
388 .alloc_repbuf = null_alloc_repbuf,
389 .free_reqbuf = null_free_reqbuf,
390 .free_repbuf = null_free_repbuf,
391 .enlarge_reqbuf = null_enlarge_reqbuf,
392};
393
394static struct ptlrpc_sec_sops null_sec_sops = {
395 .accept = null_accept,
396 .alloc_rs = null_alloc_rs,
397 .authorize = null_authorize,
398 .free_rs = null_free_rs,
399};
400
401static struct ptlrpc_sec_policy null_policy = {
402 .sp_owner = THIS_MODULE,
403 .sp_name = "sec.null",
404 .sp_policy = SPTLRPC_POLICY_NULL,
405 .sp_cops = &null_sec_cops,
406 .sp_sops = &null_sec_sops,
407};
408
409static void null_init_internal(void)
410{
411 static HLIST_HEAD(__list);
412
413 null_sec.ps_policy = &null_policy;
414 atomic_set(&null_sec.ps_refcount, 1);
415 null_sec.ps_id = -1;
416 null_sec.ps_import = NULL;
417 null_sec.ps_flvr.sf_rpc = SPTLRPC_FLVR_NULL;
418 null_sec.ps_flvr.sf_flags = 0;
419 null_sec.ps_part = LUSTRE_SP_ANY;
420 null_sec.ps_dying = 0;
421 spin_lock_init(&null_sec.ps_lock);
422 atomic_set(&null_sec.ps_nctx, 1);
423 INIT_LIST_HEAD(&null_sec.ps_gc_list);
424 null_sec.ps_gc_interval = 0;
425 null_sec.ps_gc_next = 0;
426
427 hlist_add_head(&null_cli_ctx.cc_cache, &__list);
428 atomic_set(&null_cli_ctx.cc_refcount, 1);
429 null_cli_ctx.cc_sec = &null_sec;
430 null_cli_ctx.cc_ops = &null_ctx_ops;
431 null_cli_ctx.cc_expire = 0;
432 null_cli_ctx.cc_flags = PTLRPC_CTX_CACHED | PTLRPC_CTX_ETERNAL |
433 PTLRPC_CTX_UPTODATE;
434 null_cli_ctx.cc_vcred.vc_uid = 0;
435 spin_lock_init(&null_cli_ctx.cc_lock);
436 INIT_LIST_HEAD(&null_cli_ctx.cc_req_list);
437 INIT_LIST_HEAD(&null_cli_ctx.cc_gc_chain);
438}
439
440int sptlrpc_null_init(void)
441{
442 int rc;
443
444 null_init_internal();
445
446 rc = sptlrpc_register_policy(&null_policy);
447 if (rc)
448 CERROR("failed to register %s: %d\n", null_policy.sp_name, rc);
449
450 return rc;
451}
452
453void sptlrpc_null_fini(void)
454{
455 int rc;
456
457 rc = sptlrpc_unregister_policy(&null_policy);
458 if (rc)
459 CERROR("failed to unregister %s: %d\n",
460 null_policy.sp_name, rc);
461}
462