4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see
18 * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
20 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
21 * CA 95054 USA or visit www.sun.com if you need additional information or
27 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
28 * Use is subject to license terms.
30 * Copyright (c) 2011, 2012, Intel Corporation.
33 * This file is part of Lustre, http://www.lustre.org/
34 * Lustre is a trademark of Sun Microsystems, Inc.
36 * lustre/ptlrpc/sec_plain.c
38 * Author: Eric Mei <ericm@clusterfs.com>
41 #define DEBUG_SUBSYSTEM S_SEC
44 #include <obd_support.h>
45 #include <obd_cksum.h>
46 #include <obd_class.h>
47 #include <lustre_net.h>
48 #include <lustre_sec.h>
51 struct ptlrpc_sec pls_base;
53 struct ptlrpc_cli_ctx *pls_ctx;
56 static inline struct plain_sec *sec2plsec(struct ptlrpc_sec *sec)
58 return container_of(sec, struct plain_sec, pls_base);
61 static struct ptlrpc_sec_policy plain_policy;
62 static struct ptlrpc_ctx_ops plain_ctx_ops;
63 static struct ptlrpc_svc_ctx plain_svc_ctx;
65 static unsigned int plain_at_offset;
68 * for simplicity, plain policy rpc use fixed layout.
70 #define PLAIN_PACK_SEGMENTS (4)
72 #define PLAIN_PACK_HDR_OFF (0)
73 #define PLAIN_PACK_MSG_OFF (1)
74 #define PLAIN_PACK_USER_OFF (2)
75 #define PLAIN_PACK_BULK_OFF (3)
77 #define PLAIN_FL_USER (0x01)
78 #define PLAIN_FL_BULK (0x02)
83 __u8 ph_sp; /* source */
84 __u8 ph_bulk_hash_alg; /* complete flavor desc */
88 struct plain_bulk_token {
92 #define PLAIN_BSD_SIZE \
93 (sizeof(struct ptlrpc_bulk_sec_desc) + sizeof(struct plain_bulk_token))
95 /****************************************
96 * bulk checksum helpers *
97 ****************************************/
99 static int plain_unpack_bsd(struct lustre_msg *msg, int swabbed)
101 struct ptlrpc_bulk_sec_desc *bsd;
103 if (bulk_sec_desc_unpack(msg, PLAIN_PACK_BULK_OFF, swabbed))
106 bsd = lustre_msg_buf(msg, PLAIN_PACK_BULK_OFF, PLAIN_BSD_SIZE);
108 CERROR("bulk sec desc has short size %d\n",
109 lustre_msg_buflen(msg, PLAIN_PACK_BULK_OFF));
113 if (bsd->bsd_svc != SPTLRPC_BULK_SVC_NULL &&
114 bsd->bsd_svc != SPTLRPC_BULK_SVC_INTG) {
115 CERROR("invalid bulk svc %u\n", bsd->bsd_svc);
122 static int plain_generate_bulk_csum(struct ptlrpc_bulk_desc *desc,
124 struct plain_bulk_token *token)
126 if (hash_alg == BULK_HASH_ALG_NULL)
129 memset(token->pbt_hash, 0, sizeof(token->pbt_hash));
130 return sptlrpc_get_bulk_checksum(desc, hash_alg, token->pbt_hash,
131 sizeof(token->pbt_hash));
134 static int plain_verify_bulk_csum(struct ptlrpc_bulk_desc *desc,
136 struct plain_bulk_token *tokenr)
138 struct plain_bulk_token tokenv;
141 if (hash_alg == BULK_HASH_ALG_NULL)
144 memset(&tokenv.pbt_hash, 0, sizeof(tokenv.pbt_hash));
145 rc = sptlrpc_get_bulk_checksum(desc, hash_alg, tokenv.pbt_hash,
146 sizeof(tokenv.pbt_hash));
150 if (memcmp(tokenr->pbt_hash, tokenv.pbt_hash, sizeof(tokenr->pbt_hash)))
155 static void corrupt_bulk_data(struct ptlrpc_bulk_desc *desc)
160 for (i = 0; i < desc->bd_iov_count; i++) {
161 if (desc->bd_iov[i].kiov_len == 0)
164 ptr = kmap(desc->bd_iov[i].kiov_page);
165 off = desc->bd_iov[i].kiov_offset & ~CFS_PAGE_MASK;
167 kunmap(desc->bd_iov[i].kiov_page);
172 /****************************************
174 ****************************************/
177 int plain_ctx_refresh(struct ptlrpc_cli_ctx *ctx)
179 /* should never reach here */
185 int plain_ctx_validate(struct ptlrpc_cli_ctx *ctx)
191 int plain_ctx_sign(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
193 struct lustre_msg *msg = req->rq_reqbuf;
194 struct plain_header *phdr;
196 msg->lm_secflvr = req->rq_flvr.sf_rpc;
198 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, 0);
201 phdr->ph_sp = ctx->cc_sec->ps_part;
202 phdr->ph_bulk_hash_alg = req->rq_flvr.u_bulk.hash.hash_alg;
204 if (req->rq_pack_udesc)
205 phdr->ph_flags |= PLAIN_FL_USER;
206 if (req->rq_pack_bulk)
207 phdr->ph_flags |= PLAIN_FL_BULK;
209 req->rq_reqdata_len = lustre_msg_size_v2(msg->lm_bufcount,
215 int plain_ctx_verify(struct ptlrpc_cli_ctx *ctx, struct ptlrpc_request *req)
217 struct lustre_msg *msg = req->rq_repdata;
218 struct plain_header *phdr;
222 if (msg->lm_bufcount != PLAIN_PACK_SEGMENTS) {
223 CERROR("unexpected reply buf count %u\n", msg->lm_bufcount);
227 swabbed = ptlrpc_rep_need_swab(req);
229 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, sizeof(*phdr));
231 CERROR("missing plain header\n");
235 if (phdr->ph_ver != 0) {
236 CERROR("Invalid header version\n");
240 /* expect no user desc in reply */
241 if (phdr->ph_flags & PLAIN_FL_USER) {
242 CERROR("Unexpected udesc flag in reply\n");
246 if (phdr->ph_bulk_hash_alg != req->rq_flvr.u_bulk.hash.hash_alg) {
247 CERROR("reply bulk flavor %u != %u\n", phdr->ph_bulk_hash_alg,
248 req->rq_flvr.u_bulk.hash.hash_alg);
252 if (unlikely(req->rq_early)) {
253 unsigned int hsize = 4;
255 cfs_crypto_hash_digest(CFS_HASH_ALG_CRC32,
256 lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
257 lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF),
258 NULL, 0, (unsigned char *)&cksum, &hsize);
259 if (cksum != msg->lm_cksum) {
261 "early reply checksum mismatch: %08x != %08x\n",
262 cpu_to_le32(cksum), msg->lm_cksum);
266 /* whether we sent with bulk or not, we expect the same
267 * in reply, except for early reply */
268 if (!req->rq_early &&
269 !equi(req->rq_pack_bulk == 1,
270 phdr->ph_flags & PLAIN_FL_BULK)) {
271 CERROR("%s bulk checksum in reply\n",
272 req->rq_pack_bulk ? "Missing" : "Unexpected");
276 if (phdr->ph_flags & PLAIN_FL_BULK) {
277 if (plain_unpack_bsd(msg, swabbed))
282 req->rq_repmsg = lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0);
283 req->rq_replen = lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF);
288 int plain_cli_wrap_bulk(struct ptlrpc_cli_ctx *ctx,
289 struct ptlrpc_request *req,
290 struct ptlrpc_bulk_desc *desc)
292 struct ptlrpc_bulk_sec_desc *bsd;
293 struct plain_bulk_token *token;
296 LASSERT(req->rq_pack_bulk);
297 LASSERT(req->rq_reqbuf->lm_bufcount == PLAIN_PACK_SEGMENTS);
299 bsd = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
300 token = (struct plain_bulk_token *) bsd->bsd_data;
302 bsd->bsd_version = 0;
304 bsd->bsd_type = SPTLRPC_BULK_DEFAULT;
305 bsd->bsd_svc = SPTLRPC_FLVR_BULK_SVC(req->rq_flvr.sf_rpc);
307 if (bsd->bsd_svc == SPTLRPC_BULK_SVC_NULL)
310 if (req->rq_bulk_read)
313 rc = plain_generate_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
316 CERROR("bulk write: failed to compute checksum: %d\n", rc);
319 * for sending we only compute the wrong checksum instead
320 * of corrupting the data so it is still correct on a redo
322 if (OBD_FAIL_CHECK(OBD_FAIL_OSC_CHECKSUM_SEND) &&
323 req->rq_flvr.u_bulk.hash.hash_alg != BULK_HASH_ALG_NULL)
324 token->pbt_hash[0] ^= 0x1;
331 int plain_cli_unwrap_bulk(struct ptlrpc_cli_ctx *ctx,
332 struct ptlrpc_request *req,
333 struct ptlrpc_bulk_desc *desc)
335 struct ptlrpc_bulk_sec_desc *bsdv;
336 struct plain_bulk_token *tokenv;
340 LASSERT(req->rq_pack_bulk);
341 LASSERT(req->rq_reqbuf->lm_bufcount == PLAIN_PACK_SEGMENTS);
342 LASSERT(req->rq_repdata->lm_bufcount == PLAIN_PACK_SEGMENTS);
344 bsdv = lustre_msg_buf(req->rq_repdata, PLAIN_PACK_BULK_OFF, 0);
345 tokenv = (struct plain_bulk_token *) bsdv->bsd_data;
347 if (req->rq_bulk_write) {
348 if (bsdv->bsd_flags & BSD_FL_ERR)
353 /* fix the actual data size */
354 for (i = 0, nob = 0; i < desc->bd_iov_count; i++) {
355 if (desc->bd_iov[i].kiov_len + nob > desc->bd_nob_transferred) {
356 desc->bd_iov[i].kiov_len =
357 desc->bd_nob_transferred - nob;
359 nob += desc->bd_iov[i].kiov_len;
362 rc = plain_verify_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
365 CERROR("bulk read: client verify failed: %d\n", rc);
370 /****************************************
372 ****************************************/
375 struct ptlrpc_cli_ctx *plain_sec_install_ctx(struct plain_sec *plsec)
377 struct ptlrpc_cli_ctx *ctx, *ctx_new;
379 OBD_ALLOC_PTR(ctx_new);
381 write_lock(&plsec->pls_lock);
383 ctx = plsec->pls_ctx;
385 atomic_inc(&ctx->cc_refcount);
388 OBD_FREE_PTR(ctx_new);
389 } else if (ctx_new) {
392 atomic_set(&ctx->cc_refcount, 1); /* for cache */
393 ctx->cc_sec = &plsec->pls_base;
394 ctx->cc_ops = &plain_ctx_ops;
396 ctx->cc_flags = PTLRPC_CTX_CACHED | PTLRPC_CTX_UPTODATE;
397 ctx->cc_vcred.vc_uid = 0;
398 spin_lock_init(&ctx->cc_lock);
399 INIT_LIST_HEAD(&ctx->cc_req_list);
400 INIT_LIST_HEAD(&ctx->cc_gc_chain);
402 plsec->pls_ctx = ctx;
403 atomic_inc(&plsec->pls_base.ps_nctx);
404 atomic_inc(&plsec->pls_base.ps_refcount);
406 atomic_inc(&ctx->cc_refcount); /* for caller */
409 write_unlock(&plsec->pls_lock);
415 void plain_destroy_sec(struct ptlrpc_sec *sec)
417 struct plain_sec *plsec = sec2plsec(sec);
419 LASSERT(sec->ps_policy == &plain_policy);
420 LASSERT(sec->ps_import);
421 LASSERT(atomic_read(&sec->ps_refcount) == 0);
422 LASSERT(atomic_read(&sec->ps_nctx) == 0);
423 LASSERT(plsec->pls_ctx == NULL);
425 class_import_put(sec->ps_import);
431 void plain_kill_sec(struct ptlrpc_sec *sec)
437 struct ptlrpc_sec *plain_create_sec(struct obd_import *imp,
438 struct ptlrpc_svc_ctx *svc_ctx,
439 struct sptlrpc_flavor *sf)
441 struct plain_sec *plsec;
442 struct ptlrpc_sec *sec;
443 struct ptlrpc_cli_ctx *ctx;
445 LASSERT(SPTLRPC_FLVR_POLICY(sf->sf_rpc) == SPTLRPC_POLICY_PLAIN);
447 OBD_ALLOC_PTR(plsec);
452 * initialize plain_sec
454 rwlock_init(&plsec->pls_lock);
455 plsec->pls_ctx = NULL;
457 sec = &plsec->pls_base;
458 sec->ps_policy = &plain_policy;
459 atomic_set(&sec->ps_refcount, 0);
460 atomic_set(&sec->ps_nctx, 0);
461 sec->ps_id = sptlrpc_get_next_secid();
462 sec->ps_import = class_import_get(imp);
464 spin_lock_init(&sec->ps_lock);
465 INIT_LIST_HEAD(&sec->ps_gc_list);
466 sec->ps_gc_interval = 0;
469 /* install ctx immediately if this is a reverse sec */
471 ctx = plain_sec_install_ctx(plsec);
473 plain_destroy_sec(sec);
476 sptlrpc_cli_ctx_put(ctx, 1);
483 struct ptlrpc_cli_ctx *plain_lookup_ctx(struct ptlrpc_sec *sec,
484 struct vfs_cred *vcred,
485 int create, int remove_dead)
487 struct plain_sec *plsec = sec2plsec(sec);
488 struct ptlrpc_cli_ctx *ctx;
490 read_lock(&plsec->pls_lock);
491 ctx = plsec->pls_ctx;
493 atomic_inc(&ctx->cc_refcount);
494 read_unlock(&plsec->pls_lock);
496 if (unlikely(ctx == NULL))
497 ctx = plain_sec_install_ctx(plsec);
503 void plain_release_ctx(struct ptlrpc_sec *sec,
504 struct ptlrpc_cli_ctx *ctx, int sync)
506 LASSERT(atomic_read(&sec->ps_refcount) > 0);
507 LASSERT(atomic_read(&sec->ps_nctx) > 0);
508 LASSERT(atomic_read(&ctx->cc_refcount) == 0);
509 LASSERT(ctx->cc_sec == sec);
513 atomic_dec(&sec->ps_nctx);
514 sptlrpc_sec_put(sec);
518 int plain_flush_ctx_cache(struct ptlrpc_sec *sec,
519 uid_t uid, int grace, int force)
521 struct plain_sec *plsec = sec2plsec(sec);
522 struct ptlrpc_cli_ctx *ctx;
524 /* do nothing unless caller want to flush for 'all' */
528 write_lock(&plsec->pls_lock);
529 ctx = plsec->pls_ctx;
530 plsec->pls_ctx = NULL;
531 write_unlock(&plsec->pls_lock);
534 sptlrpc_cli_ctx_put(ctx, 1);
539 int plain_alloc_reqbuf(struct ptlrpc_sec *sec,
540 struct ptlrpc_request *req,
543 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
546 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
547 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
549 if (req->rq_pack_udesc)
550 buflens[PLAIN_PACK_USER_OFF] = sptlrpc_current_user_desc_size();
552 if (req->rq_pack_bulk) {
553 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
554 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
557 alloc_len = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
559 if (!req->rq_reqbuf) {
560 LASSERT(!req->rq_pool);
562 alloc_len = size_roundup_power2(alloc_len);
563 OBD_ALLOC_LARGE(req->rq_reqbuf, alloc_len);
567 req->rq_reqbuf_len = alloc_len;
569 LASSERT(req->rq_pool);
570 LASSERT(req->rq_reqbuf_len >= alloc_len);
571 memset(req->rq_reqbuf, 0, alloc_len);
574 lustre_init_msg_v2(req->rq_reqbuf, PLAIN_PACK_SEGMENTS, buflens, NULL);
575 req->rq_reqmsg = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_MSG_OFF, 0);
577 if (req->rq_pack_udesc)
578 sptlrpc_pack_user_desc(req->rq_reqbuf, PLAIN_PACK_USER_OFF);
584 void plain_free_reqbuf(struct ptlrpc_sec *sec,
585 struct ptlrpc_request *req)
588 OBD_FREE_LARGE(req->rq_reqbuf, req->rq_reqbuf_len);
589 req->rq_reqbuf = NULL;
590 req->rq_reqbuf_len = 0;
595 int plain_alloc_repbuf(struct ptlrpc_sec *sec,
596 struct ptlrpc_request *req,
599 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
602 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
603 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
605 if (req->rq_pack_bulk) {
606 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
607 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
610 alloc_len = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
612 /* add space for early reply */
613 alloc_len += plain_at_offset;
615 alloc_len = size_roundup_power2(alloc_len);
617 OBD_ALLOC_LARGE(req->rq_repbuf, alloc_len);
621 req->rq_repbuf_len = alloc_len;
626 void plain_free_repbuf(struct ptlrpc_sec *sec,
627 struct ptlrpc_request *req)
629 OBD_FREE_LARGE(req->rq_repbuf, req->rq_repbuf_len);
630 req->rq_repbuf = NULL;
631 req->rq_repbuf_len = 0;
635 int plain_enlarge_reqbuf(struct ptlrpc_sec *sec,
636 struct ptlrpc_request *req,
637 int segment, int newsize)
639 struct lustre_msg *newbuf;
641 int newmsg_size, newbuf_size;
643 LASSERT(req->rq_reqbuf);
644 LASSERT(req->rq_reqbuf_len >= req->rq_reqlen);
645 LASSERT(lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_MSG_OFF, 0) ==
648 /* compute new embedded msg size. */
649 oldsize = req->rq_reqmsg->lm_buflens[segment];
650 req->rq_reqmsg->lm_buflens[segment] = newsize;
651 newmsg_size = lustre_msg_size_v2(req->rq_reqmsg->lm_bufcount,
652 req->rq_reqmsg->lm_buflens);
653 req->rq_reqmsg->lm_buflens[segment] = oldsize;
655 /* compute new wrapper msg size. */
656 oldsize = req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF];
657 req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF] = newmsg_size;
658 newbuf_size = lustre_msg_size_v2(req->rq_reqbuf->lm_bufcount,
659 req->rq_reqbuf->lm_buflens);
660 req->rq_reqbuf->lm_buflens[PLAIN_PACK_MSG_OFF] = oldsize;
662 /* request from pool should always have enough buffer */
663 LASSERT(!req->rq_pool || req->rq_reqbuf_len >= newbuf_size);
665 if (req->rq_reqbuf_len < newbuf_size) {
666 newbuf_size = size_roundup_power2(newbuf_size);
668 OBD_ALLOC_LARGE(newbuf, newbuf_size);
672 memcpy(newbuf, req->rq_reqbuf, req->rq_reqbuf_len);
674 OBD_FREE_LARGE(req->rq_reqbuf, req->rq_reqbuf_len);
675 req->rq_reqbuf = newbuf;
676 req->rq_reqbuf_len = newbuf_size;
677 req->rq_reqmsg = lustre_msg_buf(req->rq_reqbuf,
678 PLAIN_PACK_MSG_OFF, 0);
681 _sptlrpc_enlarge_msg_inplace(req->rq_reqbuf, PLAIN_PACK_MSG_OFF,
683 _sptlrpc_enlarge_msg_inplace(req->rq_reqmsg, segment, newsize);
685 req->rq_reqlen = newmsg_size;
689 /****************************************
691 ****************************************/
693 static struct ptlrpc_svc_ctx plain_svc_ctx = {
694 .sc_refcount = ATOMIC_INIT(1),
695 .sc_policy = &plain_policy,
699 int plain_accept(struct ptlrpc_request *req)
701 struct lustre_msg *msg = req->rq_reqbuf;
702 struct plain_header *phdr;
705 LASSERT(SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc) ==
706 SPTLRPC_POLICY_PLAIN);
708 if (SPTLRPC_FLVR_BASE(req->rq_flvr.sf_rpc) !=
709 SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_PLAIN) ||
710 SPTLRPC_FLVR_BULK_TYPE(req->rq_flvr.sf_rpc) !=
711 SPTLRPC_FLVR_BULK_TYPE(SPTLRPC_FLVR_PLAIN)) {
712 CERROR("Invalid rpc flavor %x\n", req->rq_flvr.sf_rpc);
716 if (msg->lm_bufcount < PLAIN_PACK_SEGMENTS) {
717 CERROR("unexpected request buf count %u\n", msg->lm_bufcount);
721 swabbed = ptlrpc_req_need_swab(req);
723 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, sizeof(*phdr));
725 CERROR("missing plain header\n");
729 if (phdr->ph_ver != 0) {
730 CERROR("Invalid header version\n");
734 if (phdr->ph_bulk_hash_alg >= BULK_HASH_ALG_MAX) {
735 CERROR("invalid hash algorithm: %u\n", phdr->ph_bulk_hash_alg);
739 req->rq_sp_from = phdr->ph_sp;
740 req->rq_flvr.u_bulk.hash.hash_alg = phdr->ph_bulk_hash_alg;
742 if (phdr->ph_flags & PLAIN_FL_USER) {
743 if (sptlrpc_unpack_user_desc(msg, PLAIN_PACK_USER_OFF,
745 CERROR("Mal-formed user descriptor\n");
749 req->rq_pack_udesc = 1;
750 req->rq_user_desc = lustre_msg_buf(msg, PLAIN_PACK_USER_OFF, 0);
753 if (phdr->ph_flags & PLAIN_FL_BULK) {
754 if (plain_unpack_bsd(msg, swabbed))
757 req->rq_pack_bulk = 1;
760 req->rq_reqmsg = lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0);
761 req->rq_reqlen = msg->lm_buflens[PLAIN_PACK_MSG_OFF];
763 req->rq_svc_ctx = &plain_svc_ctx;
764 atomic_inc(&req->rq_svc_ctx->sc_refcount);
770 int plain_alloc_rs(struct ptlrpc_request *req, int msgsize)
772 struct ptlrpc_reply_state *rs;
773 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
774 int rs_size = sizeof(*rs);
776 LASSERT(msgsize % 8 == 0);
778 buflens[PLAIN_PACK_HDR_OFF] = sizeof(struct plain_header);
779 buflens[PLAIN_PACK_MSG_OFF] = msgsize;
781 if (req->rq_pack_bulk && (req->rq_bulk_read || req->rq_bulk_write))
782 buflens[PLAIN_PACK_BULK_OFF] = PLAIN_BSD_SIZE;
784 rs_size += lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
786 rs = req->rq_reply_state;
790 LASSERT(rs->rs_size >= rs_size);
792 OBD_ALLOC_LARGE(rs, rs_size);
796 rs->rs_size = rs_size;
799 rs->rs_svc_ctx = req->rq_svc_ctx;
800 atomic_inc(&req->rq_svc_ctx->sc_refcount);
801 rs->rs_repbuf = (struct lustre_msg *) (rs + 1);
802 rs->rs_repbuf_len = rs_size - sizeof(*rs);
804 lustre_init_msg_v2(rs->rs_repbuf, PLAIN_PACK_SEGMENTS, buflens, NULL);
805 rs->rs_msg = lustre_msg_buf_v2(rs->rs_repbuf, PLAIN_PACK_MSG_OFF, 0);
807 req->rq_reply_state = rs;
812 void plain_free_rs(struct ptlrpc_reply_state *rs)
814 LASSERT(atomic_read(&rs->rs_svc_ctx->sc_refcount) > 1);
815 atomic_dec(&rs->rs_svc_ctx->sc_refcount);
817 if (!rs->rs_prealloc)
818 OBD_FREE_LARGE(rs, rs->rs_size);
822 int plain_authorize(struct ptlrpc_request *req)
824 struct ptlrpc_reply_state *rs = req->rq_reply_state;
825 struct lustre_msg_v2 *msg = rs->rs_repbuf;
826 struct plain_header *phdr;
832 if (req->rq_replen != msg->lm_buflens[PLAIN_PACK_MSG_OFF])
833 len = lustre_shrink_msg(msg, PLAIN_PACK_MSG_OFF,
836 len = lustre_msg_size_v2(msg->lm_bufcount, msg->lm_buflens);
838 msg->lm_secflvr = req->rq_flvr.sf_rpc;
840 phdr = lustre_msg_buf(msg, PLAIN_PACK_HDR_OFF, 0);
843 phdr->ph_bulk_hash_alg = req->rq_flvr.u_bulk.hash.hash_alg;
845 if (req->rq_pack_bulk)
846 phdr->ph_flags |= PLAIN_FL_BULK;
848 rs->rs_repdata_len = len;
850 if (likely(req->rq_packed_final)) {
851 if (lustre_msghdr_get_flags(req->rq_reqmsg) & MSGHDR_AT_SUPPORT)
852 req->rq_reply_off = plain_at_offset;
854 req->rq_reply_off = 0;
856 unsigned int hsize = 4;
858 cfs_crypto_hash_digest(CFS_HASH_ALG_CRC32,
859 lustre_msg_buf(msg, PLAIN_PACK_MSG_OFF, 0),
860 lustre_msg_buflen(msg, PLAIN_PACK_MSG_OFF),
861 NULL, 0, (unsigned char *)&msg->lm_cksum, &hsize);
862 req->rq_reply_off = 0;
869 int plain_svc_unwrap_bulk(struct ptlrpc_request *req,
870 struct ptlrpc_bulk_desc *desc)
872 struct ptlrpc_reply_state *rs = req->rq_reply_state;
873 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
874 struct plain_bulk_token *tokenr;
877 LASSERT(req->rq_bulk_write);
878 LASSERT(req->rq_pack_bulk);
880 bsdr = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
881 tokenr = (struct plain_bulk_token *) bsdr->bsd_data;
882 bsdv = lustre_msg_buf(rs->rs_repbuf, PLAIN_PACK_BULK_OFF, 0);
884 bsdv->bsd_version = 0;
885 bsdv->bsd_type = SPTLRPC_BULK_DEFAULT;
886 bsdv->bsd_svc = bsdr->bsd_svc;
889 if (bsdr->bsd_svc == SPTLRPC_BULK_SVC_NULL)
892 rc = plain_verify_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
895 bsdv->bsd_flags |= BSD_FL_ERR;
896 CERROR("bulk write: server verify failed: %d\n", rc);
903 int plain_svc_wrap_bulk(struct ptlrpc_request *req,
904 struct ptlrpc_bulk_desc *desc)
906 struct ptlrpc_reply_state *rs = req->rq_reply_state;
907 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
908 struct plain_bulk_token *tokenv;
911 LASSERT(req->rq_bulk_read);
912 LASSERT(req->rq_pack_bulk);
914 bsdr = lustre_msg_buf(req->rq_reqbuf, PLAIN_PACK_BULK_OFF, 0);
915 bsdv = lustre_msg_buf(rs->rs_repbuf, PLAIN_PACK_BULK_OFF, 0);
916 tokenv = (struct plain_bulk_token *) bsdv->bsd_data;
918 bsdv->bsd_version = 0;
919 bsdv->bsd_type = SPTLRPC_BULK_DEFAULT;
920 bsdv->bsd_svc = bsdr->bsd_svc;
923 if (bsdr->bsd_svc == SPTLRPC_BULK_SVC_NULL)
926 rc = plain_generate_bulk_csum(desc, req->rq_flvr.u_bulk.hash.hash_alg,
929 CERROR("bulk read: server failed to compute "
930 "checksum: %d\n", rc);
932 if (OBD_FAIL_CHECK(OBD_FAIL_OSC_CHECKSUM_RECEIVE))
933 corrupt_bulk_data(desc);
939 static struct ptlrpc_ctx_ops plain_ctx_ops = {
940 .refresh = plain_ctx_refresh,
941 .validate = plain_ctx_validate,
942 .sign = plain_ctx_sign,
943 .verify = plain_ctx_verify,
944 .wrap_bulk = plain_cli_wrap_bulk,
945 .unwrap_bulk = plain_cli_unwrap_bulk,
948 static struct ptlrpc_sec_cops plain_sec_cops = {
949 .create_sec = plain_create_sec,
950 .destroy_sec = plain_destroy_sec,
951 .kill_sec = plain_kill_sec,
952 .lookup_ctx = plain_lookup_ctx,
953 .release_ctx = plain_release_ctx,
954 .flush_ctx_cache = plain_flush_ctx_cache,
955 .alloc_reqbuf = plain_alloc_reqbuf,
956 .free_reqbuf = plain_free_reqbuf,
957 .alloc_repbuf = plain_alloc_repbuf,
958 .free_repbuf = plain_free_repbuf,
959 .enlarge_reqbuf = plain_enlarge_reqbuf,
962 static struct ptlrpc_sec_sops plain_sec_sops = {
963 .accept = plain_accept,
964 .alloc_rs = plain_alloc_rs,
965 .authorize = plain_authorize,
966 .free_rs = plain_free_rs,
967 .unwrap_bulk = plain_svc_unwrap_bulk,
968 .wrap_bulk = plain_svc_wrap_bulk,
971 static struct ptlrpc_sec_policy plain_policy = {
972 .sp_owner = THIS_MODULE,
974 .sp_policy = SPTLRPC_POLICY_PLAIN,
975 .sp_cops = &plain_sec_cops,
976 .sp_sops = &plain_sec_sops,
979 int sptlrpc_plain_init(void)
981 __u32 buflens[PLAIN_PACK_SEGMENTS] = { 0, };
984 buflens[PLAIN_PACK_MSG_OFF] = lustre_msg_early_size();
985 plain_at_offset = lustre_msg_size_v2(PLAIN_PACK_SEGMENTS, buflens);
987 rc = sptlrpc_register_policy(&plain_policy);
989 CERROR("failed to register: %d\n", rc);
994 void sptlrpc_plain_fini(void)
998 rc = sptlrpc_unregister_policy(&plain_policy);
1000 CERROR("cannot unregister: %d\n", rc);