4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see
18 * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
20 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
21 * CA 95054 USA or visit www.sun.com if you need additional information or
27 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
28 * Use is subject to license terms.
30 * Copyright (c) 2011, 2012, Intel Corporation.
33 * This file is part of Lustre, http://www.lustre.org/
34 * Lustre is a trademark of Sun Microsystems, Inc.
38 * Author: Eric Mei <ericm@clusterfs.com>
41 #define DEBUG_SUBSYSTEM S_SEC
43 #include "../../include/linux/libcfs/libcfs.h"
44 #include <linux/crypto.h>
45 #include <linux/key.h>
47 #include "../include/obd.h"
48 #include "../include/obd_class.h"
49 #include "../include/obd_support.h"
50 #include "../include/lustre_net.h"
51 #include "../include/lustre_import.h"
52 #include "../include/lustre_dlm.h"
53 #include "../include/lustre_sec.h"
55 #include "ptlrpc_internal.h"
57 /***********************************************
59 ***********************************************/
61 static rwlock_t policy_lock;
62 static struct ptlrpc_sec_policy *policies[SPTLRPC_POLICY_MAX] = {
66 int sptlrpc_register_policy(struct ptlrpc_sec_policy *policy)
68 __u16 number = policy->sp_policy;
70 LASSERT(policy->sp_name);
71 LASSERT(policy->sp_cops);
72 LASSERT(policy->sp_sops);
74 if (number >= SPTLRPC_POLICY_MAX)
77 write_lock(&policy_lock);
78 if (unlikely(policies[number])) {
79 write_unlock(&policy_lock);
82 policies[number] = policy;
83 write_unlock(&policy_lock);
85 CDEBUG(D_SEC, "%s: registered\n", policy->sp_name);
88 EXPORT_SYMBOL(sptlrpc_register_policy);
90 int sptlrpc_unregister_policy(struct ptlrpc_sec_policy *policy)
92 __u16 number = policy->sp_policy;
94 LASSERT(number < SPTLRPC_POLICY_MAX);
96 write_lock(&policy_lock);
97 if (unlikely(!policies[number])) {
98 write_unlock(&policy_lock);
99 CERROR("%s: already unregistered\n", policy->sp_name);
103 LASSERT(policies[number] == policy);
104 policies[number] = NULL;
105 write_unlock(&policy_lock);
107 CDEBUG(D_SEC, "%s: unregistered\n", policy->sp_name);
110 EXPORT_SYMBOL(sptlrpc_unregister_policy);
113 struct ptlrpc_sec_policy *sptlrpc_wireflavor2policy(__u32 flavor)
115 static DEFINE_MUTEX(load_mutex);
116 static atomic_t loaded = ATOMIC_INIT(0);
117 struct ptlrpc_sec_policy *policy;
118 __u16 number = SPTLRPC_FLVR_POLICY(flavor);
121 if (number >= SPTLRPC_POLICY_MAX)
125 read_lock(&policy_lock);
126 policy = policies[number];
127 if (policy && !try_module_get(policy->sp_owner))
130 flag = atomic_read(&loaded);
131 read_unlock(&policy_lock);
133 if (policy || flag != 0 ||
134 number != SPTLRPC_POLICY_GSS)
137 /* try to load gss module, once */
138 mutex_lock(&load_mutex);
139 if (atomic_read(&loaded) == 0) {
140 if (request_module("ptlrpc_gss") == 0)
142 "module ptlrpc_gss loaded on demand\n");
144 CERROR("Unable to load module ptlrpc_gss\n");
146 atomic_set(&loaded, 1);
148 mutex_unlock(&load_mutex);
154 __u32 sptlrpc_name2flavor_base(const char *name)
156 if (!strcmp(name, "null"))
157 return SPTLRPC_FLVR_NULL;
158 if (!strcmp(name, "plain"))
159 return SPTLRPC_FLVR_PLAIN;
160 if (!strcmp(name, "krb5n"))
161 return SPTLRPC_FLVR_KRB5N;
162 if (!strcmp(name, "krb5a"))
163 return SPTLRPC_FLVR_KRB5A;
164 if (!strcmp(name, "krb5i"))
165 return SPTLRPC_FLVR_KRB5I;
166 if (!strcmp(name, "krb5p"))
167 return SPTLRPC_FLVR_KRB5P;
169 return SPTLRPC_FLVR_INVALID;
171 EXPORT_SYMBOL(sptlrpc_name2flavor_base);
173 const char *sptlrpc_flavor2name_base(__u32 flvr)
175 __u32 base = SPTLRPC_FLVR_BASE(flvr);
177 if (base == SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_NULL))
179 else if (base == SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_PLAIN))
181 else if (base == SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_KRB5N))
183 else if (base == SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_KRB5A))
185 else if (base == SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_KRB5I))
187 else if (base == SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_KRB5P))
190 CERROR("invalid wire flavor 0x%x\n", flvr);
193 EXPORT_SYMBOL(sptlrpc_flavor2name_base);
195 char *sptlrpc_flavor2name_bulk(struct sptlrpc_flavor *sf,
196 char *buf, int bufsize)
198 if (SPTLRPC_FLVR_POLICY(sf->sf_rpc) == SPTLRPC_POLICY_PLAIN)
199 snprintf(buf, bufsize, "hash:%s",
200 sptlrpc_get_hash_name(sf->u_bulk.hash.hash_alg));
202 snprintf(buf, bufsize, "%s",
203 sptlrpc_flavor2name_base(sf->sf_rpc));
205 buf[bufsize - 1] = '\0';
208 EXPORT_SYMBOL(sptlrpc_flavor2name_bulk);
210 char *sptlrpc_flavor2name(struct sptlrpc_flavor *sf, char *buf, int bufsize)
212 strlcpy(buf, sptlrpc_flavor2name_base(sf->sf_rpc), bufsize);
215 * currently we don't support customized bulk specification for
216 * flavors other than plain
218 if (SPTLRPC_FLVR_POLICY(sf->sf_rpc) == SPTLRPC_POLICY_PLAIN) {
222 sptlrpc_flavor2name_bulk(sf, &bspec[1], sizeof(bspec) - 1);
223 strlcat(buf, bspec, bufsize);
228 EXPORT_SYMBOL(sptlrpc_flavor2name);
230 static char *sptlrpc_secflags2str(__u32 flags, char *buf, int bufsize)
234 if (flags & PTLRPC_SEC_FL_REVERSE)
235 strlcat(buf, "reverse,", bufsize);
236 if (flags & PTLRPC_SEC_FL_ROOTONLY)
237 strlcat(buf, "rootonly,", bufsize);
238 if (flags & PTLRPC_SEC_FL_UDESC)
239 strlcat(buf, "udesc,", bufsize);
240 if (flags & PTLRPC_SEC_FL_BULK)
241 strlcat(buf, "bulk,", bufsize);
243 strlcat(buf, "-,", bufsize);
248 /**************************************************
249 * client context APIs *
250 **************************************************/
253 struct ptlrpc_cli_ctx *get_my_ctx(struct ptlrpc_sec *sec)
255 struct vfs_cred vcred;
256 int create = 1, remove_dead = 1;
259 LASSERT(sec->ps_policy->sp_cops->lookup_ctx);
261 if (sec->ps_flvr.sf_flags & (PTLRPC_SEC_FL_REVERSE |
262 PTLRPC_SEC_FL_ROOTONLY)) {
265 if (sec->ps_flvr.sf_flags & PTLRPC_SEC_FL_REVERSE) {
270 vcred.vc_uid = from_kuid(&init_user_ns, current_uid());
271 vcred.vc_gid = from_kgid(&init_user_ns, current_gid());
274 return sec->ps_policy->sp_cops->lookup_ctx(sec, &vcred,
275 create, remove_dead);
278 struct ptlrpc_cli_ctx *sptlrpc_cli_ctx_get(struct ptlrpc_cli_ctx *ctx)
280 atomic_inc(&ctx->cc_refcount);
283 EXPORT_SYMBOL(sptlrpc_cli_ctx_get);
285 void sptlrpc_cli_ctx_put(struct ptlrpc_cli_ctx *ctx, int sync)
287 struct ptlrpc_sec *sec = ctx->cc_sec;
290 LASSERT_ATOMIC_POS(&ctx->cc_refcount);
292 if (!atomic_dec_and_test(&ctx->cc_refcount))
295 sec->ps_policy->sp_cops->release_ctx(sec, ctx, sync);
297 EXPORT_SYMBOL(sptlrpc_cli_ctx_put);
299 static int import_sec_check_expire(struct obd_import *imp)
303 spin_lock(&imp->imp_lock);
304 if (imp->imp_sec_expire &&
305 imp->imp_sec_expire < ktime_get_real_seconds()) {
307 imp->imp_sec_expire = 0;
309 spin_unlock(&imp->imp_lock);
314 CDEBUG(D_SEC, "found delayed sec adapt expired, do it now\n");
315 return sptlrpc_import_sec_adapt(imp, NULL, NULL);
318 static int import_sec_validate_get(struct obd_import *imp,
319 struct ptlrpc_sec **sec)
323 if (unlikely(imp->imp_sec_expire)) {
324 rc = import_sec_check_expire(imp);
329 *sec = sptlrpc_import_sec_ref(imp);
331 CERROR("import %p (%s) with no sec\n",
332 imp, ptlrpc_import_state_name(imp->imp_state));
336 if (unlikely((*sec)->ps_dying)) {
337 CERROR("attempt to use dying sec %p\n", sec);
338 sptlrpc_sec_put(*sec);
346 * Given a \a req, find or allocate a appropriate context for it.
347 * \pre req->rq_cli_ctx == NULL.
349 * \retval 0 succeed, and req->rq_cli_ctx is set.
350 * \retval -ev error number, and req->rq_cli_ctx == NULL.
352 int sptlrpc_req_get_ctx(struct ptlrpc_request *req)
354 struct obd_import *imp = req->rq_import;
355 struct ptlrpc_sec *sec;
358 LASSERT(!req->rq_cli_ctx);
361 rc = import_sec_validate_get(imp, &sec);
365 req->rq_cli_ctx = get_my_ctx(sec);
367 sptlrpc_sec_put(sec);
369 if (!req->rq_cli_ctx) {
370 CERROR("req %p: fail to get context\n", req);
378 * Drop the context for \a req.
379 * \pre req->rq_cli_ctx != NULL.
380 * \post req->rq_cli_ctx == NULL.
382 * If \a sync == 0, this function should return quickly without sleep;
383 * otherwise it might trigger and wait for the whole process of sending
384 * an context-destroying rpc to server.
386 void sptlrpc_req_put_ctx(struct ptlrpc_request *req, int sync)
389 LASSERT(req->rq_cli_ctx);
391 /* request might be asked to release earlier while still
392 * in the context waiting list.
394 if (!list_empty(&req->rq_ctx_chain)) {
395 spin_lock(&req->rq_cli_ctx->cc_lock);
396 list_del_init(&req->rq_ctx_chain);
397 spin_unlock(&req->rq_cli_ctx->cc_lock);
400 sptlrpc_cli_ctx_put(req->rq_cli_ctx, sync);
401 req->rq_cli_ctx = NULL;
405 int sptlrpc_req_ctx_switch(struct ptlrpc_request *req,
406 struct ptlrpc_cli_ctx *oldctx,
407 struct ptlrpc_cli_ctx *newctx)
409 struct sptlrpc_flavor old_flvr;
410 char *reqmsg = NULL; /* to workaround old gcc */
414 LASSERT(req->rq_reqmsg);
415 LASSERT(req->rq_reqlen);
416 LASSERT(req->rq_replen);
418 CDEBUG(D_SEC, "req %p: switch ctx %p(%u->%s) -> %p(%u->%s), switch sec %p(%s) -> %p(%s)\n",
420 oldctx, oldctx->cc_vcred.vc_uid, sec2target_str(oldctx->cc_sec),
421 newctx, newctx->cc_vcred.vc_uid, sec2target_str(newctx->cc_sec),
422 oldctx->cc_sec, oldctx->cc_sec->ps_policy->sp_name,
423 newctx->cc_sec, newctx->cc_sec->ps_policy->sp_name);
426 old_flvr = req->rq_flvr;
428 /* save request message */
429 reqmsg_size = req->rq_reqlen;
430 if (reqmsg_size != 0) {
431 reqmsg = libcfs_kvzalloc(reqmsg_size, GFP_NOFS);
434 memcpy(reqmsg, req->rq_reqmsg, reqmsg_size);
437 /* release old req/rep buf */
438 req->rq_cli_ctx = oldctx;
439 sptlrpc_cli_free_reqbuf(req);
440 sptlrpc_cli_free_repbuf(req);
441 req->rq_cli_ctx = newctx;
443 /* recalculate the flavor */
444 sptlrpc_req_set_flavor(req, 0);
446 /* alloc new request buffer
447 * we don't need to alloc reply buffer here, leave it to the
448 * rest procedure of ptlrpc
450 if (reqmsg_size != 0) {
451 rc = sptlrpc_cli_alloc_reqbuf(req, reqmsg_size);
453 LASSERT(req->rq_reqmsg);
454 memcpy(req->rq_reqmsg, reqmsg, reqmsg_size);
456 CWARN("failed to alloc reqbuf: %d\n", rc);
457 req->rq_flvr = old_flvr;
466 * If current context of \a req is dead somehow, e.g. we just switched flavor
467 * thus marked original contexts dead, we'll find a new context for it. if
468 * no switch is needed, \a req will end up with the same context.
470 * \note a request must have a context, to keep other parts of code happy.
471 * In any case of failure during the switching, we must restore the old one.
473 static int sptlrpc_req_replace_dead_ctx(struct ptlrpc_request *req)
475 struct ptlrpc_cli_ctx *oldctx = req->rq_cli_ctx;
476 struct ptlrpc_cli_ctx *newctx;
481 sptlrpc_cli_ctx_get(oldctx);
482 sptlrpc_req_put_ctx(req, 0);
484 rc = sptlrpc_req_get_ctx(req);
486 LASSERT(!req->rq_cli_ctx);
488 /* restore old ctx */
489 req->rq_cli_ctx = oldctx;
493 newctx = req->rq_cli_ctx;
496 if (unlikely(newctx == oldctx &&
497 test_bit(PTLRPC_CTX_DEAD_BIT, &oldctx->cc_flags))) {
499 * still get the old dead ctx, usually means system too busy
502 "ctx (%p, fl %lx) doesn't switch, relax a little bit\n",
503 newctx, newctx->cc_flags);
505 set_current_state(TASK_INTERRUPTIBLE);
506 schedule_timeout(HZ);
509 * it's possible newctx == oldctx if we're switching
510 * subflavor with the same sec.
512 rc = sptlrpc_req_ctx_switch(req, oldctx, newctx);
514 /* restore old ctx */
515 sptlrpc_req_put_ctx(req, 0);
516 req->rq_cli_ctx = oldctx;
520 LASSERT(req->rq_cli_ctx == newctx);
523 sptlrpc_cli_ctx_put(oldctx, 1);
528 int ctx_check_refresh(struct ptlrpc_cli_ctx *ctx)
530 if (cli_ctx_is_refreshed(ctx))
536 int ctx_refresh_timeout(void *data)
538 struct ptlrpc_request *req = data;
541 /* conn_cnt is needed in expire_one_request */
542 lustre_msg_set_conn_cnt(req->rq_reqmsg, req->rq_import->imp_conn_cnt);
544 rc = ptlrpc_expire_one_request(req, 1);
545 /* if we started recovery, we should mark this ctx dead; otherwise
546 * in case of lgssd died nobody would retire this ctx, following
547 * connecting will still find the same ctx thus cause deadlock.
548 * there's an assumption that expire time of the request should be
549 * later than the context refresh expire time.
552 req->rq_cli_ctx->cc_ops->force_die(req->rq_cli_ctx, 0);
557 void ctx_refresh_interrupt(void *data)
559 struct ptlrpc_request *req = data;
561 spin_lock(&req->rq_lock);
563 spin_unlock(&req->rq_lock);
567 void req_off_ctx_list(struct ptlrpc_request *req, struct ptlrpc_cli_ctx *ctx)
569 spin_lock(&ctx->cc_lock);
570 if (!list_empty(&req->rq_ctx_chain))
571 list_del_init(&req->rq_ctx_chain);
572 spin_unlock(&ctx->cc_lock);
576 * To refresh the context of \req, if it's not up-to-date.
579 * - = 0: wait until success or fatal error occur
580 * - > 0: timeout value (in seconds)
582 * The status of the context could be subject to be changed by other threads
583 * at any time. We allow this race, but once we return with 0, the caller will
584 * suppose it's uptodated and keep using it until the owning rpc is done.
586 * \retval 0 only if the context is uptodated.
587 * \retval -ev error number.
589 int sptlrpc_req_refresh_ctx(struct ptlrpc_request *req, long timeout)
591 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
592 struct ptlrpc_sec *sec;
593 struct l_wait_info lwi;
598 if (req->rq_ctx_init || req->rq_ctx_fini)
602 * during the process a request's context might change type even
603 * (e.g. from gss ctx to null ctx), so each loop we need to re-check
607 rc = import_sec_validate_get(req->rq_import, &sec);
611 if (sec->ps_flvr.sf_rpc != req->rq_flvr.sf_rpc) {
612 CDEBUG(D_SEC, "req %p: flavor has changed %x -> %x\n",
613 req, req->rq_flvr.sf_rpc, sec->ps_flvr.sf_rpc);
614 req_off_ctx_list(req, ctx);
615 sptlrpc_req_replace_dead_ctx(req);
616 ctx = req->rq_cli_ctx;
618 sptlrpc_sec_put(sec);
620 if (cli_ctx_is_eternal(ctx))
623 if (unlikely(test_bit(PTLRPC_CTX_NEW_BIT, &ctx->cc_flags))) {
624 LASSERT(ctx->cc_ops->refresh);
625 ctx->cc_ops->refresh(ctx);
627 LASSERT(test_bit(PTLRPC_CTX_NEW_BIT, &ctx->cc_flags) == 0);
629 LASSERT(ctx->cc_ops->validate);
630 if (ctx->cc_ops->validate(ctx) == 0) {
631 req_off_ctx_list(req, ctx);
635 if (unlikely(test_bit(PTLRPC_CTX_ERROR_BIT, &ctx->cc_flags))) {
636 spin_lock(&req->rq_lock);
638 spin_unlock(&req->rq_lock);
639 req_off_ctx_list(req, ctx);
644 * There's a subtle issue for resending RPCs, suppose following
646 * 1. the request was sent to server.
647 * 2. recovery was kicked start, after finished the request was
649 * 3. resend the request.
650 * 4. old reply from server received, we accept and verify the reply.
651 * this has to be success, otherwise the error will be aware
653 * 5. new reply from server received, dropped by LNet.
655 * Note the xid of old & new request is the same. We can't simply
656 * change xid for the resent request because the server replies on
657 * it for reply reconstruction.
659 * Commonly the original context should be uptodate because we
660 * have a expiry nice time; server will keep its context because
661 * we at least hold a ref of old context which prevent context
662 * destroying RPC being sent. So server still can accept the request
663 * and finish the RPC. But if that's not the case:
664 * 1. If server side context has been trimmed, a NO_CONTEXT will
665 * be returned, gss_cli_ctx_verify/unseal will switch to new
667 * 2. Current context never be refreshed, then we are fine: we
668 * never really send request with old context before.
670 if (test_bit(PTLRPC_CTX_UPTODATE_BIT, &ctx->cc_flags) &&
671 unlikely(req->rq_reqmsg) &&
672 lustre_msg_get_flags(req->rq_reqmsg) & MSG_RESENT) {
673 req_off_ctx_list(req, ctx);
677 if (unlikely(test_bit(PTLRPC_CTX_DEAD_BIT, &ctx->cc_flags))) {
678 req_off_ctx_list(req, ctx);
680 * don't switch ctx if import was deactivated
682 if (req->rq_import->imp_deactive) {
683 spin_lock(&req->rq_lock);
685 spin_unlock(&req->rq_lock);
689 rc = sptlrpc_req_replace_dead_ctx(req);
691 LASSERT(ctx == req->rq_cli_ctx);
692 CERROR("req %p: failed to replace dead ctx %p: %d\n",
694 spin_lock(&req->rq_lock);
696 spin_unlock(&req->rq_lock);
700 ctx = req->rq_cli_ctx;
705 * Now we're sure this context is during upcall, add myself into
708 spin_lock(&ctx->cc_lock);
709 if (list_empty(&req->rq_ctx_chain))
710 list_add(&req->rq_ctx_chain, &ctx->cc_req_list);
711 spin_unlock(&ctx->cc_lock);
716 /* Clear any flags that may be present from previous sends */
717 LASSERT(req->rq_receiving_reply == 0);
718 spin_lock(&req->rq_lock);
720 req->rq_timedout = 0;
723 spin_unlock(&req->rq_lock);
725 lwi = LWI_TIMEOUT_INTR(timeout * HZ, ctx_refresh_timeout,
726 ctx_refresh_interrupt, req);
727 rc = l_wait_event(req->rq_reply_waitq, ctx_check_refresh(ctx), &lwi);
730 * following cases could lead us here:
731 * - successfully refreshed;
733 * - timedout, and we don't want recover from the failure;
734 * - timedout, and waked up upon recovery finished;
735 * - someone else mark this ctx dead by force;
736 * - someone invalidate the req and call ptlrpc_client_wake_req(),
737 * e.g. ptlrpc_abort_inflight();
739 if (!cli_ctx_is_refreshed(ctx)) {
740 /* timed out or interrupted */
741 req_off_ctx_list(req, ctx);
751 * Initialize flavor settings for \a req, according to \a opcode.
753 * \note this could be called in two situations:
754 * - new request from ptlrpc_pre_req(), with proper @opcode
755 * - old request which changed ctx in the middle, with @opcode == 0
757 void sptlrpc_req_set_flavor(struct ptlrpc_request *req, int opcode)
759 struct ptlrpc_sec *sec;
761 LASSERT(req->rq_import);
762 LASSERT(req->rq_cli_ctx);
763 LASSERT(req->rq_cli_ctx->cc_sec);
764 LASSERT(req->rq_bulk_read == 0 || req->rq_bulk_write == 0);
766 /* special security flags according to opcode */
770 case MGS_CONFIG_READ:
772 req->rq_bulk_read = 1;
776 req->rq_bulk_write = 1;
779 req->rq_ctx_init = 1;
782 req->rq_ctx_fini = 1;
785 /* init/fini rpc won't be resend, so can't be here */
786 LASSERT(req->rq_ctx_init == 0);
787 LASSERT(req->rq_ctx_fini == 0);
789 /* cleanup flags, which should be recalculated */
790 req->rq_pack_udesc = 0;
791 req->rq_pack_bulk = 0;
795 sec = req->rq_cli_ctx->cc_sec;
797 spin_lock(&sec->ps_lock);
798 req->rq_flvr = sec->ps_flvr;
799 spin_unlock(&sec->ps_lock);
801 /* force SVC_NULL for context initiation rpc, SVC_INTG for context
804 if (unlikely(req->rq_ctx_init))
805 flvr_set_svc(&req->rq_flvr.sf_rpc, SPTLRPC_SVC_NULL);
806 else if (unlikely(req->rq_ctx_fini))
807 flvr_set_svc(&req->rq_flvr.sf_rpc, SPTLRPC_SVC_INTG);
809 /* user descriptor flag, null security can't do it anyway */
810 if ((sec->ps_flvr.sf_flags & PTLRPC_SEC_FL_UDESC) &&
811 (req->rq_flvr.sf_rpc != SPTLRPC_FLVR_NULL))
812 req->rq_pack_udesc = 1;
814 /* bulk security flag */
815 if ((req->rq_bulk_read || req->rq_bulk_write) &&
816 sptlrpc_flavor_has_bulk(&req->rq_flvr))
817 req->rq_pack_bulk = 1;
820 void sptlrpc_request_out_callback(struct ptlrpc_request *req)
822 if (SPTLRPC_FLVR_SVC(req->rq_flvr.sf_rpc) != SPTLRPC_SVC_PRIV)
825 LASSERT(req->rq_clrbuf);
826 if (req->rq_pool || !req->rq_reqbuf)
829 kfree(req->rq_reqbuf);
830 req->rq_reqbuf = NULL;
831 req->rq_reqbuf_len = 0;
835 * Given an import \a imp, check whether current user has a valid context
836 * or not. We may create a new context and try to refresh it, and try
837 * repeatedly try in case of non-fatal errors. Return 0 means success.
839 int sptlrpc_import_check_ctx(struct obd_import *imp)
841 struct ptlrpc_sec *sec;
842 struct ptlrpc_cli_ctx *ctx;
843 struct ptlrpc_request *req = NULL;
848 sec = sptlrpc_import_sec_ref(imp);
849 ctx = get_my_ctx(sec);
850 sptlrpc_sec_put(sec);
855 if (cli_ctx_is_eternal(ctx) ||
856 ctx->cc_ops->validate(ctx) == 0) {
857 sptlrpc_cli_ctx_put(ctx, 1);
861 if (cli_ctx_is_error(ctx)) {
862 sptlrpc_cli_ctx_put(ctx, 1);
866 req = ptlrpc_request_cache_alloc(GFP_NOFS);
870 spin_lock_init(&req->rq_lock);
871 atomic_set(&req->rq_refcount, 10000);
872 INIT_LIST_HEAD(&req->rq_ctx_chain);
873 init_waitqueue_head(&req->rq_reply_waitq);
874 init_waitqueue_head(&req->rq_set_waitq);
875 req->rq_import = imp;
876 req->rq_flvr = sec->ps_flvr;
877 req->rq_cli_ctx = ctx;
879 rc = sptlrpc_req_refresh_ctx(req, 0);
880 LASSERT(list_empty(&req->rq_ctx_chain));
881 sptlrpc_cli_ctx_put(req->rq_cli_ctx, 1);
882 ptlrpc_request_cache_free(req);
888 * Used by ptlrpc client, to perform the pre-defined security transformation
889 * upon the request message of \a req. After this function called,
890 * req->rq_reqmsg is still accessible as clear text.
892 int sptlrpc_cli_wrap_request(struct ptlrpc_request *req)
894 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
898 LASSERT(ctx->cc_sec);
899 LASSERT(req->rq_reqbuf || req->rq_clrbuf);
901 /* we wrap bulk request here because now we can be sure
902 * the context is uptodate.
905 rc = sptlrpc_cli_wrap_bulk(req, req->rq_bulk);
910 switch (SPTLRPC_FLVR_SVC(req->rq_flvr.sf_rpc)) {
911 case SPTLRPC_SVC_NULL:
912 case SPTLRPC_SVC_AUTH:
913 case SPTLRPC_SVC_INTG:
914 LASSERT(ctx->cc_ops->sign);
915 rc = ctx->cc_ops->sign(ctx, req);
917 case SPTLRPC_SVC_PRIV:
918 LASSERT(ctx->cc_ops->seal);
919 rc = ctx->cc_ops->seal(ctx, req);
926 LASSERT(req->rq_reqdata_len);
927 LASSERT(req->rq_reqdata_len % 8 == 0);
928 LASSERT(req->rq_reqdata_len <= req->rq_reqbuf_len);
934 static int do_cli_unwrap_reply(struct ptlrpc_request *req)
936 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
940 LASSERT(ctx->cc_sec);
941 LASSERT(req->rq_repbuf);
942 LASSERT(req->rq_repdata);
943 LASSERT(!req->rq_repmsg);
945 req->rq_rep_swab_mask = 0;
947 rc = __lustre_unpack_msg(req->rq_repdata, req->rq_repdata_len);
950 lustre_set_rep_swabbed(req, MSG_PTLRPC_HEADER_OFF);
954 CERROR("failed unpack reply: x%llu\n", req->rq_xid);
958 if (req->rq_repdata_len < sizeof(struct lustre_msg)) {
959 CERROR("replied data length %d too small\n",
960 req->rq_repdata_len);
964 if (SPTLRPC_FLVR_POLICY(req->rq_repdata->lm_secflvr) !=
965 SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc)) {
966 CERROR("reply policy %u doesn't match request policy %u\n",
967 SPTLRPC_FLVR_POLICY(req->rq_repdata->lm_secflvr),
968 SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc));
972 switch (SPTLRPC_FLVR_SVC(req->rq_flvr.sf_rpc)) {
973 case SPTLRPC_SVC_NULL:
974 case SPTLRPC_SVC_AUTH:
975 case SPTLRPC_SVC_INTG:
976 LASSERT(ctx->cc_ops->verify);
977 rc = ctx->cc_ops->verify(ctx, req);
979 case SPTLRPC_SVC_PRIV:
980 LASSERT(ctx->cc_ops->unseal);
981 rc = ctx->cc_ops->unseal(ctx, req);
986 LASSERT(rc || req->rq_repmsg || req->rq_resend);
988 if (SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc) != SPTLRPC_POLICY_NULL &&
990 req->rq_rep_swab_mask = 0;
995 * Used by ptlrpc client, to perform security transformation upon the reply
996 * message of \a req. After return successfully, req->rq_repmsg points to
997 * the reply message in clear text.
999 * \pre the reply buffer should have been un-posted from LNet, so nothing is
1002 int sptlrpc_cli_unwrap_reply(struct ptlrpc_request *req)
1004 LASSERT(req->rq_repbuf);
1005 LASSERT(!req->rq_repdata);
1006 LASSERT(!req->rq_repmsg);
1007 LASSERT(req->rq_reply_off + req->rq_nob_received <= req->rq_repbuf_len);
1009 if (req->rq_reply_off == 0 &&
1010 (lustre_msghdr_get_flags(req->rq_reqmsg) & MSGHDR_AT_SUPPORT)) {
1011 CERROR("real reply with offset 0\n");
1015 if (req->rq_reply_off % 8 != 0) {
1016 CERROR("reply at odd offset %u\n", req->rq_reply_off);
1020 req->rq_repdata = (struct lustre_msg *)
1021 (req->rq_repbuf + req->rq_reply_off);
1022 req->rq_repdata_len = req->rq_nob_received;
1024 return do_cli_unwrap_reply(req);
1028 * Used by ptlrpc client, to perform security transformation upon the early
1029 * reply message of \a req. We expect the rq_reply_off is 0, and
1030 * rq_nob_received is the early reply size.
1032 * Because the receive buffer might be still posted, the reply data might be
1033 * changed at any time, no matter we're holding rq_lock or not. For this reason
1034 * we allocate a separate ptlrpc_request and reply buffer for early reply
1037 * \retval 0 success, \a req_ret is filled with a duplicated ptlrpc_request.
1038 * Later the caller must call sptlrpc_cli_finish_early_reply() on the returned
1039 * \a *req_ret to release it.
1040 * \retval -ev error number, and \a req_ret will not be set.
1042 int sptlrpc_cli_unwrap_early_reply(struct ptlrpc_request *req,
1043 struct ptlrpc_request **req_ret)
1045 struct ptlrpc_request *early_req;
1047 int early_bufsz, early_size;
1050 early_req = ptlrpc_request_cache_alloc(GFP_NOFS);
1054 early_size = req->rq_nob_received;
1055 early_bufsz = size_roundup_power2(early_size);
1056 early_buf = libcfs_kvzalloc(early_bufsz, GFP_NOFS);
1062 /* sanity checkings and copy data out, do it inside spinlock */
1063 spin_lock(&req->rq_lock);
1065 if (req->rq_replied) {
1066 spin_unlock(&req->rq_lock);
1071 LASSERT(req->rq_repbuf);
1072 LASSERT(!req->rq_repdata);
1073 LASSERT(!req->rq_repmsg);
1075 if (req->rq_reply_off != 0) {
1076 CERROR("early reply with offset %u\n", req->rq_reply_off);
1077 spin_unlock(&req->rq_lock);
1082 if (req->rq_nob_received != early_size) {
1083 /* even another early arrived the size should be the same */
1084 CERROR("data size has changed from %u to %u\n",
1085 early_size, req->rq_nob_received);
1086 spin_unlock(&req->rq_lock);
1091 if (req->rq_nob_received < sizeof(struct lustre_msg)) {
1092 CERROR("early reply length %d too small\n",
1093 req->rq_nob_received);
1094 spin_unlock(&req->rq_lock);
1099 memcpy(early_buf, req->rq_repbuf, early_size);
1100 spin_unlock(&req->rq_lock);
1102 spin_lock_init(&early_req->rq_lock);
1103 early_req->rq_cli_ctx = sptlrpc_cli_ctx_get(req->rq_cli_ctx);
1104 early_req->rq_flvr = req->rq_flvr;
1105 early_req->rq_repbuf = early_buf;
1106 early_req->rq_repbuf_len = early_bufsz;
1107 early_req->rq_repdata = (struct lustre_msg *) early_buf;
1108 early_req->rq_repdata_len = early_size;
1109 early_req->rq_early = 1;
1110 early_req->rq_reqmsg = req->rq_reqmsg;
1112 rc = do_cli_unwrap_reply(early_req);
1114 DEBUG_REQ(D_ADAPTTO, early_req,
1115 "error %d unwrap early reply", rc);
1119 LASSERT(early_req->rq_repmsg);
1120 *req_ret = early_req;
1124 sptlrpc_cli_ctx_put(early_req->rq_cli_ctx, 1);
1128 ptlrpc_request_cache_free(early_req);
1133 * Used by ptlrpc client, to release a processed early reply \a early_req.
1135 * \pre \a early_req was obtained from calling sptlrpc_cli_unwrap_early_reply().
1137 void sptlrpc_cli_finish_early_reply(struct ptlrpc_request *early_req)
1139 LASSERT(early_req->rq_repbuf);
1140 LASSERT(early_req->rq_repdata);
1141 LASSERT(early_req->rq_repmsg);
1143 sptlrpc_cli_ctx_put(early_req->rq_cli_ctx, 1);
1144 kvfree(early_req->rq_repbuf);
1145 ptlrpc_request_cache_free(early_req);
1148 /**************************************************
1150 **************************************************/
1153 * "fixed" sec (e.g. null) use sec_id < 0
1155 static atomic_t sptlrpc_sec_id = ATOMIC_INIT(1);
1157 int sptlrpc_get_next_secid(void)
1159 return atomic_inc_return(&sptlrpc_sec_id);
1161 EXPORT_SYMBOL(sptlrpc_get_next_secid);
1163 /**************************************************
1164 * client side high-level security APIs *
1165 **************************************************/
1167 static int sec_cop_flush_ctx_cache(struct ptlrpc_sec *sec, uid_t uid,
1168 int grace, int force)
1170 struct ptlrpc_sec_policy *policy = sec->ps_policy;
1172 LASSERT(policy->sp_cops);
1173 LASSERT(policy->sp_cops->flush_ctx_cache);
1175 return policy->sp_cops->flush_ctx_cache(sec, uid, grace, force);
1178 static void sec_cop_destroy_sec(struct ptlrpc_sec *sec)
1180 struct ptlrpc_sec_policy *policy = sec->ps_policy;
1182 LASSERT_ATOMIC_ZERO(&sec->ps_refcount);
1183 LASSERT_ATOMIC_ZERO(&sec->ps_nctx);
1184 LASSERT(policy->sp_cops->destroy_sec);
1186 CDEBUG(D_SEC, "%s@%p: being destroyed\n", sec->ps_policy->sp_name, sec);
1188 policy->sp_cops->destroy_sec(sec);
1189 sptlrpc_policy_put(policy);
1192 static void sptlrpc_sec_kill(struct ptlrpc_sec *sec)
1194 LASSERT_ATOMIC_POS(&sec->ps_refcount);
1196 if (sec->ps_policy->sp_cops->kill_sec) {
1197 sec->ps_policy->sp_cops->kill_sec(sec);
1199 sec_cop_flush_ctx_cache(sec, -1, 1, 1);
1203 static struct ptlrpc_sec *sptlrpc_sec_get(struct ptlrpc_sec *sec)
1206 atomic_inc(&sec->ps_refcount);
1211 void sptlrpc_sec_put(struct ptlrpc_sec *sec)
1214 LASSERT_ATOMIC_POS(&sec->ps_refcount);
1216 if (atomic_dec_and_test(&sec->ps_refcount)) {
1217 sptlrpc_gc_del_sec(sec);
1218 sec_cop_destroy_sec(sec);
1222 EXPORT_SYMBOL(sptlrpc_sec_put);
1225 * policy module is responsible for taking reference of import
1228 struct ptlrpc_sec *sptlrpc_sec_create(struct obd_import *imp,
1229 struct ptlrpc_svc_ctx *svc_ctx,
1230 struct sptlrpc_flavor *sf,
1231 enum lustre_sec_part sp)
1233 struct ptlrpc_sec_policy *policy;
1234 struct ptlrpc_sec *sec;
1238 LASSERT(imp->imp_dlm_fake == 1);
1240 CDEBUG(D_SEC, "%s %s: reverse sec using flavor %s\n",
1241 imp->imp_obd->obd_type->typ_name,
1242 imp->imp_obd->obd_name,
1243 sptlrpc_flavor2name(sf, str, sizeof(str)));
1245 policy = sptlrpc_policy_get(svc_ctx->sc_policy);
1246 sf->sf_flags |= PTLRPC_SEC_FL_REVERSE | PTLRPC_SEC_FL_ROOTONLY;
1248 LASSERT(imp->imp_dlm_fake == 0);
1250 CDEBUG(D_SEC, "%s %s: select security flavor %s\n",
1251 imp->imp_obd->obd_type->typ_name,
1252 imp->imp_obd->obd_name,
1253 sptlrpc_flavor2name(sf, str, sizeof(str)));
1255 policy = sptlrpc_wireflavor2policy(sf->sf_rpc);
1257 CERROR("invalid flavor 0x%x\n", sf->sf_rpc);
1262 sec = policy->sp_cops->create_sec(imp, svc_ctx, sf);
1264 atomic_inc(&sec->ps_refcount);
1268 if (sec->ps_gc_interval && policy->sp_cops->gc_ctx)
1269 sptlrpc_gc_add_sec(sec);
1271 sptlrpc_policy_put(policy);
1277 struct ptlrpc_sec *sptlrpc_import_sec_ref(struct obd_import *imp)
1279 struct ptlrpc_sec *sec;
1281 spin_lock(&imp->imp_lock);
1282 sec = sptlrpc_sec_get(imp->imp_sec);
1283 spin_unlock(&imp->imp_lock);
1287 EXPORT_SYMBOL(sptlrpc_import_sec_ref);
1289 static void sptlrpc_import_sec_install(struct obd_import *imp,
1290 struct ptlrpc_sec *sec)
1292 struct ptlrpc_sec *old_sec;
1294 LASSERT_ATOMIC_POS(&sec->ps_refcount);
1296 spin_lock(&imp->imp_lock);
1297 old_sec = imp->imp_sec;
1299 spin_unlock(&imp->imp_lock);
1302 sptlrpc_sec_kill(old_sec);
1304 /* balance the ref taken by this import */
1305 sptlrpc_sec_put(old_sec);
1310 int flavor_equal(struct sptlrpc_flavor *sf1, struct sptlrpc_flavor *sf2)
1312 return (memcmp(sf1, sf2, sizeof(*sf1)) == 0);
1316 void flavor_copy(struct sptlrpc_flavor *dst, struct sptlrpc_flavor *src)
1321 static void sptlrpc_import_sec_adapt_inplace(struct obd_import *imp,
1322 struct ptlrpc_sec *sec,
1323 struct sptlrpc_flavor *sf)
1325 char str1[32], str2[32];
1327 if (sec->ps_flvr.sf_flags != sf->sf_flags)
1328 CDEBUG(D_SEC, "changing sec flags: %s -> %s\n",
1329 sptlrpc_secflags2str(sec->ps_flvr.sf_flags,
1330 str1, sizeof(str1)),
1331 sptlrpc_secflags2str(sf->sf_flags,
1332 str2, sizeof(str2)));
1334 spin_lock(&sec->ps_lock);
1335 flavor_copy(&sec->ps_flvr, sf);
1336 spin_unlock(&sec->ps_lock);
1340 * To get an appropriate ptlrpc_sec for the \a imp, according to the current
1341 * configuration. Upon called, imp->imp_sec may or may not be NULL.
1343 * - regular import: \a svc_ctx should be NULL and \a flvr is ignored;
1344 * - reverse import: \a svc_ctx and \a flvr are obtained from incoming request.
1346 int sptlrpc_import_sec_adapt(struct obd_import *imp,
1347 struct ptlrpc_svc_ctx *svc_ctx,
1348 struct sptlrpc_flavor *flvr)
1350 struct ptlrpc_connection *conn;
1351 struct sptlrpc_flavor sf;
1352 struct ptlrpc_sec *sec, *newsec;
1353 enum lustre_sec_part sp;
1362 conn = imp->imp_connection;
1365 struct client_obd *cliobd = &imp->imp_obd->u.cli;
1367 * normal import, determine flavor from rule set, except
1368 * for mgc the flavor is predetermined.
1370 if (cliobd->cl_sp_me == LUSTRE_SP_MGC)
1371 sf = cliobd->cl_flvr_mgc;
1373 sptlrpc_conf_choose_flavor(cliobd->cl_sp_me,
1375 &cliobd->cl_target_uuid,
1378 sp = imp->imp_obd->u.cli.cl_sp_me;
1380 /* reverse import, determine flavor from incoming request */
1383 if (sf.sf_rpc != SPTLRPC_FLVR_NULL)
1384 sf.sf_flags = PTLRPC_SEC_FL_REVERSE |
1385 PTLRPC_SEC_FL_ROOTONLY;
1387 sp = sptlrpc_target_sec_part(imp->imp_obd);
1390 sec = sptlrpc_import_sec_ref(imp);
1394 if (flavor_equal(&sf, &sec->ps_flvr))
1397 CDEBUG(D_SEC, "import %s->%s: changing flavor %s -> %s\n",
1398 imp->imp_obd->obd_name,
1399 obd_uuid2str(&conn->c_remote_uuid),
1400 sptlrpc_flavor2name(&sec->ps_flvr, str, sizeof(str)),
1401 sptlrpc_flavor2name(&sf, str2, sizeof(str2)));
1403 if (SPTLRPC_FLVR_POLICY(sf.sf_rpc) ==
1404 SPTLRPC_FLVR_POLICY(sec->ps_flvr.sf_rpc) &&
1405 SPTLRPC_FLVR_MECH(sf.sf_rpc) ==
1406 SPTLRPC_FLVR_MECH(sec->ps_flvr.sf_rpc)) {
1407 sptlrpc_import_sec_adapt_inplace(imp, sec, &sf);
1410 } else if (SPTLRPC_FLVR_BASE(sf.sf_rpc) !=
1411 SPTLRPC_FLVR_BASE(SPTLRPC_FLVR_NULL)) {
1412 CDEBUG(D_SEC, "import %s->%s netid %x: select flavor %s\n",
1413 imp->imp_obd->obd_name,
1414 obd_uuid2str(&conn->c_remote_uuid),
1415 LNET_NIDNET(conn->c_self),
1416 sptlrpc_flavor2name(&sf, str, sizeof(str)));
1419 mutex_lock(&imp->imp_sec_mutex);
1421 newsec = sptlrpc_sec_create(imp, svc_ctx, &sf, sp);
1423 sptlrpc_import_sec_install(imp, newsec);
1425 CERROR("import %s->%s: failed to create new sec\n",
1426 imp->imp_obd->obd_name,
1427 obd_uuid2str(&conn->c_remote_uuid));
1431 mutex_unlock(&imp->imp_sec_mutex);
1433 sptlrpc_sec_put(sec);
1437 void sptlrpc_import_sec_put(struct obd_import *imp)
1440 sptlrpc_sec_kill(imp->imp_sec);
1442 sptlrpc_sec_put(imp->imp_sec);
1443 imp->imp_sec = NULL;
1447 static void import_flush_ctx_common(struct obd_import *imp,
1448 uid_t uid, int grace, int force)
1450 struct ptlrpc_sec *sec;
1455 sec = sptlrpc_import_sec_ref(imp);
1459 sec_cop_flush_ctx_cache(sec, uid, grace, force);
1460 sptlrpc_sec_put(sec);
1463 void sptlrpc_import_flush_my_ctx(struct obd_import *imp)
1465 import_flush_ctx_common(imp, from_kuid(&init_user_ns, current_uid()),
1468 EXPORT_SYMBOL(sptlrpc_import_flush_my_ctx);
1470 void sptlrpc_import_flush_all_ctx(struct obd_import *imp)
1472 import_flush_ctx_common(imp, -1, 1, 1);
1474 EXPORT_SYMBOL(sptlrpc_import_flush_all_ctx);
1477 * Used by ptlrpc client to allocate request buffer of \a req. Upon return
1478 * successfully, req->rq_reqmsg points to a buffer with size \a msgsize.
1480 int sptlrpc_cli_alloc_reqbuf(struct ptlrpc_request *req, int msgsize)
1482 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
1483 struct ptlrpc_sec_policy *policy;
1487 LASSERT(ctx->cc_sec);
1488 LASSERT(ctx->cc_sec->ps_policy);
1489 LASSERT(!req->rq_reqmsg);
1490 LASSERT_ATOMIC_POS(&ctx->cc_refcount);
1492 policy = ctx->cc_sec->ps_policy;
1493 rc = policy->sp_cops->alloc_reqbuf(ctx->cc_sec, req, msgsize);
1495 LASSERT(req->rq_reqmsg);
1496 LASSERT(req->rq_reqbuf || req->rq_clrbuf);
1498 /* zeroing preallocated buffer */
1500 memset(req->rq_reqmsg, 0, msgsize);
1507 * Used by ptlrpc client to free request buffer of \a req. After this
1508 * req->rq_reqmsg is set to NULL and should not be accessed anymore.
1510 void sptlrpc_cli_free_reqbuf(struct ptlrpc_request *req)
1512 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
1513 struct ptlrpc_sec_policy *policy;
1516 LASSERT(ctx->cc_sec);
1517 LASSERT(ctx->cc_sec->ps_policy);
1518 LASSERT_ATOMIC_POS(&ctx->cc_refcount);
1520 if (!req->rq_reqbuf && !req->rq_clrbuf)
1523 policy = ctx->cc_sec->ps_policy;
1524 policy->sp_cops->free_reqbuf(ctx->cc_sec, req);
1525 req->rq_reqmsg = NULL;
1529 * NOTE caller must guarantee the buffer size is enough for the enlargement
1531 void _sptlrpc_enlarge_msg_inplace(struct lustre_msg *msg,
1532 int segment, int newsize)
1535 int oldsize, oldmsg_size, movesize;
1537 LASSERT(segment < msg->lm_bufcount);
1538 LASSERT(msg->lm_buflens[segment] <= newsize);
1540 if (msg->lm_buflens[segment] == newsize)
1543 /* nothing to do if we are enlarging the last segment */
1544 if (segment == msg->lm_bufcount - 1) {
1545 msg->lm_buflens[segment] = newsize;
1549 oldsize = msg->lm_buflens[segment];
1551 src = lustre_msg_buf(msg, segment + 1, 0);
1552 msg->lm_buflens[segment] = newsize;
1553 dst = lustre_msg_buf(msg, segment + 1, 0);
1554 msg->lm_buflens[segment] = oldsize;
1556 /* move from segment + 1 to end segment */
1557 LASSERT(msg->lm_magic == LUSTRE_MSG_MAGIC_V2);
1558 oldmsg_size = lustre_msg_size_v2(msg->lm_bufcount, msg->lm_buflens);
1559 movesize = oldmsg_size - ((unsigned long) src - (unsigned long) msg);
1560 LASSERT(movesize >= 0);
1563 memmove(dst, src, movesize);
1565 /* note we don't clear the ares where old data live, not secret */
1567 /* finally set new segment size */
1568 msg->lm_buflens[segment] = newsize;
1570 EXPORT_SYMBOL(_sptlrpc_enlarge_msg_inplace);
1573 * Used by ptlrpc client to enlarge the \a segment of request message pointed
1574 * by req->rq_reqmsg to size \a newsize, all previously filled-in data will be
1575 * preserved after the enlargement. this must be called after original request
1576 * buffer being allocated.
1578 * \note after this be called, rq_reqmsg and rq_reqlen might have been changed,
1579 * so caller should refresh its local pointers if needed.
1581 int sptlrpc_cli_enlarge_reqbuf(struct ptlrpc_request *req,
1582 int segment, int newsize)
1584 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
1585 struct ptlrpc_sec_cops *cops;
1586 struct lustre_msg *msg = req->rq_reqmsg;
1590 LASSERT(msg->lm_bufcount > segment);
1591 LASSERT(msg->lm_buflens[segment] <= newsize);
1593 if (msg->lm_buflens[segment] == newsize)
1596 cops = ctx->cc_sec->ps_policy->sp_cops;
1597 LASSERT(cops->enlarge_reqbuf);
1598 return cops->enlarge_reqbuf(ctx->cc_sec, req, segment, newsize);
1600 EXPORT_SYMBOL(sptlrpc_cli_enlarge_reqbuf);
1603 * Used by ptlrpc client to allocate reply buffer of \a req.
1605 * \note After this, req->rq_repmsg is still not accessible.
1607 int sptlrpc_cli_alloc_repbuf(struct ptlrpc_request *req, int msgsize)
1609 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
1610 struct ptlrpc_sec_policy *policy;
1613 LASSERT(ctx->cc_sec);
1614 LASSERT(ctx->cc_sec->ps_policy);
1619 policy = ctx->cc_sec->ps_policy;
1620 return policy->sp_cops->alloc_repbuf(ctx->cc_sec, req, msgsize);
1624 * Used by ptlrpc client to free reply buffer of \a req. After this
1625 * req->rq_repmsg is set to NULL and should not be accessed anymore.
1627 void sptlrpc_cli_free_repbuf(struct ptlrpc_request *req)
1629 struct ptlrpc_cli_ctx *ctx = req->rq_cli_ctx;
1630 struct ptlrpc_sec_policy *policy;
1633 LASSERT(ctx->cc_sec);
1634 LASSERT(ctx->cc_sec->ps_policy);
1635 LASSERT_ATOMIC_POS(&ctx->cc_refcount);
1637 if (!req->rq_repbuf)
1639 LASSERT(req->rq_repbuf_len);
1641 policy = ctx->cc_sec->ps_policy;
1642 policy->sp_cops->free_repbuf(ctx->cc_sec, req);
1643 req->rq_repmsg = NULL;
1646 static int sptlrpc_svc_install_rvs_ctx(struct obd_import *imp,
1647 struct ptlrpc_svc_ctx *ctx)
1649 struct ptlrpc_sec_policy *policy = ctx->sc_policy;
1651 if (!policy->sp_sops->install_rctx)
1653 return policy->sp_sops->install_rctx(imp, ctx);
1656 /****************************************
1657 * server side security *
1658 ****************************************/
1660 static int flavor_allowed(struct sptlrpc_flavor *exp,
1661 struct ptlrpc_request *req)
1663 struct sptlrpc_flavor *flvr = &req->rq_flvr;
1665 if (exp->sf_rpc == SPTLRPC_FLVR_ANY || exp->sf_rpc == flvr->sf_rpc)
1668 if ((req->rq_ctx_init || req->rq_ctx_fini) &&
1669 SPTLRPC_FLVR_POLICY(exp->sf_rpc) ==
1670 SPTLRPC_FLVR_POLICY(flvr->sf_rpc) &&
1671 SPTLRPC_FLVR_MECH(exp->sf_rpc) == SPTLRPC_FLVR_MECH(flvr->sf_rpc))
1677 #define EXP_FLVR_UPDATE_EXPIRE (OBD_TIMEOUT_DEFAULT + 10)
1680 * Given an export \a exp, check whether the flavor of incoming \a req
1681 * is allowed by the export \a exp. Main logic is about taking care of
1682 * changing configurations. Return 0 means success.
1684 int sptlrpc_target_export_check(struct obd_export *exp,
1685 struct ptlrpc_request *req)
1687 struct sptlrpc_flavor flavor;
1692 /* client side export has no imp_reverse, skip
1693 * FIXME maybe we should check flavor this as well???
1695 if (!exp->exp_imp_reverse)
1698 /* don't care about ctx fini rpc */
1699 if (req->rq_ctx_fini)
1702 spin_lock(&exp->exp_lock);
1704 /* if flavor just changed (exp->exp_flvr_changed != 0), we wait for
1705 * the first req with the new flavor, then treat it as current flavor,
1706 * adapt reverse sec according to it.
1707 * note the first rpc with new flavor might not be with root ctx, in
1708 * which case delay the sec_adapt by leaving exp_flvr_adapt == 1.
1710 if (unlikely(exp->exp_flvr_changed) &&
1711 flavor_allowed(&exp->exp_flvr_old[1], req)) {
1712 /* make the new flavor as "current", and old ones as
1715 CDEBUG(D_SEC, "exp %p: just changed: %x->%x\n", exp,
1716 exp->exp_flvr.sf_rpc, exp->exp_flvr_old[1].sf_rpc);
1717 flavor = exp->exp_flvr_old[1];
1718 exp->exp_flvr_old[1] = exp->exp_flvr_old[0];
1719 exp->exp_flvr_expire[1] = exp->exp_flvr_expire[0];
1720 exp->exp_flvr_old[0] = exp->exp_flvr;
1721 exp->exp_flvr_expire[0] = ktime_get_real_seconds() +
1722 EXP_FLVR_UPDATE_EXPIRE;
1723 exp->exp_flvr = flavor;
1725 /* flavor change finished */
1726 exp->exp_flvr_changed = 0;
1727 LASSERT(exp->exp_flvr_adapt == 1);
1729 /* if it's gss, we only interested in root ctx init */
1730 if (req->rq_auth_gss &&
1731 !(req->rq_ctx_init &&
1732 (req->rq_auth_usr_root || req->rq_auth_usr_mdt ||
1733 req->rq_auth_usr_ost))) {
1734 spin_unlock(&exp->exp_lock);
1735 CDEBUG(D_SEC, "is good but not root(%d:%d:%d:%d:%d)\n",
1736 req->rq_auth_gss, req->rq_ctx_init,
1737 req->rq_auth_usr_root, req->rq_auth_usr_mdt,
1738 req->rq_auth_usr_ost);
1742 exp->exp_flvr_adapt = 0;
1743 spin_unlock(&exp->exp_lock);
1745 return sptlrpc_import_sec_adapt(exp->exp_imp_reverse,
1746 req->rq_svc_ctx, &flavor);
1749 /* if it equals to the current flavor, we accept it, but need to
1750 * dealing with reverse sec/ctx
1752 if (likely(flavor_allowed(&exp->exp_flvr, req))) {
1753 /* most cases should return here, we only interested in
1756 if (!req->rq_auth_gss || !req->rq_ctx_init ||
1757 (!req->rq_auth_usr_root && !req->rq_auth_usr_mdt &&
1758 !req->rq_auth_usr_ost)) {
1759 spin_unlock(&exp->exp_lock);
1763 /* if flavor just changed, we should not proceed, just leave
1764 * it and current flavor will be discovered and replaced
1765 * shortly, and let _this_ rpc pass through
1767 if (exp->exp_flvr_changed) {
1768 LASSERT(exp->exp_flvr_adapt);
1769 spin_unlock(&exp->exp_lock);
1773 if (exp->exp_flvr_adapt) {
1774 exp->exp_flvr_adapt = 0;
1775 CDEBUG(D_SEC, "exp %p (%x|%x|%x): do delayed adapt\n",
1776 exp, exp->exp_flvr.sf_rpc,
1777 exp->exp_flvr_old[0].sf_rpc,
1778 exp->exp_flvr_old[1].sf_rpc);
1779 flavor = exp->exp_flvr;
1780 spin_unlock(&exp->exp_lock);
1782 return sptlrpc_import_sec_adapt(exp->exp_imp_reverse,
1786 CDEBUG(D_SEC, "exp %p (%x|%x|%x): is current flavor, install rvs ctx\n",
1787 exp, exp->exp_flvr.sf_rpc,
1788 exp->exp_flvr_old[0].sf_rpc,
1789 exp->exp_flvr_old[1].sf_rpc);
1790 spin_unlock(&exp->exp_lock);
1792 return sptlrpc_svc_install_rvs_ctx(exp->exp_imp_reverse,
1797 if (exp->exp_flvr_expire[0]) {
1798 if (exp->exp_flvr_expire[0] >= ktime_get_real_seconds()) {
1799 if (flavor_allowed(&exp->exp_flvr_old[0], req)) {
1800 CDEBUG(D_SEC, "exp %p (%x|%x|%x): match the middle one (%lld)\n", exp,
1801 exp->exp_flvr.sf_rpc,
1802 exp->exp_flvr_old[0].sf_rpc,
1803 exp->exp_flvr_old[1].sf_rpc,
1804 (s64)(exp->exp_flvr_expire[0] -
1805 ktime_get_real_seconds()));
1806 spin_unlock(&exp->exp_lock);
1810 CDEBUG(D_SEC, "mark middle expired\n");
1811 exp->exp_flvr_expire[0] = 0;
1813 CDEBUG(D_SEC, "exp %p (%x|%x|%x): %x not match middle\n", exp,
1814 exp->exp_flvr.sf_rpc,
1815 exp->exp_flvr_old[0].sf_rpc, exp->exp_flvr_old[1].sf_rpc,
1816 req->rq_flvr.sf_rpc);
1819 /* now it doesn't match the current flavor, the only chance we can
1820 * accept it is match the old flavors which is not expired.
1822 if (exp->exp_flvr_changed == 0 && exp->exp_flvr_expire[1]) {
1823 if (exp->exp_flvr_expire[1] >= ktime_get_real_seconds()) {
1824 if (flavor_allowed(&exp->exp_flvr_old[1], req)) {
1825 CDEBUG(D_SEC, "exp %p (%x|%x|%x): match the oldest one (%lld)\n",
1827 exp->exp_flvr.sf_rpc,
1828 exp->exp_flvr_old[0].sf_rpc,
1829 exp->exp_flvr_old[1].sf_rpc,
1830 (s64)(exp->exp_flvr_expire[1] -
1831 ktime_get_real_seconds()));
1832 spin_unlock(&exp->exp_lock);
1836 CDEBUG(D_SEC, "mark oldest expired\n");
1837 exp->exp_flvr_expire[1] = 0;
1839 CDEBUG(D_SEC, "exp %p (%x|%x|%x): %x not match found\n",
1840 exp, exp->exp_flvr.sf_rpc,
1841 exp->exp_flvr_old[0].sf_rpc, exp->exp_flvr_old[1].sf_rpc,
1842 req->rq_flvr.sf_rpc);
1844 CDEBUG(D_SEC, "exp %p (%x|%x|%x): skip the last one\n",
1845 exp, exp->exp_flvr.sf_rpc, exp->exp_flvr_old[0].sf_rpc,
1846 exp->exp_flvr_old[1].sf_rpc);
1849 spin_unlock(&exp->exp_lock);
1851 CWARN("exp %p(%s): req %p (%u|%u|%u|%u|%u|%u) with unauthorized flavor %x, expect %x|%x(%+lld)|%x(%+lld)\n",
1852 exp, exp->exp_obd->obd_name,
1853 req, req->rq_auth_gss, req->rq_ctx_init, req->rq_ctx_fini,
1854 req->rq_auth_usr_root, req->rq_auth_usr_mdt, req->rq_auth_usr_ost,
1855 req->rq_flvr.sf_rpc,
1856 exp->exp_flvr.sf_rpc,
1857 exp->exp_flvr_old[0].sf_rpc,
1858 exp->exp_flvr_expire[0] ?
1859 (s64)(exp->exp_flvr_expire[0] - ktime_get_real_seconds()) : 0,
1860 exp->exp_flvr_old[1].sf_rpc,
1861 exp->exp_flvr_expire[1] ?
1862 (s64)(exp->exp_flvr_expire[1] - ktime_get_real_seconds()) : 0);
1865 EXPORT_SYMBOL(sptlrpc_target_export_check);
1867 static int sptlrpc_svc_check_from(struct ptlrpc_request *req, int svc_rc)
1869 /* peer's claim is unreliable unless gss is being used */
1870 if (!req->rq_auth_gss || svc_rc == SECSVC_DROP)
1873 switch (req->rq_sp_from) {
1875 if (req->rq_auth_usr_mdt || req->rq_auth_usr_ost) {
1876 DEBUG_REQ(D_ERROR, req, "faked source CLI");
1877 svc_rc = SECSVC_DROP;
1881 if (!req->rq_auth_usr_mdt) {
1882 DEBUG_REQ(D_ERROR, req, "faked source MDT");
1883 svc_rc = SECSVC_DROP;
1887 if (!req->rq_auth_usr_ost) {
1888 DEBUG_REQ(D_ERROR, req, "faked source OST");
1889 svc_rc = SECSVC_DROP;
1894 if (!req->rq_auth_usr_root && !req->rq_auth_usr_mdt &&
1895 !req->rq_auth_usr_ost) {
1896 DEBUG_REQ(D_ERROR, req, "faked source MGC/MGS");
1897 svc_rc = SECSVC_DROP;
1902 DEBUG_REQ(D_ERROR, req, "invalid source %u", req->rq_sp_from);
1903 svc_rc = SECSVC_DROP;
1910 * Used by ptlrpc server, to perform transformation upon request message of
1911 * incoming \a req. This must be the first thing to do with a incoming
1912 * request in ptlrpc layer.
1914 * \retval SECSVC_OK success, and req->rq_reqmsg point to request message in
1915 * clear text, size is req->rq_reqlen; also req->rq_svc_ctx is set.
1916 * \retval SECSVC_COMPLETE success, the request has been fully processed, and
1917 * reply message has been prepared.
1918 * \retval SECSVC_DROP failed, this request should be dropped.
1920 int sptlrpc_svc_unwrap_request(struct ptlrpc_request *req)
1922 struct ptlrpc_sec_policy *policy;
1923 struct lustre_msg *msg = req->rq_reqbuf;
1927 LASSERT(!req->rq_reqmsg);
1928 LASSERT(!req->rq_repmsg);
1929 LASSERT(!req->rq_svc_ctx);
1931 req->rq_req_swab_mask = 0;
1933 rc = __lustre_unpack_msg(msg, req->rq_reqdata_len);
1936 lustre_set_req_swabbed(req, MSG_PTLRPC_HEADER_OFF);
1940 CERROR("error unpacking request from %s x%llu\n",
1941 libcfs_id2str(req->rq_peer), req->rq_xid);
1945 req->rq_flvr.sf_rpc = WIRE_FLVR(msg->lm_secflvr);
1946 req->rq_sp_from = LUSTRE_SP_ANY;
1947 req->rq_auth_uid = -1;
1948 req->rq_auth_mapped_uid = -1;
1950 policy = sptlrpc_wireflavor2policy(req->rq_flvr.sf_rpc);
1952 CERROR("unsupported rpc flavor %x\n", req->rq_flvr.sf_rpc);
1956 LASSERT(policy->sp_sops->accept);
1957 rc = policy->sp_sops->accept(req);
1958 sptlrpc_policy_put(policy);
1959 LASSERT(req->rq_reqmsg || rc != SECSVC_OK);
1960 LASSERT(req->rq_svc_ctx || rc == SECSVC_DROP);
1963 * if it's not null flavor (which means embedded packing msg),
1964 * reset the swab mask for the coming inner msg unpacking.
1966 if (SPTLRPC_FLVR_POLICY(req->rq_flvr.sf_rpc) != SPTLRPC_POLICY_NULL)
1967 req->rq_req_swab_mask = 0;
1969 /* sanity check for the request source */
1970 rc = sptlrpc_svc_check_from(req, rc);
1975 * Used by ptlrpc server, to allocate reply buffer for \a req. If succeed,
1976 * req->rq_reply_state is set, and req->rq_reply_state->rs_msg point to
1977 * a buffer of \a msglen size.
1979 int sptlrpc_svc_alloc_rs(struct ptlrpc_request *req, int msglen)
1981 struct ptlrpc_sec_policy *policy;
1982 struct ptlrpc_reply_state *rs;
1985 LASSERT(req->rq_svc_ctx);
1986 LASSERT(req->rq_svc_ctx->sc_policy);
1988 policy = req->rq_svc_ctx->sc_policy;
1989 LASSERT(policy->sp_sops->alloc_rs);
1991 rc = policy->sp_sops->alloc_rs(req, msglen);
1992 if (unlikely(rc == -ENOMEM)) {
1993 struct ptlrpc_service_part *svcpt = req->rq_rqbd->rqbd_svcpt;
1995 if (svcpt->scp_service->srv_max_reply_size <
1996 msglen + sizeof(struct ptlrpc_reply_state)) {
1997 /* Just return failure if the size is too big */
1998 CERROR("size of message is too big (%zd), %d allowed\n",
1999 msglen + sizeof(struct ptlrpc_reply_state),
2000 svcpt->scp_service->srv_max_reply_size);
2004 /* failed alloc, try emergency pool */
2005 rs = lustre_get_emerg_rs(svcpt);
2009 req->rq_reply_state = rs;
2010 rc = policy->sp_sops->alloc_rs(req, msglen);
2012 lustre_put_emerg_rs(rs);
2013 req->rq_reply_state = NULL;
2018 (req->rq_reply_state && req->rq_reply_state->rs_msg));
2024 * Used by ptlrpc server, to perform transformation upon reply message.
2026 * \post req->rq_reply_off is set to appropriate server-controlled reply offset.
2027 * \post req->rq_repmsg and req->rq_reply_state->rs_msg becomes inaccessible.
2029 int sptlrpc_svc_wrap_reply(struct ptlrpc_request *req)
2031 struct ptlrpc_sec_policy *policy;
2034 LASSERT(req->rq_svc_ctx);
2035 LASSERT(req->rq_svc_ctx->sc_policy);
2037 policy = req->rq_svc_ctx->sc_policy;
2038 LASSERT(policy->sp_sops->authorize);
2040 rc = policy->sp_sops->authorize(req);
2041 LASSERT(rc || req->rq_reply_state->rs_repdata_len);
2047 * Used by ptlrpc server, to free reply_state.
2049 void sptlrpc_svc_free_rs(struct ptlrpc_reply_state *rs)
2051 struct ptlrpc_sec_policy *policy;
2052 unsigned int prealloc;
2054 LASSERT(rs->rs_svc_ctx);
2055 LASSERT(rs->rs_svc_ctx->sc_policy);
2057 policy = rs->rs_svc_ctx->sc_policy;
2058 LASSERT(policy->sp_sops->free_rs);
2060 prealloc = rs->rs_prealloc;
2061 policy->sp_sops->free_rs(rs);
2064 lustre_put_emerg_rs(rs);
2067 void sptlrpc_svc_ctx_addref(struct ptlrpc_request *req)
2069 struct ptlrpc_svc_ctx *ctx = req->rq_svc_ctx;
2072 atomic_inc(&ctx->sc_refcount);
2075 void sptlrpc_svc_ctx_decref(struct ptlrpc_request *req)
2077 struct ptlrpc_svc_ctx *ctx = req->rq_svc_ctx;
2082 LASSERT_ATOMIC_POS(&ctx->sc_refcount);
2083 if (atomic_dec_and_test(&ctx->sc_refcount)) {
2084 if (ctx->sc_policy->sp_sops->free_ctx)
2085 ctx->sc_policy->sp_sops->free_ctx(ctx);
2087 req->rq_svc_ctx = NULL;
2090 /****************************************
2092 ****************************************/
2095 * Perform transformation upon bulk data pointed by \a desc. This is called
2096 * before transforming the request message.
2098 int sptlrpc_cli_wrap_bulk(struct ptlrpc_request *req,
2099 struct ptlrpc_bulk_desc *desc)
2101 struct ptlrpc_cli_ctx *ctx;
2103 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
2105 if (!req->rq_pack_bulk)
2108 ctx = req->rq_cli_ctx;
2109 if (ctx->cc_ops->wrap_bulk)
2110 return ctx->cc_ops->wrap_bulk(ctx, req, desc);
2113 EXPORT_SYMBOL(sptlrpc_cli_wrap_bulk);
2116 * This is called after unwrap the reply message.
2117 * return nob of actual plain text size received, or error code.
2119 int sptlrpc_cli_unwrap_bulk_read(struct ptlrpc_request *req,
2120 struct ptlrpc_bulk_desc *desc,
2123 struct ptlrpc_cli_ctx *ctx;
2126 LASSERT(req->rq_bulk_read && !req->rq_bulk_write);
2128 if (!req->rq_pack_bulk)
2129 return desc->bd_nob_transferred;
2131 ctx = req->rq_cli_ctx;
2132 if (ctx->cc_ops->unwrap_bulk) {
2133 rc = ctx->cc_ops->unwrap_bulk(ctx, req, desc);
2137 return desc->bd_nob_transferred;
2139 EXPORT_SYMBOL(sptlrpc_cli_unwrap_bulk_read);
2142 * This is called after unwrap the reply message.
2143 * return 0 for success or error code.
2145 int sptlrpc_cli_unwrap_bulk_write(struct ptlrpc_request *req,
2146 struct ptlrpc_bulk_desc *desc)
2148 struct ptlrpc_cli_ctx *ctx;
2151 LASSERT(!req->rq_bulk_read && req->rq_bulk_write);
2153 if (!req->rq_pack_bulk)
2156 ctx = req->rq_cli_ctx;
2157 if (ctx->cc_ops->unwrap_bulk) {
2158 rc = ctx->cc_ops->unwrap_bulk(ctx, req, desc);
2164 * if everything is going right, nob should equals to nob_transferred.
2165 * in case of privacy mode, nob_transferred needs to be adjusted.
2167 if (desc->bd_nob != desc->bd_nob_transferred) {
2168 CERROR("nob %d doesn't match transferred nob %d\n",
2169 desc->bd_nob, desc->bd_nob_transferred);
2175 EXPORT_SYMBOL(sptlrpc_cli_unwrap_bulk_write);
2177 /****************************************
2178 * user descriptor helpers *
2179 ****************************************/
2181 int sptlrpc_current_user_desc_size(void)
2185 ngroups = current_ngroups;
2187 if (ngroups > LUSTRE_MAX_GROUPS)
2188 ngroups = LUSTRE_MAX_GROUPS;
2189 return sptlrpc_user_desc_size(ngroups);
2191 EXPORT_SYMBOL(sptlrpc_current_user_desc_size);
2193 int sptlrpc_pack_user_desc(struct lustre_msg *msg, int offset)
2195 struct ptlrpc_user_desc *pud;
2197 pud = lustre_msg_buf(msg, offset, 0);
2199 pud->pud_uid = from_kuid(&init_user_ns, current_uid());
2200 pud->pud_gid = from_kgid(&init_user_ns, current_gid());
2201 pud->pud_fsuid = from_kuid(&init_user_ns, current_fsuid());
2202 pud->pud_fsgid = from_kgid(&init_user_ns, current_fsgid());
2203 pud->pud_cap = cfs_curproc_cap_pack();
2204 pud->pud_ngroups = (msg->lm_buflens[offset] - sizeof(*pud)) / 4;
2207 if (pud->pud_ngroups > current_ngroups)
2208 pud->pud_ngroups = current_ngroups;
2209 memcpy(pud->pud_groups, current_cred()->group_info->blocks[0],
2210 pud->pud_ngroups * sizeof(__u32));
2211 task_unlock(current);
2215 EXPORT_SYMBOL(sptlrpc_pack_user_desc);
2217 int sptlrpc_unpack_user_desc(struct lustre_msg *msg, int offset, int swabbed)
2219 struct ptlrpc_user_desc *pud;
2222 pud = lustre_msg_buf(msg, offset, sizeof(*pud));
2227 __swab32s(&pud->pud_uid);
2228 __swab32s(&pud->pud_gid);
2229 __swab32s(&pud->pud_fsuid);
2230 __swab32s(&pud->pud_fsgid);
2231 __swab32s(&pud->pud_cap);
2232 __swab32s(&pud->pud_ngroups);
2235 if (pud->pud_ngroups > LUSTRE_MAX_GROUPS) {
2236 CERROR("%u groups is too large\n", pud->pud_ngroups);
2240 if (sizeof(*pud) + pud->pud_ngroups * sizeof(__u32) >
2241 msg->lm_buflens[offset]) {
2242 CERROR("%u groups are claimed but bufsize only %u\n",
2243 pud->pud_ngroups, msg->lm_buflens[offset]);
2248 for (i = 0; i < pud->pud_ngroups; i++)
2249 __swab32s(&pud->pud_groups[i]);
2254 EXPORT_SYMBOL(sptlrpc_unpack_user_desc);
2256 /****************************************
2258 ****************************************/
2260 const char *sec2target_str(struct ptlrpc_sec *sec)
2262 if (!sec || !sec->ps_import || !sec->ps_import->imp_obd)
2264 if (sec_is_reverse(sec))
2266 return obd_uuid2str(&sec->ps_import->imp_obd->u.cli.cl_target_uuid);
2268 EXPORT_SYMBOL(sec2target_str);
2271 * return true if the bulk data is protected
2273 bool sptlrpc_flavor_has_bulk(struct sptlrpc_flavor *flvr)
2275 switch (SPTLRPC_FLVR_BULK_SVC(flvr->sf_rpc)) {
2276 case SPTLRPC_BULK_SVC_INTG:
2277 case SPTLRPC_BULK_SVC_PRIV:
2283 EXPORT_SYMBOL(sptlrpc_flavor_has_bulk);
2285 /****************************************
2286 * crypto API helper/alloc blkciper *
2287 ****************************************/
2289 /****************************************
2290 * initialize/finalize *
2291 ****************************************/
2293 int sptlrpc_init(void)
2297 rwlock_init(&policy_lock);
2299 rc = sptlrpc_gc_init();
2303 rc = sptlrpc_conf_init();
2307 rc = sptlrpc_enc_pool_init();
2311 rc = sptlrpc_null_init();
2315 rc = sptlrpc_plain_init();
2319 rc = sptlrpc_lproc_init();
2326 sptlrpc_plain_fini();
2328 sptlrpc_null_fini();
2330 sptlrpc_enc_pool_fini();
2332 sptlrpc_conf_fini();
2339 void sptlrpc_fini(void)
2341 sptlrpc_lproc_fini();
2342 sptlrpc_plain_fini();
2343 sptlrpc_null_fini();
2344 sptlrpc_enc_pool_fini();
2345 sptlrpc_conf_fini();
projects / cascardo / linux.git / blob