4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see
18 * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
20 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
21 * CA 95054 USA or visit www.sun.com if you need additional information or
27 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
28 * Use is subject to license terms.
31 * This file is part of Lustre, http://www.lustre.org/
32 * Lustre is a trademark of Sun Microsystems, Inc.
34 * lustre/ptlrpc/gss/gss_bulk.c
36 * Author: Eric Mei <eric.mei@sun.com>
39 #define DEBUG_SUBSYSTEM S_SEC
40 #include <linux/init.h>
41 #include <linux/module.h>
42 #include <linux/slab.h>
43 #include <linux/dcache.h>
45 #include <linux/mutex.h>
46 #include <linux/crypto.h>
49 #include <obd_class.h>
50 #include <obd_support.h>
51 #include <lustre/lustre_idl.h>
52 #include <lustre_net.h>
53 #include <lustre_import.h>
54 #include <lustre_sec.h>
57 #include "gss_internal.h"
60 int gss_cli_ctx_wrap_bulk(struct ptlrpc_cli_ctx *ctx,
61 struct ptlrpc_request *req,
62 struct ptlrpc_bulk_desc *desc)
64 struct gss_cli_ctx *gctx;
65 struct lustre_msg *msg;
66 struct ptlrpc_bulk_sec_desc *bsd;
73 LASSERT(req->rq_pack_bulk);
74 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
76 gctx = container_of(ctx, struct gss_cli_ctx, gc_base);
77 LASSERT(gctx->gc_mechctx);
79 switch (SPTLRPC_FLVR_SVC(req->rq_flvr.sf_rpc)) {
80 case SPTLRPC_SVC_NULL:
81 LASSERT(req->rq_reqbuf->lm_bufcount >= 3);
83 offset = msg->lm_bufcount - 1;
85 case SPTLRPC_SVC_AUTH:
86 case SPTLRPC_SVC_INTG:
87 LASSERT(req->rq_reqbuf->lm_bufcount >= 4);
89 offset = msg->lm_bufcount - 2;
91 case SPTLRPC_SVC_PRIV:
92 LASSERT(req->rq_clrbuf->lm_bufcount >= 2);
94 offset = msg->lm_bufcount - 1;
100 bsd = lustre_msg_buf(msg, offset, sizeof(*bsd));
101 bsd->bsd_version = 0;
103 bsd->bsd_type = SPTLRPC_BULK_DEFAULT;
104 bsd->bsd_svc = SPTLRPC_FLVR_BULK_SVC(req->rq_flvr.sf_rpc);
106 if (bsd->bsd_svc == SPTLRPC_BULK_SVC_NULL)
109 LASSERT(bsd->bsd_svc == SPTLRPC_BULK_SVC_INTG ||
110 bsd->bsd_svc == SPTLRPC_BULK_SVC_PRIV);
112 if (req->rq_bulk_read) {
114 * bulk read: prepare receiving pages only for privacy mode.
116 if (bsd->bsd_svc == SPTLRPC_BULK_SVC_PRIV)
117 return gss_cli_prep_bulk(req, desc);
120 * bulk write: sign or encrypt bulk pages.
122 bsd->bsd_nob = desc->bd_nob;
124 if (bsd->bsd_svc == SPTLRPC_BULK_SVC_INTG) {
126 token.data = bsd->bsd_data;
127 token.len = lustre_msg_buflen(msg, offset) -
130 maj = lgss_get_mic(gctx->gc_mechctx, 0, NULL,
131 desc->bd_iov_count, desc->bd_iov,
133 if (maj != GSS_S_COMPLETE) {
134 CWARN("failed to sign bulk data: %x\n", maj);
139 if (desc->bd_iov_count == 0)
142 rc = sptlrpc_enc_pool_get_pages(desc);
144 CERROR("bulk write: failed to allocate "
145 "encryption pages: %d\n", rc);
149 token.data = bsd->bsd_data;
150 token.len = lustre_msg_buflen(msg, offset) -
153 maj = lgss_wrap_bulk(gctx->gc_mechctx, desc, &token, 0);
154 if (maj != GSS_S_COMPLETE) {
155 CWARN("fail to encrypt bulk data: %x\n", maj);
164 int gss_cli_ctx_unwrap_bulk(struct ptlrpc_cli_ctx *ctx,
165 struct ptlrpc_request *req,
166 struct ptlrpc_bulk_desc *desc)
168 struct gss_cli_ctx *gctx;
169 struct lustre_msg *rmsg, *vmsg;
170 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
176 LASSERT(req->rq_pack_bulk);
177 LASSERT(req->rq_bulk_read || req->rq_bulk_write);
179 switch (SPTLRPC_FLVR_SVC(req->rq_flvr.sf_rpc)) {
180 case SPTLRPC_SVC_NULL:
181 vmsg = req->rq_repdata;
182 voff = vmsg->lm_bufcount - 1;
183 LASSERT(vmsg && vmsg->lm_bufcount >= 3);
185 rmsg = req->rq_reqbuf;
186 roff = rmsg->lm_bufcount - 1; /* last segment */
187 LASSERT(rmsg && rmsg->lm_bufcount >= 3);
189 case SPTLRPC_SVC_AUTH:
190 case SPTLRPC_SVC_INTG:
191 vmsg = req->rq_repdata;
192 voff = vmsg->lm_bufcount - 2;
193 LASSERT(vmsg && vmsg->lm_bufcount >= 4);
195 rmsg = req->rq_reqbuf;
196 roff = rmsg->lm_bufcount - 2; /* second last segment */
197 LASSERT(rmsg && rmsg->lm_bufcount >= 4);
199 case SPTLRPC_SVC_PRIV:
200 vmsg = req->rq_repdata;
201 voff = vmsg->lm_bufcount - 1;
202 LASSERT(vmsg && vmsg->lm_bufcount >= 2);
204 rmsg = req->rq_clrbuf;
205 roff = rmsg->lm_bufcount - 1; /* last segment */
206 LASSERT(rmsg && rmsg->lm_bufcount >= 2);
212 bsdr = lustre_msg_buf(rmsg, roff, sizeof(*bsdr));
213 bsdv = lustre_msg_buf(vmsg, voff, sizeof(*bsdv));
214 LASSERT(bsdr && bsdv);
216 if (bsdr->bsd_version != bsdv->bsd_version ||
217 bsdr->bsd_type != bsdv->bsd_type ||
218 bsdr->bsd_svc != bsdv->bsd_svc) {
219 CERROR("bulk security descriptor mismatch: "
220 "(%u,%u,%u) != (%u,%u,%u)\n",
221 bsdr->bsd_version, bsdr->bsd_type, bsdr->bsd_svc,
222 bsdv->bsd_version, bsdv->bsd_type, bsdv->bsd_svc);
226 LASSERT(bsdv->bsd_svc == SPTLRPC_BULK_SVC_NULL ||
227 bsdv->bsd_svc == SPTLRPC_BULK_SVC_INTG ||
228 bsdv->bsd_svc == SPTLRPC_BULK_SVC_PRIV);
231 * in privacy mode if return success, make sure bd_nob_transferred
232 * is the actual size of the clear text, otherwise upper layer
235 if (req->rq_bulk_write) {
236 if (bsdv->bsd_flags & BSD_FL_ERR) {
237 CERROR("server reported bulk i/o failure\n");
241 if (bsdv->bsd_svc == SPTLRPC_BULK_SVC_PRIV)
242 desc->bd_nob_transferred = desc->bd_nob;
245 * bulk read, upon return success, bd_nob_transferred is
246 * the size of plain text actually received.
248 gctx = container_of(ctx, struct gss_cli_ctx, gc_base);
249 LASSERT(gctx->gc_mechctx);
251 if (bsdv->bsd_svc == SPTLRPC_BULK_SVC_INTG) {
254 /* fix the actual data size */
255 for (i = 0, nob = 0; i < desc->bd_iov_count; i++) {
256 if (desc->bd_iov[i].kiov_len + nob >
257 desc->bd_nob_transferred) {
258 desc->bd_iov[i].kiov_len =
259 desc->bd_nob_transferred - nob;
261 nob += desc->bd_iov[i].kiov_len;
264 token.data = bsdv->bsd_data;
265 token.len = lustre_msg_buflen(vmsg, voff) -
268 maj = lgss_verify_mic(gctx->gc_mechctx, 0, NULL,
269 desc->bd_iov_count, desc->bd_iov,
271 if (maj != GSS_S_COMPLETE) {
272 CERROR("failed to verify bulk read: %x\n", maj);
275 } else if (bsdv->bsd_svc == SPTLRPC_BULK_SVC_PRIV) {
276 desc->bd_nob = bsdv->bsd_nob;
277 if (desc->bd_nob == 0)
280 token.data = bsdv->bsd_data;
281 token.len = lustre_msg_buflen(vmsg, voff) -
284 maj = lgss_unwrap_bulk(gctx->gc_mechctx, desc,
286 if (maj != GSS_S_COMPLETE) {
287 CERROR("failed to decrypt bulk read: %x\n",
292 desc->bd_nob_transferred = desc->bd_nob;
299 static int gss_prep_bulk(struct ptlrpc_bulk_desc *desc,
300 struct gss_ctx *mechctx)
304 if (desc->bd_iov_count == 0)
307 rc = sptlrpc_enc_pool_get_pages(desc);
311 if (lgss_prep_bulk(mechctx, desc) != GSS_S_COMPLETE)
317 int gss_cli_prep_bulk(struct ptlrpc_request *req,
318 struct ptlrpc_bulk_desc *desc)
323 LASSERT(req->rq_cli_ctx);
324 LASSERT(req->rq_pack_bulk);
325 LASSERT(req->rq_bulk_read);
327 if (SPTLRPC_FLVR_BULK_SVC(req->rq_flvr.sf_rpc) != SPTLRPC_BULK_SVC_PRIV)
330 rc = gss_prep_bulk(desc, ctx2gctx(req->rq_cli_ctx)->gc_mechctx);
332 CERROR("bulk read: failed to prepare encryption "
338 int gss_svc_prep_bulk(struct ptlrpc_request *req,
339 struct ptlrpc_bulk_desc *desc)
341 struct gss_svc_reqctx *grctx;
342 struct ptlrpc_bulk_sec_desc *bsd;
346 LASSERT(req->rq_svc_ctx);
347 LASSERT(req->rq_pack_bulk);
348 LASSERT(req->rq_bulk_write);
350 grctx = gss_svc_ctx2reqctx(req->rq_svc_ctx);
351 LASSERT(grctx->src_reqbsd);
352 LASSERT(grctx->src_repbsd);
353 LASSERT(grctx->src_ctx);
354 LASSERT(grctx->src_ctx->gsc_mechctx);
356 bsd = grctx->src_reqbsd;
357 if (bsd->bsd_svc != SPTLRPC_BULK_SVC_PRIV)
360 rc = gss_prep_bulk(desc, grctx->src_ctx->gsc_mechctx);
362 CERROR("bulk write: failed to prepare encryption "
368 int gss_svc_unwrap_bulk(struct ptlrpc_request *req,
369 struct ptlrpc_bulk_desc *desc)
371 struct gss_svc_reqctx *grctx;
372 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
377 LASSERT(req->rq_svc_ctx);
378 LASSERT(req->rq_pack_bulk);
379 LASSERT(req->rq_bulk_write);
381 grctx = gss_svc_ctx2reqctx(req->rq_svc_ctx);
383 LASSERT(grctx->src_reqbsd);
384 LASSERT(grctx->src_repbsd);
385 LASSERT(grctx->src_ctx);
386 LASSERT(grctx->src_ctx->gsc_mechctx);
388 bsdr = grctx->src_reqbsd;
389 bsdv = grctx->src_repbsd;
391 /* bsdr has been sanity checked during unpacking */
392 bsdv->bsd_version = 0;
393 bsdv->bsd_type = SPTLRPC_BULK_DEFAULT;
394 bsdv->bsd_svc = bsdr->bsd_svc;
397 switch (bsdv->bsd_svc) {
398 case SPTLRPC_BULK_SVC_INTG:
399 token.data = bsdr->bsd_data;
400 token.len = grctx->src_reqbsd_size - sizeof(*bsdr);
402 maj = lgss_verify_mic(grctx->src_ctx->gsc_mechctx, 0, NULL,
403 desc->bd_iov_count, desc->bd_iov, &token);
404 if (maj != GSS_S_COMPLETE) {
405 bsdv->bsd_flags |= BSD_FL_ERR;
406 CERROR("failed to verify bulk signature: %x\n", maj);
410 case SPTLRPC_BULK_SVC_PRIV:
411 if (bsdr->bsd_nob != desc->bd_nob) {
412 bsdv->bsd_flags |= BSD_FL_ERR;
413 CERROR("prepared nob %d doesn't match the actual "
414 "nob %d\n", desc->bd_nob, bsdr->bsd_nob);
418 if (desc->bd_iov_count == 0) {
419 LASSERT(desc->bd_nob == 0);
423 token.data = bsdr->bsd_data;
424 token.len = grctx->src_reqbsd_size - sizeof(*bsdr);
426 maj = lgss_unwrap_bulk(grctx->src_ctx->gsc_mechctx,
428 if (maj != GSS_S_COMPLETE) {
429 bsdv->bsd_flags |= BSD_FL_ERR;
430 CERROR("failed decrypt bulk data: %x\n", maj);
439 int gss_svc_wrap_bulk(struct ptlrpc_request *req,
440 struct ptlrpc_bulk_desc *desc)
442 struct gss_svc_reqctx *grctx;
443 struct ptlrpc_bulk_sec_desc *bsdr, *bsdv;
449 LASSERT(req->rq_svc_ctx);
450 LASSERT(req->rq_pack_bulk);
451 LASSERT(req->rq_bulk_read);
453 grctx = gss_svc_ctx2reqctx(req->rq_svc_ctx);
455 LASSERT(grctx->src_reqbsd);
456 LASSERT(grctx->src_repbsd);
457 LASSERT(grctx->src_ctx);
458 LASSERT(grctx->src_ctx->gsc_mechctx);
460 bsdr = grctx->src_reqbsd;
461 bsdv = grctx->src_repbsd;
463 /* bsdr has been sanity checked during unpacking */
464 bsdv->bsd_version = 0;
465 bsdv->bsd_type = SPTLRPC_BULK_DEFAULT;
466 bsdv->bsd_svc = bsdr->bsd_svc;
469 switch (bsdv->bsd_svc) {
470 case SPTLRPC_BULK_SVC_INTG:
471 token.data = bsdv->bsd_data;
472 token.len = grctx->src_repbsd_size - sizeof(*bsdv);
474 maj = lgss_get_mic(grctx->src_ctx->gsc_mechctx, 0, NULL,
475 desc->bd_iov_count, desc->bd_iov, &token);
476 if (maj != GSS_S_COMPLETE) {
477 bsdv->bsd_flags |= BSD_FL_ERR;
478 CERROR("failed to sign bulk data: %x\n", maj);
482 case SPTLRPC_BULK_SVC_PRIV:
483 bsdv->bsd_nob = desc->bd_nob;
485 if (desc->bd_iov_count == 0) {
486 LASSERT(desc->bd_nob == 0);
490 rc = sptlrpc_enc_pool_get_pages(desc);
492 bsdv->bsd_flags |= BSD_FL_ERR;
493 CERROR("bulk read: failed to allocate encryption "
498 token.data = bsdv->bsd_data;
499 token.len = grctx->src_repbsd_size - sizeof(*bsdv);
501 maj = lgss_wrap_bulk(grctx->src_ctx->gsc_mechctx,
503 if (maj != GSS_S_COMPLETE) {
504 bsdv->bsd_flags |= BSD_FL_ERR;
505 CERROR("failed to encrypt bulk data: %x\n", maj);