diff options
| author | Yan, Zheng <zyan@redhat.com> | 2014-11-04 03:33:37 -0500 |
|---|---|---|
| committer | Ilya Dryomov <idryomov@redhat.com> | 2014-12-17 12:09:50 -0500 |
| commit | 33d07337962c7bbd2fd5cf7f1106735c9507fbe2 (patch) | |
| tree | 93a95e7d02db4d7ba7d282483e32fd0627a3c281 /include/linux/ceph | |
| parent | ae385eaf24dc39c1703049112e4265b9f93b7d86 (diff) | |
libceph: message signature support
Signed-off-by: Yan, Zheng <zyan@redhat.com>
Diffstat (limited to 'include/linux/ceph')
| -rw-r--r-- | include/linux/ceph/auth.h | 26 | ||||
| -rw-r--r-- | include/linux/ceph/ceph_features.h | 1 | ||||
| -rw-r--r-- | include/linux/ceph/messenger.h | 9 | ||||
| -rw-r--r-- | include/linux/ceph/msgr.h | 8 |
4 files changed, 43 insertions, 1 deletions
diff --git a/include/linux/ceph/auth.h b/include/linux/ceph/auth.h index 5f3386844134..260d78b587c4 100644 --- a/include/linux/ceph/auth.h +++ b/include/linux/ceph/auth.h | |||
| @@ -13,6 +13,7 @@ | |||
| 13 | 13 | ||
| 14 | struct ceph_auth_client; | 14 | struct ceph_auth_client; |
| 15 | struct ceph_authorizer; | 15 | struct ceph_authorizer; |
| 16 | struct ceph_msg; | ||
| 16 | 17 | ||
| 17 | struct ceph_auth_handshake { | 18 | struct ceph_auth_handshake { |
| 18 | struct ceph_authorizer *authorizer; | 19 | struct ceph_authorizer *authorizer; |
| @@ -20,6 +21,10 @@ struct ceph_auth_handshake { | |||
| 20 | size_t authorizer_buf_len; | 21 | size_t authorizer_buf_len; |
| 21 | void *authorizer_reply_buf; | 22 | void *authorizer_reply_buf; |
| 22 | size_t authorizer_reply_buf_len; | 23 | size_t authorizer_reply_buf_len; |
| 24 | int (*sign_message)(struct ceph_auth_handshake *auth, | ||
| 25 | struct ceph_msg *msg); | ||
| 26 | int (*check_message_signature)(struct ceph_auth_handshake *auth, | ||
| 27 | struct ceph_msg *msg); | ||
| 23 | }; | 28 | }; |
| 24 | 29 | ||
| 25 | struct ceph_auth_client_ops { | 30 | struct ceph_auth_client_ops { |
| @@ -66,6 +71,11 @@ struct ceph_auth_client_ops { | |||
| 66 | void (*reset)(struct ceph_auth_client *ac); | 71 | void (*reset)(struct ceph_auth_client *ac); |
| 67 | 72 | ||
| 68 | void (*destroy)(struct ceph_auth_client *ac); | 73 | void (*destroy)(struct ceph_auth_client *ac); |
| 74 | |||
| 75 | int (*sign_message)(struct ceph_auth_handshake *auth, | ||
| 76 | struct ceph_msg *msg); | ||
| 77 | int (*check_message_signature)(struct ceph_auth_handshake *auth, | ||
| 78 | struct ceph_msg *msg); | ||
| 69 | }; | 79 | }; |
| 70 | 80 | ||
| 71 | struct ceph_auth_client { | 81 | struct ceph_auth_client { |
| @@ -113,4 +123,20 @@ extern int ceph_auth_verify_authorizer_reply(struct ceph_auth_client *ac, | |||
| 113 | extern void ceph_auth_invalidate_authorizer(struct ceph_auth_client *ac, | 123 | extern void ceph_auth_invalidate_authorizer(struct ceph_auth_client *ac, |
| 114 | int peer_type); | 124 | int peer_type); |
| 115 | 125 | ||
| 126 | static inline int ceph_auth_sign_message(struct ceph_auth_handshake *auth, | ||
| 127 | struct ceph_msg *msg) | ||
| 128 | { | ||
| 129 | if (auth->sign_message) | ||
| 130 | return auth->sign_message(auth, msg); | ||
| 131 | return 0; | ||
| 132 | } | ||
| 133 | |||
| 134 | static inline | ||
| 135 | int ceph_auth_check_message_signature(struct ceph_auth_handshake *auth, | ||
| 136 | struct ceph_msg *msg) | ||
| 137 | { | ||
| 138 | if (auth->check_message_signature) | ||
| 139 | return auth->check_message_signature(auth, msg); | ||
| 140 | return 0; | ||
| 141 | } | ||
| 116 | #endif | 142 | #endif |
diff --git a/include/linux/ceph/ceph_features.h b/include/linux/ceph/ceph_features.h index d12659ce550d..71e05bbf8ceb 100644 --- a/include/linux/ceph/ceph_features.h +++ b/include/linux/ceph/ceph_features.h | |||
| @@ -84,6 +84,7 @@ static inline u64 ceph_sanitize_features(u64 features) | |||
| 84 | CEPH_FEATURE_PGPOOL3 | \ | 84 | CEPH_FEATURE_PGPOOL3 | \ |
| 85 | CEPH_FEATURE_OSDENC | \ | 85 | CEPH_FEATURE_OSDENC | \ |
| 86 | CEPH_FEATURE_CRUSH_TUNABLES | \ | 86 | CEPH_FEATURE_CRUSH_TUNABLES | \ |
| 87 | CEPH_FEATURE_MSG_AUTH | \ | ||
| 87 | CEPH_FEATURE_CRUSH_TUNABLES2 | \ | 88 | CEPH_FEATURE_CRUSH_TUNABLES2 | \ |
| 88 | CEPH_FEATURE_REPLY_CREATE_INODE | \ | 89 | CEPH_FEATURE_REPLY_CREATE_INODE | \ |
| 89 | CEPH_FEATURE_OSDHASHPSPOOL | \ | 90 | CEPH_FEATURE_OSDHASHPSPOOL | \ |
diff --git a/include/linux/ceph/messenger.h b/include/linux/ceph/messenger.h index 40ae58e3e9db..d9d396c16503 100644 --- a/include/linux/ceph/messenger.h +++ b/include/linux/ceph/messenger.h | |||
| @@ -42,6 +42,10 @@ struct ceph_connection_operations { | |||
| 42 | struct ceph_msg * (*alloc_msg) (struct ceph_connection *con, | 42 | struct ceph_msg * (*alloc_msg) (struct ceph_connection *con, |
| 43 | struct ceph_msg_header *hdr, | 43 | struct ceph_msg_header *hdr, |
| 44 | int *skip); | 44 | int *skip); |
| 45 | int (*sign_message) (struct ceph_connection *con, struct ceph_msg *msg); | ||
| 46 | |||
| 47 | int (*check_message_signature) (struct ceph_connection *con, | ||
| 48 | struct ceph_msg *msg); | ||
| 45 | }; | 49 | }; |
| 46 | 50 | ||
| 47 | /* use format string %s%d */ | 51 | /* use format string %s%d */ |
| @@ -142,7 +146,10 @@ struct ceph_msg_data_cursor { | |||
| 142 | */ | 146 | */ |
| 143 | struct ceph_msg { | 147 | struct ceph_msg { |
| 144 | struct ceph_msg_header hdr; /* header */ | 148 | struct ceph_msg_header hdr; /* header */ |
| 145 | struct ceph_msg_footer footer; /* footer */ | 149 | union { |
| 150 | struct ceph_msg_footer footer; /* footer */ | ||
| 151 | struct ceph_msg_footer_old old_footer; /* old format footer */ | ||
| 152 | }; | ||
| 146 | struct kvec front; /* unaligned blobs of message */ | 153 | struct kvec front; /* unaligned blobs of message */ |
| 147 | struct ceph_buffer *middle; | 154 | struct ceph_buffer *middle; |
| 148 | 155 | ||
diff --git a/include/linux/ceph/msgr.h b/include/linux/ceph/msgr.h index 3d94a73b5f30..cac4b28ac1c0 100644 --- a/include/linux/ceph/msgr.h +++ b/include/linux/ceph/msgr.h | |||
| @@ -164,13 +164,21 @@ struct ceph_msg_header { | |||
| 164 | /* | 164 | /* |
| 165 | * follows data payload | 165 | * follows data payload |
| 166 | */ | 166 | */ |
| 167 | struct ceph_msg_footer_old { | ||
| 168 | __le32 front_crc, middle_crc, data_crc; | ||
| 169 | __u8 flags; | ||
| 170 | } __attribute__ ((packed)); | ||
| 171 | |||
| 167 | struct ceph_msg_footer { | 172 | struct ceph_msg_footer { |
| 168 | __le32 front_crc, middle_crc, data_crc; | 173 | __le32 front_crc, middle_crc, data_crc; |
| 174 | // sig holds the 64 bits of the digital signature for the message PLR | ||
| 175 | __le64 sig; | ||
| 169 | __u8 flags; | 176 | __u8 flags; |
| 170 | } __attribute__ ((packed)); | 177 | } __attribute__ ((packed)); |
| 171 | 178 | ||
| 172 | #define CEPH_MSG_FOOTER_COMPLETE (1<<0) /* msg wasn't aborted */ | 179 | #define CEPH_MSG_FOOTER_COMPLETE (1<<0) /* msg wasn't aborted */ |
| 173 | #define CEPH_MSG_FOOTER_NOCRC (1<<1) /* no data crc */ | 180 | #define CEPH_MSG_FOOTER_NOCRC (1<<1) /* no data crc */ |
| 181 | #define CEPH_MSG_FOOTER_SIGNED (1<<2) /* msg was signed */ | ||
| 174 | 182 | ||
| 175 | 183 | ||
| 176 | #endif | 184 | #endif |