libceph: add update_authorizer auth method

Currently the messenger calls out to a get_authorizer con op, which will create a new authorizer if it doesn't yet have one. In the meantime, when we rotate our service keys, the authorizer doesn't get updated. Eventually it will be rejected by the server on a new connection attempt and get invalidated, and we will then rebuild a new authorizer, but this is not ideal. Instead, if we do have an authorizer, call a new update_authorizer op that will verify that the current authorizer is using the latest secret. If it is not, we will build a new one that does. This avoids the transient failure. This fixes one of the sorry sequence of events for bug http://tracker.ceph.com/issues/4282 Signed-off-by: Sage Weil <sage@inktank.com> Reviewed-by: Alex Elder <elder@inktank.com>
author: Sage Weil <sage@inktank.com> 2013-03-25 13:26:01 -0400
committer: Sage Weil <sage@inktank.com> 2013-05-02 00:17:13 -0400
commit: 0bed9b5c523d577378b6f83eab5835fe30c27208 (patch)
tree: ab35e0fdeedf883e029cedab7a0ecbce71376426
parent: 4b8e8b5d78b8322351d44487c1b76f7e9d3412bc (diff)
5 files changed, 38 insertions, 1 deletions
diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
index 0db6f5206d11..010ff83d640b 100644
--- a/fs/ceph/mds_client.c
+++ b/fs/ceph/mds_client.c
@@ -3445,7 +3445,12 @@ static struct ceph_auth_handshake *get_authorizer(struct ceph_connection *con,
        }
        if (!auth->authorizer && ac->ops && ac->ops->create_authorizer) {
                int ret = ac->ops->create_authorizer(ac, CEPH_ENTITY_TYPE_MDS,
-                                                        auth);
+                                                     auth);
+                if (ret)
+                        return ERR_PTR(ret);
+        } else if (ac->ops && ac->ops_update_authorizer) {
+                int ret = ac->ops->update_authorizer(ac, CEPH_ENTITY_TYPE_MDS,
+                                                     auth);
                if (ret)
                        return ERR_PTR(ret);
        }
diff --git a/include/linux/ceph/auth.h b/include/linux/ceph/auth.h
index d4080f309b56..73e973e70026 100644
--- a/include/linux/ceph/auth.h
+++ b/include/linux/ceph/auth.h
@@ -52,6 +52,9 @@ struct ceph_auth_client_ops {
         */
        int (*create_authorizer)(struct ceph_auth_client *ac, int peer_type,
                                 struct ceph_auth_handshake *auth);
+        /* ensure that an existing authorizer is up to date */
+        int (*update_authorizer)(struct ceph_auth_client *ac, int peer_type,
+                                 struct ceph_auth_handshake *auth);
        int (*verify_authorizer_reply)(struct ceph_auth_client *ac,
                                       struct ceph_authorizer *a, size_t len);
        void (*destroy_authorizer)(struct ceph_auth_client *ac,
diff --git a/net/ceph/auth_x.c b/net/ceph/auth_x.c
index bd8758dbfded..2d5981555cd6 100644
--- a/net/ceph/auth_x.c
+++ b/net/ceph/auth_x.c
@@ -298,6 +298,7 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
                        return -ENOMEM;
        }
        au->service = th->service;
+        au->secret_id = th->secret_id;
        msg_a = au->buf->vec.iov_base;
        msg_a->struct_v = 1;
@@ -555,6 +556,27 @@ static int ceph_x_create_authorizer(
        return 0;
 }
+static int ceph_x_update_authorizer(
+        struct ceph_auth_client *ac, int peer_type,
+        struct ceph_auth_handshake *auth)
+{
+        struct ceph_x_authorizer *au;
+        struct ceph_x_ticket_handler *th;
+        int ret;
+        th = get_ticket_handler(ac, peer_type);
+        if (IS_ERR(th))
+                return PTR_ERR(th);
+        au = (struct ceph_x_authorizer *)auth->authorizer;
+        if (au->secret_id < th->secret_id) {
+                dout("ceph_x_update_authorizer service %u secret %llu < %llu\n",
+                     au->service, au->secret_id, th->secret_id);
+                return ceph_x_build_authorizer(ac, th, au);
+        }
+        return 0;
+}
 static int ceph_x_verify_authorizer_reply(struct ceph_auth_client *ac,
                                          struct ceph_authorizer *a, size_t len)
 {
@@ -641,6 +663,7 @@ static const struct ceph_auth_client_ops ceph_x_ops = {
        .build_request = ceph_x_build_request,
        .handle_reply = ceph_x_handle_reply,
        .create_authorizer = ceph_x_create_authorizer,
+        .update_authorizer = ceph_x_update_authorizer,
        .verify_authorizer_reply = ceph_x_verify_authorizer_reply,
        .destroy_authorizer = ceph_x_destroy_authorizer,
        .invalidate_authorizer = ceph_x_invalidate_authorizer,
diff --git a/net/ceph/auth_x.h b/net/ceph/auth_x.h
index f459e93b774f..c5a058da7ac8 100644
--- a/net/ceph/auth_x.h
+++ b/net/ceph/auth_x.h
@@ -29,6 +29,7 @@ struct ceph_x_authorizer {
        struct ceph_buffer *buf;
        unsigned int service;
        u64 nonce;
+        u64 secret_id;
        char reply_buf[128];  /* big enough for encrypted blob */
 };
diff --git a/net/ceph/osd_client.c b/net/ceph/osd_client.c
index cb14db8496bd..5ef24e3e1627 100644
--- a/net/ceph/osd_client.c
+++ b/net/ceph/osd_client.c
@@ -2220,6 +2220,11 @@ static struct ceph_auth_handshake *get_authorizer(struct ceph_connection *con,
                                                        auth);
                if (ret)
                        return ERR_PTR(ret);
+        } else if (ac->ops && ac->ops->update_authorizer) {
+                int ret = ac->ops->update_authorizer(ac, CEPH_ENTITY_TYPE_OSD,
+                                                     auth);
+                if (ret)
+                        return ERR_PTR(ret);
        }
        *proto = ac->protocol;
author	Sage Weil <sage@inktank.com>	2013-03-25 13:26:01 -0400
committer	Sage Weil <sage@inktank.com>	2013-05-02 00:17:13 -0400
commit	0bed9b5c523d577378b6f83eab5835fe30c27208 (patch)
tree	ab35e0fdeedf883e029cedab7a0ecbce71376426
parent	4b8e8b5d78b8322351d44487c1b76f7e9d3412bc (diff)