diff options
-rw-r--r-- | fs/ceph/Makefile | 1 | ||||
-rw-r--r-- | fs/ceph/auth.c | 6 | ||||
-rw-r--r-- | fs/ceph/auth_x.c | 656 | ||||
-rw-r--r-- | fs/ceph/auth_x.h | 49 | ||||
-rw-r--r-- | fs/ceph/auth_x_protocol.h | 90 |
5 files changed, 801 insertions, 1 deletions
diff --git a/fs/ceph/Makefile b/fs/ceph/Makefile index 85a588e43e7d..6a660e610be8 100644 --- a/fs/ceph/Makefile +++ b/fs/ceph/Makefile | |||
@@ -15,6 +15,7 @@ ceph-objs := super.o inode.o dir.o file.o addr.o ioctl.o \ | |||
15 | debugfs.o \ | 15 | debugfs.o \ |
16 | auth.o auth_none.o \ | 16 | auth.o auth_none.o \ |
17 | crypto.o armor.o \ | 17 | crypto.o armor.o \ |
18 | auth_x.o \ | ||
18 | ceph_fs.o ceph_strings.o ceph_hash.o ceph_frag.o | 19 | ceph_fs.o ceph_strings.o ceph_hash.o ceph_frag.o |
19 | 20 | ||
20 | else | 21 | else |
diff --git a/fs/ceph/auth.c b/fs/ceph/auth.c index b34ce0e41b4c..abb204fea6c7 100644 --- a/fs/ceph/auth.c +++ b/fs/ceph/auth.c | |||
@@ -5,6 +5,7 @@ | |||
5 | 5 | ||
6 | #include "types.h" | 6 | #include "types.h" |
7 | #include "auth_none.h" | 7 | #include "auth_none.h" |
8 | #include "auth_x.h" | ||
8 | #include "decode.h" | 9 | #include "decode.h" |
9 | #include "super.h" | 10 | #include "super.h" |
10 | 11 | ||
@@ -14,7 +15,8 @@ | |||
14 | * get protocol handler | 15 | * get protocol handler |
15 | */ | 16 | */ |
16 | static u32 supported_protocols[] = { | 17 | static u32 supported_protocols[] = { |
17 | CEPH_AUTH_NONE | 18 | CEPH_AUTH_NONE, |
19 | CEPH_AUTH_CEPHX | ||
18 | }; | 20 | }; |
19 | 21 | ||
20 | int ceph_auth_init_protocol(struct ceph_auth_client *ac, int protocol) | 22 | int ceph_auth_init_protocol(struct ceph_auth_client *ac, int protocol) |
@@ -22,6 +24,8 @@ int ceph_auth_init_protocol(struct ceph_auth_client *ac, int protocol) | |||
22 | switch (protocol) { | 24 | switch (protocol) { |
23 | case CEPH_AUTH_NONE: | 25 | case CEPH_AUTH_NONE: |
24 | return ceph_auth_none_init(ac); | 26 | return ceph_auth_none_init(ac); |
27 | case CEPH_AUTH_CEPHX: | ||
28 | return ceph_x_init(ac); | ||
25 | default: | 29 | default: |
26 | return -ENOENT; | 30 | return -ENOENT; |
27 | } | 31 | } |
diff --git a/fs/ceph/auth_x.c b/fs/ceph/auth_x.c new file mode 100644 index 000000000000..f0318427b6da --- /dev/null +++ b/fs/ceph/auth_x.c | |||
@@ -0,0 +1,656 @@ | |||
1 | |||
2 | #include "ceph_debug.h" | ||
3 | |||
4 | #include <linux/err.h> | ||
5 | #include <linux/module.h> | ||
6 | #include <linux/random.h> | ||
7 | |||
8 | #include "auth_x.h" | ||
9 | #include "auth_x_protocol.h" | ||
10 | #include "crypto.h" | ||
11 | #include "auth.h" | ||
12 | #include "decode.h" | ||
13 | |||
14 | struct kmem_cache *ceph_x_ticketbuf_cachep; | ||
15 | |||
16 | #define TEMP_TICKET_BUF_LEN 256 | ||
17 | |||
18 | static void ceph_x_validate_tickets(struct ceph_auth_client *ac, int *pneed); | ||
19 | |||
20 | static int ceph_x_is_authenticated(struct ceph_auth_client *ac) | ||
21 | { | ||
22 | struct ceph_x_info *xi = ac->private; | ||
23 | int need; | ||
24 | |||
25 | ceph_x_validate_tickets(ac, &need); | ||
26 | dout("ceph_x_is_authenticated want=%d need=%d have=%d\n", | ||
27 | ac->want_keys, need, xi->have_keys); | ||
28 | return (ac->want_keys & xi->have_keys) == ac->want_keys; | ||
29 | } | ||
30 | |||
31 | static int ceph_x_encrypt(struct ceph_crypto_key *secret, | ||
32 | void *ibuf, int ilen, void *obuf, size_t olen) | ||
33 | { | ||
34 | struct ceph_x_encrypt_header head = { | ||
35 | .struct_v = 1, | ||
36 | .magic = cpu_to_le64(CEPHX_ENC_MAGIC) | ||
37 | }; | ||
38 | size_t len = olen - sizeof(u32); | ||
39 | int ret; | ||
40 | |||
41 | ret = ceph_encrypt2(secret, obuf + sizeof(u32), &len, | ||
42 | &head, sizeof(head), ibuf, ilen); | ||
43 | if (ret) | ||
44 | return ret; | ||
45 | ceph_encode_32(&obuf, len); | ||
46 | return len + sizeof(u32); | ||
47 | } | ||
48 | |||
49 | static int ceph_x_decrypt(struct ceph_crypto_key *secret, | ||
50 | void **p, void *end, void *obuf, size_t olen) | ||
51 | { | ||
52 | struct ceph_x_encrypt_header head; | ||
53 | size_t head_len = sizeof(head); | ||
54 | int len, ret; | ||
55 | |||
56 | len = ceph_decode_32(p); | ||
57 | if (*p + len > end) | ||
58 | return -EINVAL; | ||
59 | |||
60 | dout("ceph_x_decrypt len %d\n", len); | ||
61 | ret = ceph_decrypt2(secret, &head, &head_len, obuf, &olen, | ||
62 | *p, len); | ||
63 | if (ret) | ||
64 | return ret; | ||
65 | if (head.struct_v != 1 || le64_to_cpu(head.magic) != CEPHX_ENC_MAGIC) | ||
66 | return -EPERM; | ||
67 | *p += len; | ||
68 | return olen; | ||
69 | } | ||
70 | |||
71 | /* | ||
72 | * get existing (or insert new) ticket handler | ||
73 | */ | ||
74 | struct ceph_x_ticket_handler *get_ticket_handler(struct ceph_auth_client *ac, | ||
75 | int service) | ||
76 | { | ||
77 | struct ceph_x_ticket_handler *th; | ||
78 | struct ceph_x_info *xi = ac->private; | ||
79 | struct rb_node *parent = NULL, **p = &xi->ticket_handlers.rb_node; | ||
80 | |||
81 | while (*p) { | ||
82 | parent = *p; | ||
83 | th = rb_entry(parent, struct ceph_x_ticket_handler, node); | ||
84 | if (service < th->service) | ||
85 | p = &(*p)->rb_left; | ||
86 | else if (service > th->service) | ||
87 | p = &(*p)->rb_right; | ||
88 | else | ||
89 | return th; | ||
90 | } | ||
91 | |||
92 | /* add it */ | ||
93 | th = kzalloc(sizeof(*th), GFP_NOFS); | ||
94 | if (!th) | ||
95 | return ERR_PTR(-ENOMEM); | ||
96 | th->service = service; | ||
97 | rb_link_node(&th->node, parent, p); | ||
98 | rb_insert_color(&th->node, &xi->ticket_handlers); | ||
99 | return th; | ||
100 | } | ||
101 | |||
102 | static void remove_ticket_handler(struct ceph_auth_client *ac, | ||
103 | struct ceph_x_ticket_handler *th) | ||
104 | { | ||
105 | struct ceph_x_info *xi = ac->private; | ||
106 | |||
107 | dout("remove_ticket_handler %p %d\n", th, th->service); | ||
108 | rb_erase(&th->node, &xi->ticket_handlers); | ||
109 | ceph_crypto_key_destroy(&th->session_key); | ||
110 | if (th->ticket_blob) | ||
111 | ceph_buffer_put(th->ticket_blob); | ||
112 | kfree(th); | ||
113 | } | ||
114 | |||
115 | static int ceph_x_proc_ticket_reply(struct ceph_auth_client *ac, | ||
116 | struct ceph_crypto_key *secret, | ||
117 | void *buf, void *end) | ||
118 | { | ||
119 | struct ceph_x_info *xi = ac->private; | ||
120 | int num; | ||
121 | void *p = buf; | ||
122 | int ret; | ||
123 | char *dbuf; | ||
124 | char *ticket_buf; | ||
125 | u8 struct_v; | ||
126 | |||
127 | dbuf = kmem_cache_alloc(ceph_x_ticketbuf_cachep, GFP_NOFS | GFP_ATOMIC); | ||
128 | if (!dbuf) | ||
129 | return -ENOMEM; | ||
130 | |||
131 | ret = -ENOMEM; | ||
132 | ticket_buf = kmem_cache_alloc(ceph_x_ticketbuf_cachep, | ||
133 | GFP_NOFS | GFP_ATOMIC); | ||
134 | if (!ticket_buf) | ||
135 | goto out_dbuf; | ||
136 | |||
137 | ceph_decode_need(&p, end, 1 + sizeof(u32), bad); | ||
138 | struct_v = ceph_decode_8(&p); | ||
139 | if (struct_v != 1) | ||
140 | goto bad; | ||
141 | num = ceph_decode_32(&p); | ||
142 | dout("%d tickets\n", num); | ||
143 | while (num--) { | ||
144 | int type; | ||
145 | u8 struct_v; | ||
146 | struct ceph_x_ticket_handler *th; | ||
147 | void *dp, *dend; | ||
148 | int dlen; | ||
149 | char is_enc; | ||
150 | struct timespec validity; | ||
151 | struct ceph_crypto_key old_key; | ||
152 | void *tp, *tpend; | ||
153 | |||
154 | ceph_decode_need(&p, end, sizeof(u32) + 1, bad); | ||
155 | |||
156 | type = ceph_decode_32(&p); | ||
157 | dout(" ticket type %d %s\n", type, ceph_entity_type_name(type)); | ||
158 | |||
159 | struct_v = ceph_decode_8(&p); | ||
160 | if (struct_v != 1) | ||
161 | goto bad; | ||
162 | |||
163 | th = get_ticket_handler(ac, type); | ||
164 | if (IS_ERR(th)) { | ||
165 | ret = PTR_ERR(th); | ||
166 | goto out; | ||
167 | } | ||
168 | |||
169 | /* blob for me */ | ||
170 | dlen = ceph_x_decrypt(secret, &p, end, dbuf, | ||
171 | TEMP_TICKET_BUF_LEN); | ||
172 | if (dlen <= 0) { | ||
173 | ret = dlen; | ||
174 | goto out; | ||
175 | } | ||
176 | dout(" decrypted %d bytes\n", dlen); | ||
177 | dend = dbuf + dlen; | ||
178 | dp = dbuf; | ||
179 | |||
180 | struct_v = ceph_decode_8(&dp); | ||
181 | if (struct_v != 1) | ||
182 | goto bad; | ||
183 | |||
184 | memcpy(&old_key, &th->session_key, sizeof(old_key)); | ||
185 | ret = ceph_crypto_key_decode(&th->session_key, &dp, dend); | ||
186 | if (ret) | ||
187 | goto out; | ||
188 | |||
189 | ceph_decode_copy(&dp, &th->validity, sizeof(th->validity)); | ||
190 | ceph_decode_timespec(&validity, &th->validity); | ||
191 | th->expires = get_seconds() + validity.tv_sec; | ||
192 | th->renew_after = th->expires - (validity.tv_sec / 4); | ||
193 | dout(" expires=%lu renew_after=%lu\n", th->expires, | ||
194 | th->renew_after); | ||
195 | |||
196 | /* ticket blob for service */ | ||
197 | ceph_decode_8_safe(&p, end, is_enc, bad); | ||
198 | tp = ticket_buf; | ||
199 | if (is_enc) { | ||
200 | /* encrypted */ | ||
201 | dout(" encrypted ticket\n"); | ||
202 | dlen = ceph_x_decrypt(&old_key, &p, end, ticket_buf, | ||
203 | TEMP_TICKET_BUF_LEN); | ||
204 | if (dlen < 0) { | ||
205 | ret = dlen; | ||
206 | goto out; | ||
207 | } | ||
208 | dlen = ceph_decode_32(&tp); | ||
209 | } else { | ||
210 | /* unencrypted */ | ||
211 | ceph_decode_32_safe(&p, end, dlen, bad); | ||
212 | ceph_decode_need(&p, end, dlen, bad); | ||
213 | ceph_decode_copy(&p, ticket_buf, dlen); | ||
214 | } | ||
215 | tpend = tp + dlen; | ||
216 | dout(" ticket blob is %d bytes\n", dlen); | ||
217 | ceph_decode_need(&tp, tpend, 1 + sizeof(u64), bad); | ||
218 | struct_v = ceph_decode_8(&tp); | ||
219 | th->secret_id = ceph_decode_64(&tp); | ||
220 | ret = ceph_decode_buffer(&th->ticket_blob, &tp, tpend); | ||
221 | if (ret) | ||
222 | goto out; | ||
223 | dout(" got ticket service %d (%s) secret_id %lld len %d\n", | ||
224 | type, ceph_entity_type_name(type), th->secret_id, | ||
225 | (int)th->ticket_blob->vec.iov_len); | ||
226 | xi->have_keys |= th->service; | ||
227 | } | ||
228 | |||
229 | ret = 0; | ||
230 | out: | ||
231 | kmem_cache_free(ceph_x_ticketbuf_cachep, ticket_buf); | ||
232 | out_dbuf: | ||
233 | kmem_cache_free(ceph_x_ticketbuf_cachep, dbuf); | ||
234 | return ret; | ||
235 | |||
236 | bad: | ||
237 | ret = -EINVAL; | ||
238 | goto out; | ||
239 | } | ||
240 | |||
241 | static int ceph_x_build_authorizer(struct ceph_auth_client *ac, | ||
242 | struct ceph_x_ticket_handler *th, | ||
243 | struct ceph_x_authorizer *au) | ||
244 | { | ||
245 | int len; | ||
246 | struct ceph_x_authorize_a *msg_a; | ||
247 | struct ceph_x_authorize_b msg_b; | ||
248 | void *p, *end; | ||
249 | int ret; | ||
250 | int ticket_blob_len = | ||
251 | (th->ticket_blob ? th->ticket_blob->vec.iov_len : 0); | ||
252 | |||
253 | dout("build_authorizer for %s %p\n", | ||
254 | ceph_entity_type_name(th->service), au); | ||
255 | |||
256 | len = sizeof(*msg_a) + sizeof(msg_b) + sizeof(u32) + | ||
257 | ticket_blob_len + 16; | ||
258 | dout(" need len %d\n", len); | ||
259 | if (au->buf && au->buf->alloc_len < len) { | ||
260 | ceph_buffer_put(au->buf); | ||
261 | au->buf = NULL; | ||
262 | } | ||
263 | if (!au->buf) { | ||
264 | au->buf = ceph_buffer_new(len, GFP_NOFS); | ||
265 | if (!au->buf) | ||
266 | return -ENOMEM; | ||
267 | } | ||
268 | au->service = th->service; | ||
269 | |||
270 | msg_a = au->buf->vec.iov_base; | ||
271 | msg_a->struct_v = 1; | ||
272 | msg_a->global_id = cpu_to_le64(ac->global_id); | ||
273 | msg_a->service_id = cpu_to_le32(th->service); | ||
274 | msg_a->ticket_blob.struct_v = 1; | ||
275 | msg_a->ticket_blob.secret_id = cpu_to_le64(th->secret_id); | ||
276 | msg_a->ticket_blob.blob_len = cpu_to_le32(ticket_blob_len); | ||
277 | if (ticket_blob_len) { | ||
278 | memcpy(msg_a->ticket_blob.blob, th->ticket_blob->vec.iov_base, | ||
279 | th->ticket_blob->vec.iov_len); | ||
280 | } | ||
281 | dout(" th %p secret_id %lld %lld\n", th, th->secret_id, | ||
282 | le64_to_cpu(msg_a->ticket_blob.secret_id)); | ||
283 | |||
284 | p = msg_a + 1; | ||
285 | p += ticket_blob_len; | ||
286 | end = au->buf->vec.iov_base + au->buf->vec.iov_len; | ||
287 | |||
288 | get_random_bytes(&au->nonce, sizeof(au->nonce)); | ||
289 | msg_b.struct_v = 1; | ||
290 | msg_b.nonce = cpu_to_le64(au->nonce); | ||
291 | ret = ceph_x_encrypt(&th->session_key, &msg_b, sizeof(msg_b), | ||
292 | p, end - p); | ||
293 | if (ret < 0) | ||
294 | goto out_buf; | ||
295 | p += ret; | ||
296 | au->buf->vec.iov_len = p - au->buf->vec.iov_base; | ||
297 | dout(" built authorizer nonce %llx len %d\n", au->nonce, | ||
298 | (int)au->buf->vec.iov_len); | ||
299 | return 0; | ||
300 | |||
301 | out_buf: | ||
302 | ceph_buffer_put(au->buf); | ||
303 | au->buf = NULL; | ||
304 | return ret; | ||
305 | } | ||
306 | |||
307 | static int ceph_x_encode_ticket(struct ceph_x_ticket_handler *th, | ||
308 | void **p, void *end) | ||
309 | { | ||
310 | ceph_decode_need(p, end, 1 + sizeof(u64), bad); | ||
311 | ceph_encode_8(p, 1); | ||
312 | ceph_encode_64(p, th->secret_id); | ||
313 | if (th->ticket_blob) { | ||
314 | const char *buf = th->ticket_blob->vec.iov_base; | ||
315 | u32 len = th->ticket_blob->vec.iov_len; | ||
316 | |||
317 | ceph_encode_32_safe(p, end, len, bad); | ||
318 | ceph_encode_copy_safe(p, end, buf, len, bad); | ||
319 | } else { | ||
320 | ceph_encode_32_safe(p, end, 0, bad); | ||
321 | } | ||
322 | |||
323 | return 0; | ||
324 | bad: | ||
325 | return -ERANGE; | ||
326 | } | ||
327 | |||
328 | static void ceph_x_validate_tickets(struct ceph_auth_client *ac, int *pneed) | ||
329 | { | ||
330 | int want = ac->want_keys; | ||
331 | struct ceph_x_info *xi = ac->private; | ||
332 | int service; | ||
333 | |||
334 | *pneed = ac->want_keys & ~(xi->have_keys); | ||
335 | |||
336 | for (service = 1; service <= want; service <<= 1) { | ||
337 | struct ceph_x_ticket_handler *th; | ||
338 | |||
339 | if (!(ac->want_keys & service)) | ||
340 | continue; | ||
341 | |||
342 | if (*pneed & service) | ||
343 | continue; | ||
344 | |||
345 | th = get_ticket_handler(ac, service); | ||
346 | |||
347 | if (!th) { | ||
348 | *pneed |= service; | ||
349 | continue; | ||
350 | } | ||
351 | |||
352 | if (get_seconds() >= th->renew_after) | ||
353 | *pneed |= service; | ||
354 | if (get_seconds() >= th->expires) | ||
355 | xi->have_keys &= ~service; | ||
356 | } | ||
357 | } | ||
358 | |||
359 | |||
360 | static int ceph_x_build_request(struct ceph_auth_client *ac, | ||
361 | void *buf, void *end) | ||
362 | { | ||
363 | struct ceph_x_info *xi = ac->private; | ||
364 | int need; | ||
365 | struct ceph_x_request_header *head = buf; | ||
366 | int ret; | ||
367 | struct ceph_x_ticket_handler *th = | ||
368 | get_ticket_handler(ac, CEPH_ENTITY_TYPE_AUTH); | ||
369 | |||
370 | ceph_x_validate_tickets(ac, &need); | ||
371 | |||
372 | dout("build_request want %x have %x need %x\n", | ||
373 | ac->want_keys, xi->have_keys, need); | ||
374 | |||
375 | if (need & CEPH_ENTITY_TYPE_AUTH) { | ||
376 | struct ceph_x_authenticate *auth = (void *)(head + 1); | ||
377 | void *p = auth + 1; | ||
378 | struct ceph_x_challenge_blob tmp; | ||
379 | char tmp_enc[40]; | ||
380 | u64 *u; | ||
381 | |||
382 | if (p > end) | ||
383 | return -ERANGE; | ||
384 | |||
385 | dout(" get_auth_session_key\n"); | ||
386 | head->op = cpu_to_le16(CEPHX_GET_AUTH_SESSION_KEY); | ||
387 | |||
388 | /* encrypt and hash */ | ||
389 | get_random_bytes(&auth->client_challenge, sizeof(u64)); | ||
390 | tmp.client_challenge = auth->client_challenge; | ||
391 | tmp.server_challenge = cpu_to_le64(xi->server_challenge); | ||
392 | ret = ceph_x_encrypt(&xi->secret, &tmp, sizeof(tmp), | ||
393 | tmp_enc, sizeof(tmp_enc)); | ||
394 | if (ret < 0) | ||
395 | return ret; | ||
396 | |||
397 | auth->struct_v = 1; | ||
398 | auth->key = 0; | ||
399 | for (u = (u64 *)tmp_enc; u + 1 <= (u64 *)(tmp_enc + ret); u++) | ||
400 | auth->key ^= *u; | ||
401 | dout(" server_challenge %llx client_challenge %llx key %llx\n", | ||
402 | xi->server_challenge, le64_to_cpu(auth->client_challenge), | ||
403 | le64_to_cpu(auth->key)); | ||
404 | |||
405 | /* now encode the old ticket if exists */ | ||
406 | ret = ceph_x_encode_ticket(th, &p, end); | ||
407 | if (ret < 0) | ||
408 | return ret; | ||
409 | |||
410 | return p - buf; | ||
411 | } | ||
412 | |||
413 | if (need) { | ||
414 | void *p = head + 1; | ||
415 | struct ceph_x_service_ticket_request *req; | ||
416 | |||
417 | if (p > end) | ||
418 | return -ERANGE; | ||
419 | head->op = cpu_to_le16(CEPHX_GET_PRINCIPAL_SESSION_KEY); | ||
420 | |||
421 | BUG_ON(!th); | ||
422 | ret = ceph_x_build_authorizer(ac, th, &xi->auth_authorizer); | ||
423 | if (ret) | ||
424 | return ret; | ||
425 | ceph_encode_copy(&p, xi->auth_authorizer.buf->vec.iov_base, | ||
426 | xi->auth_authorizer.buf->vec.iov_len); | ||
427 | |||
428 | req = p; | ||
429 | req->keys = cpu_to_le32(need); | ||
430 | p += sizeof(*req); | ||
431 | return p - buf; | ||
432 | } | ||
433 | |||
434 | return 0; | ||
435 | } | ||
436 | |||
437 | static int ceph_x_handle_reply(struct ceph_auth_client *ac, int result, | ||
438 | void *buf, void *end) | ||
439 | { | ||
440 | struct ceph_x_info *xi = ac->private; | ||
441 | struct ceph_x_reply_header *head = buf; | ||
442 | struct ceph_x_ticket_handler *th; | ||
443 | int len = end - buf; | ||
444 | int op; | ||
445 | int ret; | ||
446 | |||
447 | if (result) | ||
448 | return result; /* XXX hmm? */ | ||
449 | |||
450 | if (xi->starting) { | ||
451 | /* it's a hello */ | ||
452 | struct ceph_x_server_challenge *sc = buf; | ||
453 | |||
454 | if (len != sizeof(*sc)) | ||
455 | return -EINVAL; | ||
456 | xi->server_challenge = le64_to_cpu(sc->server_challenge); | ||
457 | dout("handle_reply got server challenge %llx\n", | ||
458 | xi->server_challenge); | ||
459 | xi->starting = false; | ||
460 | xi->have_keys &= ~CEPH_ENTITY_TYPE_AUTH; | ||
461 | return -EAGAIN; | ||
462 | } | ||
463 | |||
464 | op = le32_to_cpu(head->op); | ||
465 | result = le32_to_cpu(head->result); | ||
466 | dout("handle_reply op %d result %d\n", op, result); | ||
467 | switch (op) { | ||
468 | case CEPHX_GET_AUTH_SESSION_KEY: | ||
469 | /* verify auth key */ | ||
470 | ret = ceph_x_proc_ticket_reply(ac, &xi->secret, | ||
471 | buf + sizeof(*head), end); | ||
472 | break; | ||
473 | |||
474 | case CEPHX_GET_PRINCIPAL_SESSION_KEY: | ||
475 | th = get_ticket_handler(ac, CEPH_ENTITY_TYPE_AUTH); | ||
476 | BUG_ON(!th); | ||
477 | ret = ceph_x_proc_ticket_reply(ac, &th->session_key, | ||
478 | buf + sizeof(*head), end); | ||
479 | break; | ||
480 | |||
481 | default: | ||
482 | return -EINVAL; | ||
483 | } | ||
484 | if (ret) | ||
485 | return ret; | ||
486 | if (ac->want_keys == xi->have_keys) | ||
487 | return 0; | ||
488 | return -EAGAIN; | ||
489 | } | ||
490 | |||
491 | static int ceph_x_create_authorizer( | ||
492 | struct ceph_auth_client *ac, int peer_type, | ||
493 | struct ceph_authorizer **a, | ||
494 | void **buf, size_t *len, | ||
495 | void **reply_buf, size_t *reply_len) | ||
496 | { | ||
497 | struct ceph_x_authorizer *au; | ||
498 | struct ceph_x_ticket_handler *th; | ||
499 | int ret; | ||
500 | |||
501 | th = get_ticket_handler(ac, peer_type); | ||
502 | if (IS_ERR(th)) | ||
503 | return PTR_ERR(th); | ||
504 | |||
505 | au = kzalloc(sizeof(*au), GFP_NOFS); | ||
506 | if (!au) | ||
507 | return -ENOMEM; | ||
508 | |||
509 | ret = ceph_x_build_authorizer(ac, th, au); | ||
510 | if (ret) { | ||
511 | kfree(au); | ||
512 | return ret; | ||
513 | } | ||
514 | |||
515 | *a = (struct ceph_authorizer *)au; | ||
516 | *buf = au->buf->vec.iov_base; | ||
517 | *len = au->buf->vec.iov_len; | ||
518 | *reply_buf = au->reply_buf; | ||
519 | *reply_len = sizeof(au->reply_buf); | ||
520 | return 0; | ||
521 | } | ||
522 | |||
523 | static int ceph_x_verify_authorizer_reply(struct ceph_auth_client *ac, | ||
524 | struct ceph_authorizer *a, size_t len) | ||
525 | { | ||
526 | struct ceph_x_authorizer *au = (void *)a; | ||
527 | struct ceph_x_ticket_handler *th; | ||
528 | int ret = 0; | ||
529 | struct ceph_x_authorize_reply reply; | ||
530 | void *p = au->reply_buf; | ||
531 | void *end = p + sizeof(au->reply_buf); | ||
532 | |||
533 | th = get_ticket_handler(ac, au->service); | ||
534 | if (!th) | ||
535 | return -EIO; /* hrm! */ | ||
536 | ret = ceph_x_decrypt(&th->session_key, &p, end, &reply, sizeof(reply)); | ||
537 | if (ret < 0) | ||
538 | return ret; | ||
539 | if (ret != sizeof(reply)) | ||
540 | return -EPERM; | ||
541 | |||
542 | if (au->nonce + 1 != le64_to_cpu(reply.nonce_plus_one)) | ||
543 | ret = -EPERM; | ||
544 | else | ||
545 | ret = 0; | ||
546 | dout("verify_authorizer_reply nonce %llx got %llx ret %d\n", | ||
547 | au->nonce, le64_to_cpu(reply.nonce_plus_one), ret); | ||
548 | return ret; | ||
549 | } | ||
550 | |||
551 | static void ceph_x_destroy_authorizer(struct ceph_auth_client *ac, | ||
552 | struct ceph_authorizer *a) | ||
553 | { | ||
554 | struct ceph_x_authorizer *au = (void *)a; | ||
555 | |||
556 | ceph_buffer_put(au->buf); | ||
557 | kfree(au); | ||
558 | } | ||
559 | |||
560 | |||
561 | static void ceph_x_reset(struct ceph_auth_client *ac) | ||
562 | { | ||
563 | struct ceph_x_info *xi = ac->private; | ||
564 | |||
565 | dout("reset\n"); | ||
566 | xi->starting = true; | ||
567 | xi->server_challenge = 0; | ||
568 | } | ||
569 | |||
570 | static void ceph_x_destroy(struct ceph_auth_client *ac) | ||
571 | { | ||
572 | struct ceph_x_info *xi = ac->private; | ||
573 | struct rb_node *p; | ||
574 | |||
575 | dout("ceph_x_destroy %p\n", ac); | ||
576 | ceph_crypto_key_destroy(&xi->secret); | ||
577 | |||
578 | while ((p = rb_first(&xi->ticket_handlers)) != NULL) { | ||
579 | struct ceph_x_ticket_handler *th = | ||
580 | rb_entry(p, struct ceph_x_ticket_handler, node); | ||
581 | remove_ticket_handler(ac, th); | ||
582 | } | ||
583 | |||
584 | kmem_cache_destroy(ceph_x_ticketbuf_cachep); | ||
585 | |||
586 | kfree(ac->private); | ||
587 | ac->private = NULL; | ||
588 | } | ||
589 | |||
590 | static void ceph_x_invalidate_authorizer(struct ceph_auth_client *ac, | ||
591 | int peer_type) | ||
592 | { | ||
593 | struct ceph_x_ticket_handler *th; | ||
594 | |||
595 | th = get_ticket_handler(ac, peer_type); | ||
596 | if (th && !IS_ERR(th)) | ||
597 | remove_ticket_handler(ac, th); | ||
598 | } | ||
599 | |||
600 | |||
601 | static const struct ceph_auth_client_ops ceph_x_ops = { | ||
602 | .is_authenticated = ceph_x_is_authenticated, | ||
603 | .build_request = ceph_x_build_request, | ||
604 | .handle_reply = ceph_x_handle_reply, | ||
605 | .create_authorizer = ceph_x_create_authorizer, | ||
606 | .verify_authorizer_reply = ceph_x_verify_authorizer_reply, | ||
607 | .destroy_authorizer = ceph_x_destroy_authorizer, | ||
608 | .invalidate_authorizer = ceph_x_invalidate_authorizer, | ||
609 | .reset = ceph_x_reset, | ||
610 | .destroy = ceph_x_destroy, | ||
611 | }; | ||
612 | |||
613 | |||
614 | int ceph_x_init(struct ceph_auth_client *ac) | ||
615 | { | ||
616 | struct ceph_x_info *xi; | ||
617 | int ret; | ||
618 | |||
619 | dout("ceph_x_init %p\n", ac); | ||
620 | xi = kzalloc(sizeof(*xi), GFP_NOFS); | ||
621 | if (!xi) | ||
622 | return -ENOMEM; | ||
623 | |||
624 | ret = -ENOMEM; | ||
625 | ceph_x_ticketbuf_cachep = kmem_cache_create("ceph_x_ticketbuf", | ||
626 | TEMP_TICKET_BUF_LEN, 8, | ||
627 | (SLAB_RECLAIM_ACCOUNT|SLAB_MEM_SPREAD), | ||
628 | NULL); | ||
629 | if (!ceph_x_ticketbuf_cachep) | ||
630 | goto done_nomem; | ||
631 | ret = -EINVAL; | ||
632 | if (!ac->secret) { | ||
633 | pr_err("no secret set (for auth_x protocol)\n"); | ||
634 | goto done_nomem; | ||
635 | } | ||
636 | |||
637 | ret = ceph_crypto_key_unarmor(&xi->secret, ac->secret); | ||
638 | if (ret) | ||
639 | goto done_nomem; | ||
640 | |||
641 | xi->starting = true; | ||
642 | xi->ticket_handlers = RB_ROOT; | ||
643 | |||
644 | ac->protocol = CEPH_AUTH_CEPHX; | ||
645 | ac->private = xi; | ||
646 | ac->ops = &ceph_x_ops; | ||
647 | return 0; | ||
648 | |||
649 | done_nomem: | ||
650 | kfree(xi); | ||
651 | if (ceph_x_ticketbuf_cachep) | ||
652 | kmem_cache_destroy(ceph_x_ticketbuf_cachep); | ||
653 | return ret; | ||
654 | } | ||
655 | |||
656 | |||
diff --git a/fs/ceph/auth_x.h b/fs/ceph/auth_x.h new file mode 100644 index 000000000000..ff6f8180e681 --- /dev/null +++ b/fs/ceph/auth_x.h | |||
@@ -0,0 +1,49 @@ | |||
1 | #ifndef _FS_CEPH_AUTH_X_H | ||
2 | #define _FS_CEPH_AUTH_X_H | ||
3 | |||
4 | #include <linux/rbtree.h> | ||
5 | |||
6 | #include "crypto.h" | ||
7 | #include "auth.h" | ||
8 | #include "auth_x_protocol.h" | ||
9 | |||
10 | /* | ||
11 | * Handle ticket for a single service. | ||
12 | */ | ||
13 | struct ceph_x_ticket_handler { | ||
14 | struct rb_node node; | ||
15 | unsigned service; | ||
16 | |||
17 | struct ceph_crypto_key session_key; | ||
18 | struct ceph_timespec validity; | ||
19 | |||
20 | u64 secret_id; | ||
21 | struct ceph_buffer *ticket_blob; | ||
22 | |||
23 | unsigned long renew_after, expires; | ||
24 | }; | ||
25 | |||
26 | |||
27 | struct ceph_x_authorizer { | ||
28 | struct ceph_buffer *buf; | ||
29 | unsigned service; | ||
30 | u64 nonce; | ||
31 | char reply_buf[128]; /* big enough for encrypted blob */ | ||
32 | }; | ||
33 | |||
34 | struct ceph_x_info { | ||
35 | struct ceph_crypto_key secret; | ||
36 | |||
37 | bool starting; | ||
38 | u64 server_challenge; | ||
39 | |||
40 | unsigned have_keys; | ||
41 | struct rb_root ticket_handlers; | ||
42 | |||
43 | struct ceph_x_authorizer auth_authorizer; | ||
44 | }; | ||
45 | |||
46 | extern int ceph_x_init(struct ceph_auth_client *ac); | ||
47 | |||
48 | #endif | ||
49 | |||
diff --git a/fs/ceph/auth_x_protocol.h b/fs/ceph/auth_x_protocol.h new file mode 100644 index 000000000000..671d30576c4f --- /dev/null +++ b/fs/ceph/auth_x_protocol.h | |||
@@ -0,0 +1,90 @@ | |||
1 | #ifndef __FS_CEPH_AUTH_X_PROTOCOL | ||
2 | #define __FS_CEPH_AUTH_X_PROTOCOL | ||
3 | |||
4 | #define CEPHX_GET_AUTH_SESSION_KEY 0x0100 | ||
5 | #define CEPHX_GET_PRINCIPAL_SESSION_KEY 0x0200 | ||
6 | #define CEPHX_GET_ROTATING_KEY 0x0400 | ||
7 | |||
8 | /* common bits */ | ||
9 | struct ceph_x_ticket_blob { | ||
10 | __u8 struct_v; | ||
11 | __le64 secret_id; | ||
12 | __le32 blob_len; | ||
13 | char blob[]; | ||
14 | } __attribute__ ((packed)); | ||
15 | |||
16 | |||
17 | /* common request/reply headers */ | ||
18 | struct ceph_x_request_header { | ||
19 | __le16 op; | ||
20 | } __attribute__ ((packed)); | ||
21 | |||
22 | struct ceph_x_reply_header { | ||
23 | __le16 op; | ||
24 | __le32 result; | ||
25 | } __attribute__ ((packed)); | ||
26 | |||
27 | |||
28 | /* authenticate handshake */ | ||
29 | |||
30 | /* initial hello (no reply header) */ | ||
31 | struct ceph_x_server_challenge { | ||
32 | __u8 struct_v; | ||
33 | __le64 server_challenge; | ||
34 | } __attribute__ ((packed)); | ||
35 | |||
36 | struct ceph_x_authenticate { | ||
37 | __u8 struct_v; | ||
38 | __le64 client_challenge; | ||
39 | __le64 key; | ||
40 | /* ticket blob */ | ||
41 | } __attribute__ ((packed)); | ||
42 | |||
43 | struct ceph_x_service_ticket_request { | ||
44 | __u8 struct_v; | ||
45 | __le32 keys; | ||
46 | } __attribute__ ((packed)); | ||
47 | |||
48 | struct ceph_x_challenge_blob { | ||
49 | __le64 server_challenge; | ||
50 | __le64 client_challenge; | ||
51 | } __attribute__ ((packed)); | ||
52 | |||
53 | |||
54 | |||
55 | /* authorize handshake */ | ||
56 | |||
57 | /* | ||
58 | * The authorizer consists of two pieces: | ||
59 | * a - service id, ticket blob | ||
60 | * b - encrypted with session key | ||
61 | */ | ||
62 | struct ceph_x_authorize_a { | ||
63 | __u8 struct_v; | ||
64 | __le64 global_id; | ||
65 | __le32 service_id; | ||
66 | struct ceph_x_ticket_blob ticket_blob; | ||
67 | } __attribute__ ((packed)); | ||
68 | |||
69 | struct ceph_x_authorize_b { | ||
70 | __u8 struct_v; | ||
71 | __le64 nonce; | ||
72 | } __attribute__ ((packed)); | ||
73 | |||
74 | struct ceph_x_authorize_reply { | ||
75 | __u8 struct_v; | ||
76 | __le64 nonce_plus_one; | ||
77 | } __attribute__ ((packed)); | ||
78 | |||
79 | |||
80 | /* | ||
81 | * encyption bundle | ||
82 | */ | ||
83 | #define CEPHX_ENC_MAGIC 0xff009cad8826aa55ull | ||
84 | |||
85 | struct ceph_x_encrypt_header { | ||
86 | __u8 struct_v; | ||
87 | __le64 magic; | ||
88 | } __attribute__ ((packed)); | ||
89 | |||
90 | #endif | ||