]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blob - drivers/staging/lustre/lustre/obdclass/capa.c
projects / mirror_ubuntu-bionic-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
staging: add Lustre file system client support
[mirror_ubuntu-bionic-kernel.git] / drivers / staging / lustre / lustre / obdclass / capa.c
1 /*
2 * GPL HEADER START
3 *
4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
15 *
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see
18 * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
19 *
20 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
21 * CA 95054 USA or visit www.sun.com if you need additional information or
22 * have any questions.
23 *
24 * GPL HEADER END
25 */
26 /*
27 * Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved.
28 * Use is subject to license terms.
29 *
30 * Copyright (c) 2012, Intel Corporation.
31 */
32 /*
33 * This file is part of Lustre, http://www.lustre.org/
34 * Lustre is a trademark of Sun Microsystems, Inc.
35 *
36 * lustre/obdclass/capa.c
37 *
38 * Lustre Capability Hash Management
39 *
40 * Author: Lai Siyao<lsy@clusterfs.com>
41 */
42
43 #define DEBUG_SUBSYSTEM S_SEC
44
45 #include <linux/version.h>
46 #include <linux/fs.h>
47 #include <asm/unistd.h>
48 #include <linux/slab.h>
49 #include <linux/module.h>
50 #include <linux/init.h>
51
52 #include <obd_class.h>
53 #include <lustre_debug.h>
54 #include <lustre/lustre_idl.h>
55
56 #include <linux/list.h>
57 #include <lustre_capa.h>
58
59 #define NR_CAPAHASH 32
60 #define CAPA_HASH_SIZE 3000 /* for MDS & OSS */
61
62 struct kmem_cache *capa_cachep = NULL;
63
64 /* lock for capa hash/capa_list/fo_capa_keys */
65 DEFINE_SPINLOCK(capa_lock);
66
67 struct list_head capa_list[CAPA_SITE_MAX];
68
69 static struct capa_hmac_alg capa_hmac_algs[] = {
70 DEF_CAPA_HMAC_ALG("sha1", SHA1, 20, 20),
71 };
72 /* capa count */
73 int capa_count[CAPA_SITE_MAX] = { 0, };
74
75 EXPORT_SYMBOL(capa_cachep);
76 EXPORT_SYMBOL(capa_list);
77 EXPORT_SYMBOL(capa_lock);
78 EXPORT_SYMBOL(capa_count);
79
80 struct hlist_head *init_capa_hash(void)
81 {
82 struct hlist_head *hash;
83 int nr_hash, i;
84
85 OBD_ALLOC(hash, PAGE_CACHE_SIZE);
86 if (!hash)
87 return NULL;
88
89 nr_hash = PAGE_CACHE_SIZE / sizeof(struct hlist_head);
90 LASSERT(nr_hash > NR_CAPAHASH);
91
92 for (i = 0; i < NR_CAPAHASH; i++)
93 INIT_HLIST_HEAD(hash + i);
94 return hash;
95 }
96 EXPORT_SYMBOL(init_capa_hash);
97
98 static inline int capa_on_server(struct obd_capa *ocapa)
99 {
100 return ocapa->c_site == CAPA_SITE_SERVER;
101 }
102
103 static inline void capa_delete(struct obd_capa *ocapa)
104 {
105 LASSERT(capa_on_server(ocapa));
106 hlist_del_init(&ocapa->u.tgt.c_hash);
107 list_del_init(&ocapa->c_list);
108 capa_count[ocapa->c_site]--;
109 /* release the ref when alloc */
110 capa_put(ocapa);
111 }
112
113 void cleanup_capa_hash(struct hlist_head *hash)
114 {
115 int i;
116 struct hlist_node *next;
117 struct obd_capa *oc;
118
119 spin_lock(&capa_lock);
120 for (i = 0; i < NR_CAPAHASH; i++) {
121 hlist_for_each_entry_safe(oc, next, hash + i,
122 u.tgt.c_hash)
123 capa_delete(oc);
124 }
125 spin_unlock(&capa_lock);
126
127 OBD_FREE(hash, PAGE_CACHE_SIZE);
128 }
129 EXPORT_SYMBOL(cleanup_capa_hash);
130
131 static inline int capa_hashfn(struct lu_fid *fid)
132 {
133 return (fid_oid(fid) ^ fid_ver(fid)) *
134 (unsigned long)(fid_seq(fid) + 1) % NR_CAPAHASH;
135 }
136
137 /* capa renewal time check is earlier than that on client, which is to prevent
138 * client renew right after obtaining it. */
139 static inline int capa_is_to_expire(struct obd_capa *oc)
140 {
141 return cfs_time_before(cfs_time_sub(oc->c_expiry,
142 cfs_time_seconds(oc->c_capa.lc_timeout)*2/3),
143 cfs_time_current());
144 }
145
146 static struct obd_capa *find_capa(struct lustre_capa *capa,
147 struct hlist_head *head, int alive)
148 {
149 struct obd_capa *ocapa;
150 int len = alive ? offsetof(struct lustre_capa, lc_keyid):sizeof(*capa);
151
152 hlist_for_each_entry(ocapa, head, u.tgt.c_hash) {
153 if (memcmp(&ocapa->c_capa, capa, len))
154 continue;
155 /* don't return one that will expire soon in this case */
156 if (alive && capa_is_to_expire(ocapa))
157 continue;
158
159 LASSERT(capa_on_server(ocapa));
160
161 DEBUG_CAPA(D_SEC, &ocapa->c_capa, "found");
162 return ocapa;
163 }
164
165 return NULL;
166 }
167
168 #define LRU_CAPA_DELETE_COUNT 12
169 static inline void capa_delete_lru(struct list_head *head)
170 {
171 struct obd_capa *ocapa;
172 struct list_head *node = head->next;
173 int count = 0;
174
175 /* free LRU_CAPA_DELETE_COUNT unused capa from head */
176 while (count++ < LRU_CAPA_DELETE_COUNT) {
177 ocapa = list_entry(node, struct obd_capa, c_list);
178 node = node->next;
179 if (atomic_read(&ocapa->c_refc))
180 continue;
181
182 DEBUG_CAPA(D_SEC, &ocapa->c_capa, "free lru");
183 capa_delete(ocapa);
184 }
185 }
186
187 /* add or update */
188 struct obd_capa *capa_add(struct hlist_head *hash, struct lustre_capa *capa)
189 {
190 struct hlist_head *head = hash + capa_hashfn(&capa->lc_fid);
191 struct obd_capa *ocapa, *old = NULL;
192 struct list_head *list = &capa_list[CAPA_SITE_SERVER];
193
194 ocapa = alloc_capa(CAPA_SITE_SERVER);
195 if (IS_ERR(ocapa))
196 return NULL;
197
198 spin_lock(&capa_lock);
199 old = find_capa(capa, head, 0);
200 if (!old) {
201 ocapa->c_capa = *capa;
202 set_capa_expiry(ocapa);
203 hlist_add_head(&ocapa->u.tgt.c_hash, head);
204 list_add_tail(&ocapa->c_list, list);
205 capa_get(ocapa);
206 capa_count[CAPA_SITE_SERVER]++;
207 if (capa_count[CAPA_SITE_SERVER] > CAPA_HASH_SIZE)
208 capa_delete_lru(list);
209 spin_unlock(&capa_lock);
210 return ocapa;
211 } else {
212 capa_get(old);
213 spin_unlock(&capa_lock);
214 capa_put(ocapa);
215 return old;
216 }
217 }
218 EXPORT_SYMBOL(capa_add);
219
220 struct obd_capa *capa_lookup(struct hlist_head *hash, struct lustre_capa *capa,
221 int alive)
222 {
223 struct obd_capa *ocapa;
224
225 spin_lock(&capa_lock);
226 ocapa = find_capa(capa, hash + capa_hashfn(&capa->lc_fid), alive);
227 if (ocapa) {
228 list_move_tail(&ocapa->c_list,
229 &capa_list[CAPA_SITE_SERVER]);
230 capa_get(ocapa);
231 }
232 spin_unlock(&capa_lock);
233
234 return ocapa;
235 }
236 EXPORT_SYMBOL(capa_lookup);
237
238 int capa_hmac(__u8 *hmac, struct lustre_capa *capa, __u8 *key)
239 {
240 struct ll_crypto_hash *tfm;
241 struct capa_hmac_alg *alg;
242 int keylen;
243 struct scatterlist sl;
244
245 if (capa_alg(capa) != CAPA_HMAC_ALG_SHA1) {
246 CERROR("unknown capability hmac algorithm!\n");
247 return -EFAULT;
248 }
249
250 alg = &capa_hmac_algs[capa_alg(capa)];
251
252 tfm = ll_crypto_alloc_hash(alg->ha_name, 0, 0);
253 if (!tfm) {
254 CERROR("crypto_alloc_tfm failed, check whether your kernel"
255 "has crypto support!\n");
256 return -ENOMEM;
257 }
258 keylen = alg->ha_keylen;
259
260 sg_set_page(&sl, virt_to_page(capa),
261 offsetof(struct lustre_capa, lc_hmac),
262 (unsigned long)(capa) % PAGE_CACHE_SIZE);
263
264 ll_crypto_hmac(tfm, key, &keylen, &sl, sl.length, hmac);
265 ll_crypto_free_hash(tfm);
266
267 return 0;
268 }
269 EXPORT_SYMBOL(capa_hmac);
270
271 int capa_encrypt_id(__u32 *d, __u32 *s, __u8 *key, int keylen)
272 {
273 struct ll_crypto_cipher *tfm;
274 struct scatterlist sd;
275 struct scatterlist ss;
276 struct blkcipher_desc desc;
277 unsigned int min;
278 int rc;
279 char alg[CRYPTO_MAX_ALG_NAME+1] = "aes";
280 ENTRY;
281
282 /* passing "aes" in a variable instead of a constant string keeps gcc
283 * 4.3.2 happy */
284 tfm = ll_crypto_alloc_blkcipher(alg, 0, 0 );
285 if (IS_ERR(tfm)) {
286 CERROR("failed to load transform for aes\n");
287 RETURN(PTR_ERR(tfm));
288 }
289
290 min = ll_crypto_tfm_alg_min_keysize(tfm);
291 if (keylen < min) {
292 CERROR("keylen at least %d bits for aes\n", min * 8);
293 GOTO(out, rc = -EINVAL);
294 }
295
296 rc = ll_crypto_blkcipher_setkey(tfm, key, min);
297 if (rc) {
298 CERROR("failed to setting key for aes\n");
299 GOTO(out, rc);
300 }
301
302 sg_set_page(&sd, virt_to_page(d), 16,
303 (unsigned long)(d) % PAGE_CACHE_SIZE);
304
305 sg_set_page(&ss, virt_to_page(s), 16,
306 (unsigned long)(s) % PAGE_CACHE_SIZE);
307 desc.tfm = tfm;
308 desc.info = NULL;
309 desc.flags = 0;
310 rc = ll_crypto_blkcipher_encrypt(&desc, &sd, &ss, 16);
311 if (rc) {
312 CERROR("failed to encrypt for aes\n");
313 GOTO(out, rc);
314 }
315
316 EXIT;
317
318 out:
319 ll_crypto_free_blkcipher(tfm);
320 return rc;
321 }
322 EXPORT_SYMBOL(capa_encrypt_id);
323
324 int capa_decrypt_id(__u32 *d, __u32 *s, __u8 *key, int keylen)
325 {
326 struct ll_crypto_cipher *tfm;
327 struct scatterlist sd;
328 struct scatterlist ss;
329 struct blkcipher_desc desc;
330 unsigned int min;
331 int rc;
332 char alg[CRYPTO_MAX_ALG_NAME+1] = "aes";
333 ENTRY;
334
335 /* passing "aes" in a variable instead of a constant string keeps gcc
336 * 4.3.2 happy */
337 tfm = ll_crypto_alloc_blkcipher(alg, 0, 0 );
338 if (IS_ERR(tfm)) {
339 CERROR("failed to load transform for aes\n");
340 RETURN(PTR_ERR(tfm));
341 }
342
343 min = ll_crypto_tfm_alg_min_keysize(tfm);
344 if (keylen < min) {
345 CERROR("keylen at least %d bits for aes\n", min * 8);
346 GOTO(out, rc = -EINVAL);
347 }
348
349 rc = ll_crypto_blkcipher_setkey(tfm, key, min);
350 if (rc) {
351 CERROR("failed to setting key for aes\n");
352 GOTO(out, rc);
353 }
354
355 sg_set_page(&sd, virt_to_page(d), 16,
356 (unsigned long)(d) % PAGE_CACHE_SIZE);
357
358 sg_set_page(&ss, virt_to_page(s), 16,
359 (unsigned long)(s) % PAGE_CACHE_SIZE);
360
361 desc.tfm = tfm;
362 desc.info = NULL;
363 desc.flags = 0;
364 rc = ll_crypto_blkcipher_decrypt(&desc, &sd, &ss, 16);
365 if (rc) {
366 CERROR("failed to decrypt for aes\n");
367 GOTO(out, rc);
368 }
369
370 EXIT;
371
372 out:
373 ll_crypto_free_blkcipher(tfm);
374 return rc;
375 }
376 EXPORT_SYMBOL(capa_decrypt_id);
377
378 void capa_cpy(void *capa, struct obd_capa *ocapa)
379 {
380 spin_lock(&ocapa->c_lock);
381 *(struct lustre_capa *)capa = ocapa->c_capa;
382 spin_unlock(&ocapa->c_lock);
383 }
384 EXPORT_SYMBOL(capa_cpy);
385
386 void _debug_capa(struct lustre_capa *c,
387 struct libcfs_debug_msg_data *msgdata,
388 const char *fmt, ... )
389 {
390 va_list args;
391 va_start(args, fmt);
392 libcfs_debug_vmsg2(msgdata, fmt, args,
393 " capability@%p fid "DFID" opc "LPX64" uid "LPU64
394 " gid "LPU64" flags %u alg %d keyid %u timeout %u "
395 "expiry %u\n", c, PFID(capa_fid(c)), capa_opc(c),
396 capa_uid(c), capa_gid(c), capa_flags(c),
397 capa_alg(c), capa_keyid(c), capa_timeout(c),
398 capa_expiry(c));
399 va_end(args);
400 }
401 EXPORT_SYMBOL(_debug_capa);
ubuntu-bionic-kernel mirror