1b2441318SGreg Kroah-Hartman // SPDX-License-Identifier: GPL-2.0
23d14c5d2SYehuda Sadeh
33d14c5d2SYehuda Sadeh #include <linux/ceph/ceph_debug.h>
43d14c5d2SYehuda Sadeh
53d14c5d2SYehuda Sadeh #include <linux/err.h>
63d14c5d2SYehuda Sadeh #include <linux/module.h>
73d14c5d2SYehuda Sadeh #include <linux/random.h>
83d14c5d2SYehuda Sadeh #include <linux/slab.h>
93d14c5d2SYehuda Sadeh
103d14c5d2SYehuda Sadeh #include <linux/ceph/decode.h>
113d14c5d2SYehuda Sadeh #include <linux/ceph/auth.h>
12cc255c76SIlya Dryomov #include <linux/ceph/ceph_features.h>
13a51983e4SIlya Dryomov #include <linux/ceph/libceph.h>
1433d07337SYan, Zheng #include <linux/ceph/messenger.h>
153d14c5d2SYehuda Sadeh
163d14c5d2SYehuda Sadeh #include "crypto.h"
173d14c5d2SYehuda Sadeh #include "auth_x.h"
183d14c5d2SYehuda Sadeh #include "auth_x_protocol.h"
193d14c5d2SYehuda Sadeh
203d14c5d2SYehuda Sadeh static void ceph_x_validate_tickets(struct ceph_auth_client *ac, int *pneed);
213d14c5d2SYehuda Sadeh
ceph_x_is_authenticated(struct ceph_auth_client * ac)223d14c5d2SYehuda Sadeh static int ceph_x_is_authenticated(struct ceph_auth_client *ac)
233d14c5d2SYehuda Sadeh {
243d14c5d2SYehuda Sadeh struct ceph_x_info *xi = ac->private;
25f79e25b0SIlya Dryomov int missing;
26f79e25b0SIlya Dryomov int need; /* missing + need renewal */
273d14c5d2SYehuda Sadeh
283d14c5d2SYehuda Sadeh ceph_x_validate_tickets(ac, &need);
29f79e25b0SIlya Dryomov missing = ac->want_keys & ~xi->have_keys;
30f79e25b0SIlya Dryomov WARN_ON((need & missing) != missing);
31f79e25b0SIlya Dryomov dout("%s want 0x%x have 0x%x missing 0x%x -> %d\n", __func__,
32f79e25b0SIlya Dryomov ac->want_keys, xi->have_keys, missing, !missing);
33f79e25b0SIlya Dryomov return !missing;
343d14c5d2SYehuda Sadeh }
353d14c5d2SYehuda Sadeh
ceph_x_should_authenticate(struct ceph_auth_client * ac)363d14c5d2SYehuda Sadeh static int ceph_x_should_authenticate(struct ceph_auth_client *ac)
373d14c5d2SYehuda Sadeh {
383d14c5d2SYehuda Sadeh struct ceph_x_info *xi = ac->private;
393d14c5d2SYehuda Sadeh int need;
403d14c5d2SYehuda Sadeh
413d14c5d2SYehuda Sadeh ceph_x_validate_tickets(ac, &need);
42f79e25b0SIlya Dryomov dout("%s want 0x%x have 0x%x need 0x%x -> %d\n", __func__,
43f79e25b0SIlya Dryomov ac->want_keys, xi->have_keys, need, !!need);
44f79e25b0SIlya Dryomov return !!need;
453d14c5d2SYehuda Sadeh }
463d14c5d2SYehuda Sadeh
ceph_x_encrypt_offset(void)4755d9cc83SIlya Dryomov static int ceph_x_encrypt_offset(void)
4855d9cc83SIlya Dryomov {
4955d9cc83SIlya Dryomov return sizeof(u32) + sizeof(struct ceph_x_encrypt_header);
5055d9cc83SIlya Dryomov }
5155d9cc83SIlya Dryomov
ceph_x_encrypt_buflen(int ilen)523d14c5d2SYehuda Sadeh static int ceph_x_encrypt_buflen(int ilen)
533d14c5d2SYehuda Sadeh {
5455d9cc83SIlya Dryomov return ceph_x_encrypt_offset() + ilen + 16;
553d14c5d2SYehuda Sadeh }
563d14c5d2SYehuda Sadeh
ceph_x_encrypt(struct ceph_crypto_key * secret,void * buf,int buf_len,int plaintext_len)57d03857c6SIlya Dryomov static int ceph_x_encrypt(struct ceph_crypto_key *secret, void *buf,
58d03857c6SIlya Dryomov int buf_len, int plaintext_len)
593d14c5d2SYehuda Sadeh {
60d03857c6SIlya Dryomov struct ceph_x_encrypt_header *hdr = buf + sizeof(u32);
61d03857c6SIlya Dryomov int ciphertext_len;
623d14c5d2SYehuda Sadeh int ret;
633d14c5d2SYehuda Sadeh
64d03857c6SIlya Dryomov hdr->struct_v = 1;
65d03857c6SIlya Dryomov hdr->magic = cpu_to_le64(CEPHX_ENC_MAGIC);
66d03857c6SIlya Dryomov
67d03857c6SIlya Dryomov ret = ceph_crypt(secret, true, buf + sizeof(u32), buf_len - sizeof(u32),
68d03857c6SIlya Dryomov plaintext_len + sizeof(struct ceph_x_encrypt_header),
69d03857c6SIlya Dryomov &ciphertext_len);
703d14c5d2SYehuda Sadeh if (ret)
713d14c5d2SYehuda Sadeh return ret;
72d03857c6SIlya Dryomov
73d03857c6SIlya Dryomov ceph_encode_32(&buf, ciphertext_len);
74d03857c6SIlya Dryomov return sizeof(u32) + ciphertext_len;
753d14c5d2SYehuda Sadeh }
763d14c5d2SYehuda Sadeh
__ceph_x_decrypt(struct ceph_crypto_key * secret,void * p,int ciphertext_len)77c571fe24SIlya Dryomov static int __ceph_x_decrypt(struct ceph_crypto_key *secret, void *p,
78c571fe24SIlya Dryomov int ciphertext_len)
79c571fe24SIlya Dryomov {
80c571fe24SIlya Dryomov struct ceph_x_encrypt_header *hdr = p;
81c571fe24SIlya Dryomov int plaintext_len;
82c571fe24SIlya Dryomov int ret;
83c571fe24SIlya Dryomov
84c571fe24SIlya Dryomov ret = ceph_crypt(secret, false, p, ciphertext_len, ciphertext_len,
85c571fe24SIlya Dryomov &plaintext_len);
86c571fe24SIlya Dryomov if (ret)
87c571fe24SIlya Dryomov return ret;
88c571fe24SIlya Dryomov
89c571fe24SIlya Dryomov if (le64_to_cpu(hdr->magic) != CEPHX_ENC_MAGIC) {
90c571fe24SIlya Dryomov pr_err("%s bad magic\n", __func__);
91c571fe24SIlya Dryomov return -EINVAL;
92c571fe24SIlya Dryomov }
93c571fe24SIlya Dryomov
94c571fe24SIlya Dryomov return plaintext_len - sizeof(*hdr);
95c571fe24SIlya Dryomov }
96c571fe24SIlya Dryomov
ceph_x_decrypt(struct ceph_crypto_key * secret,void ** p,void * end)97e15fd0a1SIlya Dryomov static int ceph_x_decrypt(struct ceph_crypto_key *secret, void **p, void *end)
983d14c5d2SYehuda Sadeh {
99c571fe24SIlya Dryomov int ciphertext_len;
100e15fd0a1SIlya Dryomov int ret;
1013d14c5d2SYehuda Sadeh
102e15fd0a1SIlya Dryomov ceph_decode_32_safe(p, end, ciphertext_len, e_inval);
103e15fd0a1SIlya Dryomov ceph_decode_need(p, end, ciphertext_len, e_inval);
1043d14c5d2SYehuda Sadeh
105c571fe24SIlya Dryomov ret = __ceph_x_decrypt(secret, *p, ciphertext_len);
106c571fe24SIlya Dryomov if (ret < 0)
1073d14c5d2SYehuda Sadeh return ret;
108e15fd0a1SIlya Dryomov
109e15fd0a1SIlya Dryomov *p += ciphertext_len;
110c571fe24SIlya Dryomov return ret;
111e15fd0a1SIlya Dryomov
112e15fd0a1SIlya Dryomov e_inval:
113e15fd0a1SIlya Dryomov return -EINVAL;
1143d14c5d2SYehuda Sadeh }
1153d14c5d2SYehuda Sadeh
1163d14c5d2SYehuda Sadeh /*
1173d14c5d2SYehuda Sadeh * get existing (or insert new) ticket handler
1183d14c5d2SYehuda Sadeh */
1193d14c5d2SYehuda Sadeh static struct ceph_x_ticket_handler *
get_ticket_handler(struct ceph_auth_client * ac,int service)1203d14c5d2SYehuda Sadeh get_ticket_handler(struct ceph_auth_client *ac, int service)
1213d14c5d2SYehuda Sadeh {
1223d14c5d2SYehuda Sadeh struct ceph_x_ticket_handler *th;
1233d14c5d2SYehuda Sadeh struct ceph_x_info *xi = ac->private;
1243d14c5d2SYehuda Sadeh struct rb_node *parent = NULL, **p = &xi->ticket_handlers.rb_node;
1253d14c5d2SYehuda Sadeh
1263d14c5d2SYehuda Sadeh while (*p) {
1273d14c5d2SYehuda Sadeh parent = *p;
1283d14c5d2SYehuda Sadeh th = rb_entry(parent, struct ceph_x_ticket_handler, node);
1293d14c5d2SYehuda Sadeh if (service < th->service)
1303d14c5d2SYehuda Sadeh p = &(*p)->rb_left;
1313d14c5d2SYehuda Sadeh else if (service > th->service)
1323d14c5d2SYehuda Sadeh p = &(*p)->rb_right;
1333d14c5d2SYehuda Sadeh else
1343d14c5d2SYehuda Sadeh return th;
1353d14c5d2SYehuda Sadeh }
1363d14c5d2SYehuda Sadeh
1373d14c5d2SYehuda Sadeh /* add it */
1383d14c5d2SYehuda Sadeh th = kzalloc(sizeof(*th), GFP_NOFS);
1393d14c5d2SYehuda Sadeh if (!th)
1403d14c5d2SYehuda Sadeh return ERR_PTR(-ENOMEM);
1413d14c5d2SYehuda Sadeh th->service = service;
1423d14c5d2SYehuda Sadeh rb_link_node(&th->node, parent, p);
1433d14c5d2SYehuda Sadeh rb_insert_color(&th->node, &xi->ticket_handlers);
1443d14c5d2SYehuda Sadeh return th;
1453d14c5d2SYehuda Sadeh }
1463d14c5d2SYehuda Sadeh
remove_ticket_handler(struct ceph_auth_client * ac,struct ceph_x_ticket_handler * th)1473d14c5d2SYehuda Sadeh static void remove_ticket_handler(struct ceph_auth_client *ac,
1483d14c5d2SYehuda Sadeh struct ceph_x_ticket_handler *th)
1493d14c5d2SYehuda Sadeh {
1503d14c5d2SYehuda Sadeh struct ceph_x_info *xi = ac->private;
1513d14c5d2SYehuda Sadeh
1523d14c5d2SYehuda Sadeh dout("remove_ticket_handler %p %d\n", th, th->service);
1533d14c5d2SYehuda Sadeh rb_erase(&th->node, &xi->ticket_handlers);
1543d14c5d2SYehuda Sadeh ceph_crypto_key_destroy(&th->session_key);
1553d14c5d2SYehuda Sadeh if (th->ticket_blob)
1563d14c5d2SYehuda Sadeh ceph_buffer_put(th->ticket_blob);
1573d14c5d2SYehuda Sadeh kfree(th);
1583d14c5d2SYehuda Sadeh }
1593d14c5d2SYehuda Sadeh
process_one_ticket(struct ceph_auth_client * ac,struct ceph_crypto_key * secret,void ** p,void * end)160597cda35SIlya Dryomov static int process_one_ticket(struct ceph_auth_client *ac,
1613d14c5d2SYehuda Sadeh struct ceph_crypto_key *secret,
162c27a3e4dSIlya Dryomov void **p, void *end)
1633d14c5d2SYehuda Sadeh {
1643d14c5d2SYehuda Sadeh struct ceph_x_info *xi = ac->private;
1653d14c5d2SYehuda Sadeh int type;
1663d14c5d2SYehuda Sadeh u8 tkt_struct_v, blob_struct_v;
1673d14c5d2SYehuda Sadeh struct ceph_x_ticket_handler *th;
1683d14c5d2SYehuda Sadeh void *dp, *dend;
1693d14c5d2SYehuda Sadeh int dlen;
1703d14c5d2SYehuda Sadeh char is_enc;
171473bd2d7SArnd Bergmann struct timespec64 validity;
1723d14c5d2SYehuda Sadeh void *tp, *tpend;
173e9226d7cSIlya Dryomov void **ptp;
174b51456a6SIlya Dryomov struct ceph_crypto_key new_session_key = { 0 };
1753d14c5d2SYehuda Sadeh struct ceph_buffer *new_ticket_blob;
176473bd2d7SArnd Bergmann time64_t new_expires, new_renew_after;
1773d14c5d2SYehuda Sadeh u64 new_secret_id;
178597cda35SIlya Dryomov int ret;
1793d14c5d2SYehuda Sadeh
180597cda35SIlya Dryomov ceph_decode_need(p, end, sizeof(u32) + 1, bad);
1813d14c5d2SYehuda Sadeh
182597cda35SIlya Dryomov type = ceph_decode_32(p);
1833d14c5d2SYehuda Sadeh dout(" ticket type %d %s\n", type, ceph_entity_type_name(type));
1843d14c5d2SYehuda Sadeh
185597cda35SIlya Dryomov tkt_struct_v = ceph_decode_8(p);
1863d14c5d2SYehuda Sadeh if (tkt_struct_v != 1)
1873d14c5d2SYehuda Sadeh goto bad;
1883d14c5d2SYehuda Sadeh
1893d14c5d2SYehuda Sadeh th = get_ticket_handler(ac, type);
1903d14c5d2SYehuda Sadeh if (IS_ERR(th)) {
1913d14c5d2SYehuda Sadeh ret = PTR_ERR(th);
1923d14c5d2SYehuda Sadeh goto out;
1933d14c5d2SYehuda Sadeh }
1943d14c5d2SYehuda Sadeh
1953d14c5d2SYehuda Sadeh /* blob for me */
196e15fd0a1SIlya Dryomov dp = *p + ceph_x_encrypt_offset();
197e15fd0a1SIlya Dryomov ret = ceph_x_decrypt(secret, p, end);
198e15fd0a1SIlya Dryomov if (ret < 0)
1993d14c5d2SYehuda Sadeh goto out;
200e15fd0a1SIlya Dryomov dout(" decrypted %d bytes\n", ret);
201e15fd0a1SIlya Dryomov dend = dp + ret;
2023d14c5d2SYehuda Sadeh
2036610fff2SIlya Dryomov ceph_decode_8_safe(&dp, dend, tkt_struct_v, bad);
2043d14c5d2SYehuda Sadeh if (tkt_struct_v != 1)
2053d14c5d2SYehuda Sadeh goto bad;
2063d14c5d2SYehuda Sadeh
2073d14c5d2SYehuda Sadeh ret = ceph_crypto_key_decode(&new_session_key, &dp, dend);
2083d14c5d2SYehuda Sadeh if (ret)
2093d14c5d2SYehuda Sadeh goto out;
2103d14c5d2SYehuda Sadeh
2116610fff2SIlya Dryomov ceph_decode_need(&dp, dend, sizeof(struct ceph_timespec), bad);
212473bd2d7SArnd Bergmann ceph_decode_timespec64(&validity, dp);
213f6cdb292SIlya Dryomov dp += sizeof(struct ceph_timespec);
214473bd2d7SArnd Bergmann new_expires = ktime_get_real_seconds() + validity.tv_sec;
2153d14c5d2SYehuda Sadeh new_renew_after = new_expires - (validity.tv_sec / 4);
216473bd2d7SArnd Bergmann dout(" expires=%llu renew_after=%llu\n", new_expires,
2173d14c5d2SYehuda Sadeh new_renew_after);
2183d14c5d2SYehuda Sadeh
2193d14c5d2SYehuda Sadeh /* ticket blob for service */
220597cda35SIlya Dryomov ceph_decode_8_safe(p, end, is_enc, bad);
2213d14c5d2SYehuda Sadeh if (is_enc) {
2223d14c5d2SYehuda Sadeh /* encrypted */
223e15fd0a1SIlya Dryomov tp = *p + ceph_x_encrypt_offset();
224e15fd0a1SIlya Dryomov ret = ceph_x_decrypt(&th->session_key, p, end);
225e15fd0a1SIlya Dryomov if (ret < 0)
2263d14c5d2SYehuda Sadeh goto out;
227e15fd0a1SIlya Dryomov dout(" encrypted ticket, decrypted %d bytes\n", ret);
228e9226d7cSIlya Dryomov ptp = &tp;
229e15fd0a1SIlya Dryomov tpend = tp + ret;
2303d14c5d2SYehuda Sadeh } else {
2313d14c5d2SYehuda Sadeh /* unencrypted */
232e9226d7cSIlya Dryomov ptp = p;
233e9226d7cSIlya Dryomov tpend = end;
234c27a3e4dSIlya Dryomov }
235e9226d7cSIlya Dryomov ceph_decode_32_safe(ptp, tpend, dlen, bad);
2363d14c5d2SYehuda Sadeh dout(" ticket blob is %d bytes\n", dlen);
237e9226d7cSIlya Dryomov ceph_decode_need(ptp, tpend, 1 + sizeof(u64), bad);
238e9226d7cSIlya Dryomov blob_struct_v = ceph_decode_8(ptp);
239d18a1247SIlya Dryomov if (blob_struct_v != 1)
240d18a1247SIlya Dryomov goto bad;
241d18a1247SIlya Dryomov
242e9226d7cSIlya Dryomov new_secret_id = ceph_decode_64(ptp);
243e9226d7cSIlya Dryomov ret = ceph_decode_buffer(&new_ticket_blob, ptp, tpend);
2443d14c5d2SYehuda Sadeh if (ret)
2453d14c5d2SYehuda Sadeh goto out;
2463d14c5d2SYehuda Sadeh
2473d14c5d2SYehuda Sadeh /* all is well, update our ticket */
2483d14c5d2SYehuda Sadeh ceph_crypto_key_destroy(&th->session_key);
2493d14c5d2SYehuda Sadeh if (th->ticket_blob)
2503d14c5d2SYehuda Sadeh ceph_buffer_put(th->ticket_blob);
2513d14c5d2SYehuda Sadeh th->session_key = new_session_key;
2523d14c5d2SYehuda Sadeh th->ticket_blob = new_ticket_blob;
2533d14c5d2SYehuda Sadeh th->secret_id = new_secret_id;
2543d14c5d2SYehuda Sadeh th->expires = new_expires;
2553d14c5d2SYehuda Sadeh th->renew_after = new_renew_after;
2566abe097dSIlya Dryomov th->have_key = true;
2573d14c5d2SYehuda Sadeh dout(" got ticket service %d (%s) secret_id %lld len %d\n",
2583d14c5d2SYehuda Sadeh type, ceph_entity_type_name(type), th->secret_id,
2593d14c5d2SYehuda Sadeh (int)th->ticket_blob->vec.iov_len);
2603d14c5d2SYehuda Sadeh xi->have_keys |= th->service;
261b51456a6SIlya Dryomov return 0;
262597cda35SIlya Dryomov
263597cda35SIlya Dryomov bad:
264597cda35SIlya Dryomov ret = -EINVAL;
265b51456a6SIlya Dryomov out:
266b51456a6SIlya Dryomov ceph_crypto_key_destroy(&new_session_key);
267b51456a6SIlya Dryomov return ret;
268597cda35SIlya Dryomov }
269597cda35SIlya Dryomov
ceph_x_proc_ticket_reply(struct ceph_auth_client * ac,struct ceph_crypto_key * secret,void ** p,void * end)270597cda35SIlya Dryomov static int ceph_x_proc_ticket_reply(struct ceph_auth_client *ac,
271597cda35SIlya Dryomov struct ceph_crypto_key *secret,
272285ea34fSIlya Dryomov void **p, void *end)
273597cda35SIlya Dryomov {
274597cda35SIlya Dryomov u8 reply_struct_v;
275597cda35SIlya Dryomov u32 num;
276597cda35SIlya Dryomov int ret;
277597cda35SIlya Dryomov
278285ea34fSIlya Dryomov ceph_decode_8_safe(p, end, reply_struct_v, bad);
279597cda35SIlya Dryomov if (reply_struct_v != 1)
280597cda35SIlya Dryomov return -EINVAL;
281597cda35SIlya Dryomov
282285ea34fSIlya Dryomov ceph_decode_32_safe(p, end, num, bad);
283597cda35SIlya Dryomov dout("%d tickets\n", num);
284597cda35SIlya Dryomov
285597cda35SIlya Dryomov while (num--) {
286285ea34fSIlya Dryomov ret = process_one_ticket(ac, secret, p, end);
287597cda35SIlya Dryomov if (ret)
288c27a3e4dSIlya Dryomov return ret;
2893d14c5d2SYehuda Sadeh }
2903d14c5d2SYehuda Sadeh
291c27a3e4dSIlya Dryomov return 0;
2923d14c5d2SYehuda Sadeh
2933d14c5d2SYehuda Sadeh bad:
294c27a3e4dSIlya Dryomov return -EINVAL;
2953d14c5d2SYehuda Sadeh }
2963d14c5d2SYehuda Sadeh
297149cac4aSIlya Dryomov /*
298149cac4aSIlya Dryomov * Encode and encrypt the second part (ceph_x_authorize_b) of the
299149cac4aSIlya Dryomov * authorizer. The first part (ceph_x_authorize_a) should already be
300149cac4aSIlya Dryomov * encoded.
301149cac4aSIlya Dryomov */
encrypt_authorizer(struct ceph_x_authorizer * au,u64 * server_challenge)3026daca13dSIlya Dryomov static int encrypt_authorizer(struct ceph_x_authorizer *au,
3036daca13dSIlya Dryomov u64 *server_challenge)
304149cac4aSIlya Dryomov {
305149cac4aSIlya Dryomov struct ceph_x_authorize_a *msg_a;
306149cac4aSIlya Dryomov struct ceph_x_authorize_b *msg_b;
307149cac4aSIlya Dryomov void *p, *end;
308149cac4aSIlya Dryomov int ret;
309149cac4aSIlya Dryomov
310149cac4aSIlya Dryomov msg_a = au->buf->vec.iov_base;
311149cac4aSIlya Dryomov WARN_ON(msg_a->ticket_blob.secret_id != cpu_to_le64(au->secret_id));
312149cac4aSIlya Dryomov p = (void *)(msg_a + 1) + le32_to_cpu(msg_a->ticket_blob.blob_len);
313149cac4aSIlya Dryomov end = au->buf->vec.iov_base + au->buf->vec.iov_len;
314149cac4aSIlya Dryomov
315149cac4aSIlya Dryomov msg_b = p + ceph_x_encrypt_offset();
3166daca13dSIlya Dryomov msg_b->struct_v = 2;
317149cac4aSIlya Dryomov msg_b->nonce = cpu_to_le64(au->nonce);
3186daca13dSIlya Dryomov if (server_challenge) {
3196daca13dSIlya Dryomov msg_b->have_challenge = 1;
3206daca13dSIlya Dryomov msg_b->server_challenge_plus_one =
3216daca13dSIlya Dryomov cpu_to_le64(*server_challenge + 1);
3226daca13dSIlya Dryomov } else {
3236daca13dSIlya Dryomov msg_b->have_challenge = 0;
3246daca13dSIlya Dryomov msg_b->server_challenge_plus_one = 0;
3256daca13dSIlya Dryomov }
326149cac4aSIlya Dryomov
327149cac4aSIlya Dryomov ret = ceph_x_encrypt(&au->session_key, p, end - p, sizeof(*msg_b));
328149cac4aSIlya Dryomov if (ret < 0)
329149cac4aSIlya Dryomov return ret;
330149cac4aSIlya Dryomov
331149cac4aSIlya Dryomov p += ret;
3326daca13dSIlya Dryomov if (server_challenge) {
3336daca13dSIlya Dryomov WARN_ON(p != end);
3346daca13dSIlya Dryomov } else {
335149cac4aSIlya Dryomov WARN_ON(p > end);
336149cac4aSIlya Dryomov au->buf->vec.iov_len = p - au->buf->vec.iov_base;
3376daca13dSIlya Dryomov }
338149cac4aSIlya Dryomov
339149cac4aSIlya Dryomov return 0;
340149cac4aSIlya Dryomov }
341149cac4aSIlya Dryomov
ceph_x_authorizer_cleanup(struct ceph_x_authorizer * au)342cbf99a11SIlya Dryomov static void ceph_x_authorizer_cleanup(struct ceph_x_authorizer *au)
343cbf99a11SIlya Dryomov {
344cbf99a11SIlya Dryomov ceph_crypto_key_destroy(&au->session_key);
345cbf99a11SIlya Dryomov if (au->buf) {
346cbf99a11SIlya Dryomov ceph_buffer_put(au->buf);
347cbf99a11SIlya Dryomov au->buf = NULL;
348cbf99a11SIlya Dryomov }
349cbf99a11SIlya Dryomov }
350cbf99a11SIlya Dryomov
ceph_x_build_authorizer(struct ceph_auth_client * ac,struct ceph_x_ticket_handler * th,struct ceph_x_authorizer * au)3513d14c5d2SYehuda Sadeh static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
3523d14c5d2SYehuda Sadeh struct ceph_x_ticket_handler *th,
3533d14c5d2SYehuda Sadeh struct ceph_x_authorizer *au)
3543d14c5d2SYehuda Sadeh {
3553d14c5d2SYehuda Sadeh int maxlen;
3563d14c5d2SYehuda Sadeh struct ceph_x_authorize_a *msg_a;
357d03857c6SIlya Dryomov struct ceph_x_authorize_b *msg_b;
3583d14c5d2SYehuda Sadeh int ret;
3593d14c5d2SYehuda Sadeh int ticket_blob_len =
3603d14c5d2SYehuda Sadeh (th->ticket_blob ? th->ticket_blob->vec.iov_len : 0);
3613d14c5d2SYehuda Sadeh
3623d14c5d2SYehuda Sadeh dout("build_authorizer for %s %p\n",
3633d14c5d2SYehuda Sadeh ceph_entity_type_name(th->service), au);
3643d14c5d2SYehuda Sadeh
365ae385eafSYan, Zheng ceph_crypto_key_destroy(&au->session_key);
366ae385eafSYan, Zheng ret = ceph_crypto_key_clone(&au->session_key, &th->session_key);
367ae385eafSYan, Zheng if (ret)
368cbf99a11SIlya Dryomov goto out_au;
369ae385eafSYan, Zheng
37036721eceSIlya Dryomov maxlen = sizeof(*msg_a) + ticket_blob_len +
371d03857c6SIlya Dryomov ceph_x_encrypt_buflen(sizeof(*msg_b));
3723d14c5d2SYehuda Sadeh dout(" need len %d\n", maxlen);
3733d14c5d2SYehuda Sadeh if (au->buf && au->buf->alloc_len < maxlen) {
3743d14c5d2SYehuda Sadeh ceph_buffer_put(au->buf);
3753d14c5d2SYehuda Sadeh au->buf = NULL;
3763d14c5d2SYehuda Sadeh }
3773d14c5d2SYehuda Sadeh if (!au->buf) {
3783d14c5d2SYehuda Sadeh au->buf = ceph_buffer_new(maxlen, GFP_NOFS);
379ae385eafSYan, Zheng if (!au->buf) {
380cbf99a11SIlya Dryomov ret = -ENOMEM;
381cbf99a11SIlya Dryomov goto out_au;
3823d14c5d2SYehuda Sadeh }
383ae385eafSYan, Zheng }
3843d14c5d2SYehuda Sadeh au->service = th->service;
385f79e25b0SIlya Dryomov WARN_ON(!th->secret_id);
3860bed9b5cSSage Weil au->secret_id = th->secret_id;
3873d14c5d2SYehuda Sadeh
3883d14c5d2SYehuda Sadeh msg_a = au->buf->vec.iov_base;
3893d14c5d2SYehuda Sadeh msg_a->struct_v = 1;
3903d14c5d2SYehuda Sadeh msg_a->global_id = cpu_to_le64(ac->global_id);
3913d14c5d2SYehuda Sadeh msg_a->service_id = cpu_to_le32(th->service);
3923d14c5d2SYehuda Sadeh msg_a->ticket_blob.struct_v = 1;
3933d14c5d2SYehuda Sadeh msg_a->ticket_blob.secret_id = cpu_to_le64(th->secret_id);
3943d14c5d2SYehuda Sadeh msg_a->ticket_blob.blob_len = cpu_to_le32(ticket_blob_len);
3953d14c5d2SYehuda Sadeh if (ticket_blob_len) {
3963d14c5d2SYehuda Sadeh memcpy(msg_a->ticket_blob.blob, th->ticket_blob->vec.iov_base,
3973d14c5d2SYehuda Sadeh th->ticket_blob->vec.iov_len);
3983d14c5d2SYehuda Sadeh }
3993d14c5d2SYehuda Sadeh dout(" th %p secret_id %lld %lld\n", th, th->secret_id,
4003d14c5d2SYehuda Sadeh le64_to_cpu(msg_a->ticket_blob.secret_id));
4013d14c5d2SYehuda Sadeh
4023d14c5d2SYehuda Sadeh get_random_bytes(&au->nonce, sizeof(au->nonce));
4036daca13dSIlya Dryomov ret = encrypt_authorizer(au, NULL);
404149cac4aSIlya Dryomov if (ret) {
405149cac4aSIlya Dryomov pr_err("failed to encrypt authorizer: %d", ret);
406cbf99a11SIlya Dryomov goto out_au;
407149cac4aSIlya Dryomov }
40836721eceSIlya Dryomov
4093d14c5d2SYehuda Sadeh dout(" built authorizer nonce %llx len %d\n", au->nonce,
4103d14c5d2SYehuda Sadeh (int)au->buf->vec.iov_len);
4113d14c5d2SYehuda Sadeh return 0;
4123d14c5d2SYehuda Sadeh
413cbf99a11SIlya Dryomov out_au:
414cbf99a11SIlya Dryomov ceph_x_authorizer_cleanup(au);
4153d14c5d2SYehuda Sadeh return ret;
4163d14c5d2SYehuda Sadeh }
4173d14c5d2SYehuda Sadeh
ceph_x_encode_ticket(struct ceph_x_ticket_handler * th,void ** p,void * end)4183d14c5d2SYehuda Sadeh static int ceph_x_encode_ticket(struct ceph_x_ticket_handler *th,
4193d14c5d2SYehuda Sadeh void **p, void *end)
4203d14c5d2SYehuda Sadeh {
4213d14c5d2SYehuda Sadeh ceph_decode_need(p, end, 1 + sizeof(u64), bad);
4223d14c5d2SYehuda Sadeh ceph_encode_8(p, 1);
4233d14c5d2SYehuda Sadeh ceph_encode_64(p, th->secret_id);
4243d14c5d2SYehuda Sadeh if (th->ticket_blob) {
4253d14c5d2SYehuda Sadeh const char *buf = th->ticket_blob->vec.iov_base;
4263d14c5d2SYehuda Sadeh u32 len = th->ticket_blob->vec.iov_len;
4273d14c5d2SYehuda Sadeh
4283d14c5d2SYehuda Sadeh ceph_encode_32_safe(p, end, len, bad);
4293d14c5d2SYehuda Sadeh ceph_encode_copy_safe(p, end, buf, len, bad);
4303d14c5d2SYehuda Sadeh } else {
4313d14c5d2SYehuda Sadeh ceph_encode_32_safe(p, end, 0, bad);
4323d14c5d2SYehuda Sadeh }
4333d14c5d2SYehuda Sadeh
4343d14c5d2SYehuda Sadeh return 0;
4353d14c5d2SYehuda Sadeh bad:
4363d14c5d2SYehuda Sadeh return -ERANGE;
4373d14c5d2SYehuda Sadeh }
4383d14c5d2SYehuda Sadeh
need_key(struct ceph_x_ticket_handler * th)4396abe097dSIlya Dryomov static bool need_key(struct ceph_x_ticket_handler *th)
4406abe097dSIlya Dryomov {
4416abe097dSIlya Dryomov if (!th->have_key)
4426abe097dSIlya Dryomov return true;
4436abe097dSIlya Dryomov
444473bd2d7SArnd Bergmann return ktime_get_real_seconds() >= th->renew_after;
4456abe097dSIlya Dryomov }
4466abe097dSIlya Dryomov
have_key(struct ceph_x_ticket_handler * th)4476abe097dSIlya Dryomov static bool have_key(struct ceph_x_ticket_handler *th)
4486abe097dSIlya Dryomov {
449f79e25b0SIlya Dryomov if (th->have_key && ktime_get_real_seconds() >= th->expires) {
450f79e25b0SIlya Dryomov dout("ticket %d (%s) secret_id %llu expired\n", th->service,
451f79e25b0SIlya Dryomov ceph_entity_type_name(th->service), th->secret_id);
4526abe097dSIlya Dryomov th->have_key = false;
4536abe097dSIlya Dryomov }
4546abe097dSIlya Dryomov
4556abe097dSIlya Dryomov return th->have_key;
4566abe097dSIlya Dryomov }
4576abe097dSIlya Dryomov
ceph_x_validate_tickets(struct ceph_auth_client * ac,int * pneed)4583d14c5d2SYehuda Sadeh static void ceph_x_validate_tickets(struct ceph_auth_client *ac, int *pneed)
4593d14c5d2SYehuda Sadeh {
4603d14c5d2SYehuda Sadeh int want = ac->want_keys;
4613d14c5d2SYehuda Sadeh struct ceph_x_info *xi = ac->private;
4623d14c5d2SYehuda Sadeh int service;
4633d14c5d2SYehuda Sadeh
4643d14c5d2SYehuda Sadeh *pneed = ac->want_keys & ~(xi->have_keys);
4653d14c5d2SYehuda Sadeh
4663d14c5d2SYehuda Sadeh for (service = 1; service <= want; service <<= 1) {
4673d14c5d2SYehuda Sadeh struct ceph_x_ticket_handler *th;
4683d14c5d2SYehuda Sadeh
4693d14c5d2SYehuda Sadeh if (!(ac->want_keys & service))
4703d14c5d2SYehuda Sadeh continue;
4713d14c5d2SYehuda Sadeh
4723d14c5d2SYehuda Sadeh if (*pneed & service)
4733d14c5d2SYehuda Sadeh continue;
4743d14c5d2SYehuda Sadeh
4753d14c5d2SYehuda Sadeh th = get_ticket_handler(ac, service);
4763d14c5d2SYehuda Sadeh if (IS_ERR(th)) {
4773d14c5d2SYehuda Sadeh *pneed |= service;
4783d14c5d2SYehuda Sadeh continue;
4793d14c5d2SYehuda Sadeh }
4803d14c5d2SYehuda Sadeh
4816abe097dSIlya Dryomov if (need_key(th))
4823d14c5d2SYehuda Sadeh *pneed |= service;
4836abe097dSIlya Dryomov if (!have_key(th))
4843d14c5d2SYehuda Sadeh xi->have_keys &= ~service;
4853d14c5d2SYehuda Sadeh }
4863d14c5d2SYehuda Sadeh }
4873d14c5d2SYehuda Sadeh
ceph_x_build_request(struct ceph_auth_client * ac,void * buf,void * end)4883d14c5d2SYehuda Sadeh static int ceph_x_build_request(struct ceph_auth_client *ac,
4893d14c5d2SYehuda Sadeh void *buf, void *end)
4903d14c5d2SYehuda Sadeh {
4913d14c5d2SYehuda Sadeh struct ceph_x_info *xi = ac->private;
4923d14c5d2SYehuda Sadeh int need;
4933d14c5d2SYehuda Sadeh struct ceph_x_request_header *head = buf;
4946610fff2SIlya Dryomov void *p;
4953d14c5d2SYehuda Sadeh int ret;
4963d14c5d2SYehuda Sadeh struct ceph_x_ticket_handler *th =
4973d14c5d2SYehuda Sadeh get_ticket_handler(ac, CEPH_ENTITY_TYPE_AUTH);
4983d14c5d2SYehuda Sadeh
4993d14c5d2SYehuda Sadeh if (IS_ERR(th))
5003d14c5d2SYehuda Sadeh return PTR_ERR(th);
5013d14c5d2SYehuda Sadeh
5023d14c5d2SYehuda Sadeh ceph_x_validate_tickets(ac, &need);
503f79e25b0SIlya Dryomov dout("%s want 0x%x have 0x%x need 0x%x\n", __func__, ac->want_keys,
504f79e25b0SIlya Dryomov xi->have_keys, need);
5053d14c5d2SYehuda Sadeh
5063d14c5d2SYehuda Sadeh if (need & CEPH_ENTITY_TYPE_AUTH) {
5073d14c5d2SYehuda Sadeh struct ceph_x_authenticate *auth = (void *)(head + 1);
508d03857c6SIlya Dryomov void *enc_buf = xi->auth_authorizer.enc_buf;
509d03857c6SIlya Dryomov struct ceph_x_challenge_blob *blob = enc_buf +
510d03857c6SIlya Dryomov ceph_x_encrypt_offset();
5113d14c5d2SYehuda Sadeh u64 *u;
5123d14c5d2SYehuda Sadeh
5136610fff2SIlya Dryomov p = auth + 1;
5143d14c5d2SYehuda Sadeh if (p > end)
5153d14c5d2SYehuda Sadeh return -ERANGE;
5163d14c5d2SYehuda Sadeh
5173d14c5d2SYehuda Sadeh dout(" get_auth_session_key\n");
5183d14c5d2SYehuda Sadeh head->op = cpu_to_le16(CEPHX_GET_AUTH_SESSION_KEY);
5193d14c5d2SYehuda Sadeh
5203d14c5d2SYehuda Sadeh /* encrypt and hash */
5213d14c5d2SYehuda Sadeh get_random_bytes(&auth->client_challenge, sizeof(u64));
522d03857c6SIlya Dryomov blob->client_challenge = auth->client_challenge;
523d03857c6SIlya Dryomov blob->server_challenge = cpu_to_le64(xi->server_challenge);
524d03857c6SIlya Dryomov ret = ceph_x_encrypt(&xi->secret, enc_buf, CEPHX_AU_ENC_BUF_LEN,
525d03857c6SIlya Dryomov sizeof(*blob));
5263d14c5d2SYehuda Sadeh if (ret < 0)
5273d14c5d2SYehuda Sadeh return ret;
5283d14c5d2SYehuda Sadeh
5297807dafdSIlya Dryomov auth->struct_v = 3; /* nautilus+ */
5303d14c5d2SYehuda Sadeh auth->key = 0;
531d03857c6SIlya Dryomov for (u = (u64 *)enc_buf; u + 1 <= (u64 *)(enc_buf + ret); u++)
5323d14c5d2SYehuda Sadeh auth->key ^= *(__le64 *)u;
5333d14c5d2SYehuda Sadeh dout(" server_challenge %llx client_challenge %llx key %llx\n",
5343d14c5d2SYehuda Sadeh xi->server_challenge, le64_to_cpu(auth->client_challenge),
5353d14c5d2SYehuda Sadeh le64_to_cpu(auth->key));
5363d14c5d2SYehuda Sadeh
5373d14c5d2SYehuda Sadeh /* now encode the old ticket if exists */
5383d14c5d2SYehuda Sadeh ret = ceph_x_encode_ticket(th, &p, end);
5393d14c5d2SYehuda Sadeh if (ret < 0)
5403d14c5d2SYehuda Sadeh return ret;
5413d14c5d2SYehuda Sadeh
542285ea34fSIlya Dryomov /* nautilus+: request service tickets at the same time */
543285ea34fSIlya Dryomov need = ac->want_keys & ~CEPH_ENTITY_TYPE_AUTH;
544285ea34fSIlya Dryomov WARN_ON(!need);
545285ea34fSIlya Dryomov ceph_encode_32_safe(&p, end, need, e_range);
5463d14c5d2SYehuda Sadeh return p - buf;
5473d14c5d2SYehuda Sadeh }
5483d14c5d2SYehuda Sadeh
5493d14c5d2SYehuda Sadeh if (need) {
5506610fff2SIlya Dryomov dout(" get_principal_session_key\n");
5513d14c5d2SYehuda Sadeh ret = ceph_x_build_authorizer(ac, th, &xi->auth_authorizer);
5523d14c5d2SYehuda Sadeh if (ret)
5533d14c5d2SYehuda Sadeh return ret;
5543d14c5d2SYehuda Sadeh
5556610fff2SIlya Dryomov p = buf;
5566610fff2SIlya Dryomov ceph_encode_16_safe(&p, end, CEPHX_GET_PRINCIPAL_SESSION_KEY,
5576610fff2SIlya Dryomov e_range);
5586610fff2SIlya Dryomov ceph_encode_copy_safe(&p, end,
5596610fff2SIlya Dryomov xi->auth_authorizer.buf->vec.iov_base,
5606610fff2SIlya Dryomov xi->auth_authorizer.buf->vec.iov_len, e_range);
5616610fff2SIlya Dryomov ceph_encode_8_safe(&p, end, 1, e_range);
5626610fff2SIlya Dryomov ceph_encode_32_safe(&p, end, need, e_range);
5633d14c5d2SYehuda Sadeh return p - buf;
5643d14c5d2SYehuda Sadeh }
5653d14c5d2SYehuda Sadeh
5663d14c5d2SYehuda Sadeh return 0;
5676610fff2SIlya Dryomov
5686610fff2SIlya Dryomov e_range:
5696610fff2SIlya Dryomov return -ERANGE;
5703d14c5d2SYehuda Sadeh }
5713d14c5d2SYehuda Sadeh
decode_con_secret(void ** p,void * end,u8 * con_secret,int * con_secret_len)57210f42b3eSIlya Dryomov static int decode_con_secret(void **p, void *end, u8 *con_secret,
57310f42b3eSIlya Dryomov int *con_secret_len)
57410f42b3eSIlya Dryomov {
57510f42b3eSIlya Dryomov int len;
57610f42b3eSIlya Dryomov
57710f42b3eSIlya Dryomov ceph_decode_32_safe(p, end, len, bad);
57810f42b3eSIlya Dryomov ceph_decode_need(p, end, len, bad);
57910f42b3eSIlya Dryomov
58010f42b3eSIlya Dryomov dout("%s len %d\n", __func__, len);
58110f42b3eSIlya Dryomov if (con_secret) {
58210f42b3eSIlya Dryomov if (len > CEPH_MAX_CON_SECRET_LEN) {
58310f42b3eSIlya Dryomov pr_err("connection secret too big %d\n", len);
58410f42b3eSIlya Dryomov goto bad_memzero;
58510f42b3eSIlya Dryomov }
58610f42b3eSIlya Dryomov memcpy(con_secret, *p, len);
58710f42b3eSIlya Dryomov *con_secret_len = len;
58810f42b3eSIlya Dryomov }
58910f42b3eSIlya Dryomov memzero_explicit(*p, len);
59010f42b3eSIlya Dryomov *p += len;
59110f42b3eSIlya Dryomov return 0;
59210f42b3eSIlya Dryomov
59310f42b3eSIlya Dryomov bad_memzero:
59410f42b3eSIlya Dryomov memzero_explicit(*p, len);
59510f42b3eSIlya Dryomov bad:
59610f42b3eSIlya Dryomov pr_err("failed to decode connection secret\n");
59710f42b3eSIlya Dryomov return -EINVAL;
59810f42b3eSIlya Dryomov }
59910f42b3eSIlya Dryomov
handle_auth_session_key(struct ceph_auth_client * ac,u64 global_id,void ** p,void * end,u8 * session_key,int * session_key_len,u8 * con_secret,int * con_secret_len)600*03af4c7bSIlya Dryomov static int handle_auth_session_key(struct ceph_auth_client *ac, u64 global_id,
601285ea34fSIlya Dryomov void **p, void *end,
602285ea34fSIlya Dryomov u8 *session_key, int *session_key_len,
603285ea34fSIlya Dryomov u8 *con_secret, int *con_secret_len)
604285ea34fSIlya Dryomov {
605285ea34fSIlya Dryomov struct ceph_x_info *xi = ac->private;
606285ea34fSIlya Dryomov struct ceph_x_ticket_handler *th;
607285ea34fSIlya Dryomov void *dp, *dend;
608285ea34fSIlya Dryomov int len;
609285ea34fSIlya Dryomov int ret;
610285ea34fSIlya Dryomov
611285ea34fSIlya Dryomov /* AUTH ticket */
612285ea34fSIlya Dryomov ret = ceph_x_proc_ticket_reply(ac, &xi->secret, p, end);
613285ea34fSIlya Dryomov if (ret)
614285ea34fSIlya Dryomov return ret;
615285ea34fSIlya Dryomov
616*03af4c7bSIlya Dryomov ceph_auth_set_global_id(ac, global_id);
617285ea34fSIlya Dryomov if (*p == end) {
618285ea34fSIlya Dryomov /* pre-nautilus (or didn't request service tickets!) */
619285ea34fSIlya Dryomov WARN_ON(session_key || con_secret);
620285ea34fSIlya Dryomov return 0;
621285ea34fSIlya Dryomov }
622285ea34fSIlya Dryomov
623285ea34fSIlya Dryomov th = get_ticket_handler(ac, CEPH_ENTITY_TYPE_AUTH);
624285ea34fSIlya Dryomov if (IS_ERR(th))
625285ea34fSIlya Dryomov return PTR_ERR(th);
626285ea34fSIlya Dryomov
627285ea34fSIlya Dryomov if (session_key) {
628285ea34fSIlya Dryomov memcpy(session_key, th->session_key.key, th->session_key.len);
629285ea34fSIlya Dryomov *session_key_len = th->session_key.len;
630285ea34fSIlya Dryomov }
631285ea34fSIlya Dryomov
632285ea34fSIlya Dryomov /* connection secret */
633285ea34fSIlya Dryomov ceph_decode_32_safe(p, end, len, e_inval);
634285ea34fSIlya Dryomov dout("%s connection secret blob len %d\n", __func__, len);
635285ea34fSIlya Dryomov if (len > 0) {
636285ea34fSIlya Dryomov dp = *p + ceph_x_encrypt_offset();
637285ea34fSIlya Dryomov ret = ceph_x_decrypt(&th->session_key, p, *p + len);
638285ea34fSIlya Dryomov if (ret < 0)
639285ea34fSIlya Dryomov return ret;
640285ea34fSIlya Dryomov
641285ea34fSIlya Dryomov dout("%s decrypted %d bytes\n", __func__, ret);
642285ea34fSIlya Dryomov dend = dp + ret;
643285ea34fSIlya Dryomov
64410f42b3eSIlya Dryomov ret = decode_con_secret(&dp, dend, con_secret, con_secret_len);
64510f42b3eSIlya Dryomov if (ret)
64610f42b3eSIlya Dryomov return ret;
647285ea34fSIlya Dryomov }
648285ea34fSIlya Dryomov
649285ea34fSIlya Dryomov /* service tickets */
650285ea34fSIlya Dryomov ceph_decode_32_safe(p, end, len, e_inval);
651285ea34fSIlya Dryomov dout("%s service tickets blob len %d\n", __func__, len);
652285ea34fSIlya Dryomov if (len > 0) {
653285ea34fSIlya Dryomov ret = ceph_x_proc_ticket_reply(ac, &th->session_key,
654285ea34fSIlya Dryomov p, *p + len);
655285ea34fSIlya Dryomov if (ret)
656285ea34fSIlya Dryomov return ret;
657285ea34fSIlya Dryomov }
658285ea34fSIlya Dryomov
659285ea34fSIlya Dryomov return 0;
660285ea34fSIlya Dryomov
661285ea34fSIlya Dryomov e_inval:
662285ea34fSIlya Dryomov return -EINVAL;
663285ea34fSIlya Dryomov }
664285ea34fSIlya Dryomov
ceph_x_handle_reply(struct ceph_auth_client * ac,u64 global_id,void * buf,void * end,u8 * session_key,int * session_key_len,u8 * con_secret,int * con_secret_len)665*03af4c7bSIlya Dryomov static int ceph_x_handle_reply(struct ceph_auth_client *ac, u64 global_id,
666285ea34fSIlya Dryomov void *buf, void *end,
667285ea34fSIlya Dryomov u8 *session_key, int *session_key_len,
668285ea34fSIlya Dryomov u8 *con_secret, int *con_secret_len)
6693d14c5d2SYehuda Sadeh {
6703d14c5d2SYehuda Sadeh struct ceph_x_info *xi = ac->private;
6713d14c5d2SYehuda Sadeh struct ceph_x_ticket_handler *th;
6723d14c5d2SYehuda Sadeh int len = end - buf;
6733c0d0894SIlya Dryomov int result;
6746610fff2SIlya Dryomov void *p;
6753d14c5d2SYehuda Sadeh int op;
6763d14c5d2SYehuda Sadeh int ret;
6773d14c5d2SYehuda Sadeh
6783d14c5d2SYehuda Sadeh if (xi->starting) {
6793d14c5d2SYehuda Sadeh /* it's a hello */
6803d14c5d2SYehuda Sadeh struct ceph_x_server_challenge *sc = buf;
6813d14c5d2SYehuda Sadeh
6823d14c5d2SYehuda Sadeh if (len != sizeof(*sc))
6833d14c5d2SYehuda Sadeh return -EINVAL;
6843d14c5d2SYehuda Sadeh xi->server_challenge = le64_to_cpu(sc->server_challenge);
6853d14c5d2SYehuda Sadeh dout("handle_reply got server challenge %llx\n",
6863d14c5d2SYehuda Sadeh xi->server_challenge);
6873d14c5d2SYehuda Sadeh xi->starting = false;
6883d14c5d2SYehuda Sadeh xi->have_keys &= ~CEPH_ENTITY_TYPE_AUTH;
6893d14c5d2SYehuda Sadeh return -EAGAIN;
6903d14c5d2SYehuda Sadeh }
6913d14c5d2SYehuda Sadeh
6926610fff2SIlya Dryomov p = buf;
6936610fff2SIlya Dryomov ceph_decode_16_safe(&p, end, op, e_inval);
6946610fff2SIlya Dryomov ceph_decode_32_safe(&p, end, result, e_inval);
6953d14c5d2SYehuda Sadeh dout("handle_reply op %d result %d\n", op, result);
6963d14c5d2SYehuda Sadeh switch (op) {
6973d14c5d2SYehuda Sadeh case CEPHX_GET_AUTH_SESSION_KEY:
698285ea34fSIlya Dryomov /* AUTH ticket + [connection secret] + service tickets */
699*03af4c7bSIlya Dryomov ret = handle_auth_session_key(ac, global_id, &p, end,
700*03af4c7bSIlya Dryomov session_key, session_key_len,
701*03af4c7bSIlya Dryomov con_secret, con_secret_len);
7023d14c5d2SYehuda Sadeh break;
7033d14c5d2SYehuda Sadeh
7043d14c5d2SYehuda Sadeh case CEPHX_GET_PRINCIPAL_SESSION_KEY:
7053d14c5d2SYehuda Sadeh th = get_ticket_handler(ac, CEPH_ENTITY_TYPE_AUTH);
7063d14c5d2SYehuda Sadeh if (IS_ERR(th))
7073d14c5d2SYehuda Sadeh return PTR_ERR(th);
7086610fff2SIlya Dryomov
709285ea34fSIlya Dryomov /* service tickets */
710285ea34fSIlya Dryomov ret = ceph_x_proc_ticket_reply(ac, &th->session_key, &p, end);
7113d14c5d2SYehuda Sadeh break;
7123d14c5d2SYehuda Sadeh
7133d14c5d2SYehuda Sadeh default:
7143d14c5d2SYehuda Sadeh return -EINVAL;
7153d14c5d2SYehuda Sadeh }
7163d14c5d2SYehuda Sadeh if (ret)
7173d14c5d2SYehuda Sadeh return ret;
7183d14c5d2SYehuda Sadeh if (ac->want_keys == xi->have_keys)
7193d14c5d2SYehuda Sadeh return 0;
7203d14c5d2SYehuda Sadeh return -EAGAIN;
7216610fff2SIlya Dryomov
7226610fff2SIlya Dryomov e_inval:
7236610fff2SIlya Dryomov return -EINVAL;
7243d14c5d2SYehuda Sadeh }
7253d14c5d2SYehuda Sadeh
ceph_x_destroy_authorizer(struct ceph_authorizer * a)7266c1ea260SIlya Dryomov static void ceph_x_destroy_authorizer(struct ceph_authorizer *a)
7276c1ea260SIlya Dryomov {
7286c1ea260SIlya Dryomov struct ceph_x_authorizer *au = (void *)a;
7296c1ea260SIlya Dryomov
7306c1ea260SIlya Dryomov ceph_x_authorizer_cleanup(au);
7316c1ea260SIlya Dryomov kfree(au);
7326c1ea260SIlya Dryomov }
7336c1ea260SIlya Dryomov
ceph_x_create_authorizer(struct ceph_auth_client * ac,int peer_type,struct ceph_auth_handshake * auth)7343d14c5d2SYehuda Sadeh static int ceph_x_create_authorizer(
7353d14c5d2SYehuda Sadeh struct ceph_auth_client *ac, int peer_type,
73674f1869fSAlex Elder struct ceph_auth_handshake *auth)
7373d14c5d2SYehuda Sadeh {
7383d14c5d2SYehuda Sadeh struct ceph_x_authorizer *au;
7393d14c5d2SYehuda Sadeh struct ceph_x_ticket_handler *th;
7403d14c5d2SYehuda Sadeh int ret;
7413d14c5d2SYehuda Sadeh
7423d14c5d2SYehuda Sadeh th = get_ticket_handler(ac, peer_type);
7433d14c5d2SYehuda Sadeh if (IS_ERR(th))
7443d14c5d2SYehuda Sadeh return PTR_ERR(th);
7453d14c5d2SYehuda Sadeh
7463d14c5d2SYehuda Sadeh au = kzalloc(sizeof(*au), GFP_NOFS);
7473d14c5d2SYehuda Sadeh if (!au)
7483d14c5d2SYehuda Sadeh return -ENOMEM;
7493d14c5d2SYehuda Sadeh
7506c1ea260SIlya Dryomov au->base.destroy = ceph_x_destroy_authorizer;
7516c1ea260SIlya Dryomov
7523d14c5d2SYehuda Sadeh ret = ceph_x_build_authorizer(ac, th, au);
7533d14c5d2SYehuda Sadeh if (ret) {
7543d14c5d2SYehuda Sadeh kfree(au);
7553d14c5d2SYehuda Sadeh return ret;
7563d14c5d2SYehuda Sadeh }
7573d14c5d2SYehuda Sadeh
75874f1869fSAlex Elder auth->authorizer = (struct ceph_authorizer *) au;
75974f1869fSAlex Elder auth->authorizer_buf = au->buf->vec.iov_base;
76074f1869fSAlex Elder auth->authorizer_buf_len = au->buf->vec.iov_len;
7617882a26dSIlya Dryomov auth->authorizer_reply_buf = au->enc_buf;
7627882a26dSIlya Dryomov auth->authorizer_reply_buf_len = CEPHX_AU_ENC_BUF_LEN;
76333d07337SYan, Zheng auth->sign_message = ac->ops->sign_message;
76433d07337SYan, Zheng auth->check_message_signature = ac->ops->check_message_signature;
76574f1869fSAlex Elder
7663d14c5d2SYehuda Sadeh return 0;
7673d14c5d2SYehuda Sadeh }
7683d14c5d2SYehuda Sadeh
ceph_x_update_authorizer(struct ceph_auth_client * ac,int peer_type,struct ceph_auth_handshake * auth)7690bed9b5cSSage Weil static int ceph_x_update_authorizer(
7700bed9b5cSSage Weil struct ceph_auth_client *ac, int peer_type,
7710bed9b5cSSage Weil struct ceph_auth_handshake *auth)
7720bed9b5cSSage Weil {
7730bed9b5cSSage Weil struct ceph_x_authorizer *au;
7740bed9b5cSSage Weil struct ceph_x_ticket_handler *th;
7750bed9b5cSSage Weil
7760bed9b5cSSage Weil th = get_ticket_handler(ac, peer_type);
7770bed9b5cSSage Weil if (IS_ERR(th))
7780bed9b5cSSage Weil return PTR_ERR(th);
7790bed9b5cSSage Weil
7800bed9b5cSSage Weil au = (struct ceph_x_authorizer *)auth->authorizer;
7810bed9b5cSSage Weil if (au->secret_id < th->secret_id) {
7820bed9b5cSSage Weil dout("ceph_x_update_authorizer service %u secret %llu < %llu\n",
7830bed9b5cSSage Weil au->service, au->secret_id, th->secret_id);
7840bed9b5cSSage Weil return ceph_x_build_authorizer(ac, th, au);
7850bed9b5cSSage Weil }
7860bed9b5cSSage Weil return 0;
7870bed9b5cSSage Weil }
7880bed9b5cSSage Weil
789285ea34fSIlya Dryomov /*
790285ea34fSIlya Dryomov * CephXAuthorizeChallenge
791285ea34fSIlya Dryomov */
decrypt_authorizer_challenge(struct ceph_crypto_key * secret,void * challenge,int challenge_len,u64 * server_challenge)792285ea34fSIlya Dryomov static int decrypt_authorizer_challenge(struct ceph_crypto_key *secret,
793285ea34fSIlya Dryomov void *challenge, int challenge_len,
7946daca13dSIlya Dryomov u64 *server_challenge)
7956daca13dSIlya Dryomov {
796285ea34fSIlya Dryomov void *dp, *dend;
7976daca13dSIlya Dryomov int ret;
7986daca13dSIlya Dryomov
7996daca13dSIlya Dryomov /* no leading len */
800285ea34fSIlya Dryomov ret = __ceph_x_decrypt(secret, challenge, challenge_len);
8016daca13dSIlya Dryomov if (ret < 0)
8026daca13dSIlya Dryomov return ret;
8036daca13dSIlya Dryomov
804285ea34fSIlya Dryomov dout("%s decrypted %d bytes\n", __func__, ret);
805285ea34fSIlya Dryomov dp = challenge + sizeof(struct ceph_x_encrypt_header);
806285ea34fSIlya Dryomov dend = dp + ret;
807285ea34fSIlya Dryomov
808285ea34fSIlya Dryomov ceph_decode_skip_8(&dp, dend, e_inval); /* struct_v */
809285ea34fSIlya Dryomov ceph_decode_64_safe(&dp, dend, *server_challenge, e_inval);
810285ea34fSIlya Dryomov dout("%s server_challenge %llu\n", __func__, *server_challenge);
8116daca13dSIlya Dryomov return 0;
812285ea34fSIlya Dryomov
813285ea34fSIlya Dryomov e_inval:
814285ea34fSIlya Dryomov return -EINVAL;
8156daca13dSIlya Dryomov }
8166daca13dSIlya Dryomov
ceph_x_add_authorizer_challenge(struct ceph_auth_client * ac,struct ceph_authorizer * a,void * challenge,int challenge_len)8176daca13dSIlya Dryomov static int ceph_x_add_authorizer_challenge(struct ceph_auth_client *ac,
8186daca13dSIlya Dryomov struct ceph_authorizer *a,
819285ea34fSIlya Dryomov void *challenge, int challenge_len)
8206daca13dSIlya Dryomov {
8216daca13dSIlya Dryomov struct ceph_x_authorizer *au = (void *)a;
8226daca13dSIlya Dryomov u64 server_challenge;
8236daca13dSIlya Dryomov int ret;
8246daca13dSIlya Dryomov
825285ea34fSIlya Dryomov ret = decrypt_authorizer_challenge(&au->session_key, challenge,
826285ea34fSIlya Dryomov challenge_len, &server_challenge);
8276daca13dSIlya Dryomov if (ret) {
8286daca13dSIlya Dryomov pr_err("failed to decrypt authorize challenge: %d", ret);
8296daca13dSIlya Dryomov return ret;
8306daca13dSIlya Dryomov }
8316daca13dSIlya Dryomov
8326daca13dSIlya Dryomov ret = encrypt_authorizer(au, &server_challenge);
8336daca13dSIlya Dryomov if (ret) {
8346daca13dSIlya Dryomov pr_err("failed to encrypt authorizer w/ challenge: %d", ret);
8356daca13dSIlya Dryomov return ret;
8366daca13dSIlya Dryomov }
8376daca13dSIlya Dryomov
8386daca13dSIlya Dryomov return 0;
8396daca13dSIlya Dryomov }
8406daca13dSIlya Dryomov
841285ea34fSIlya Dryomov /*
842285ea34fSIlya Dryomov * CephXAuthorizeReply
843285ea34fSIlya Dryomov */
decrypt_authorizer_reply(struct ceph_crypto_key * secret,void ** p,void * end,u64 * nonce_plus_one,u8 * con_secret,int * con_secret_len)844285ea34fSIlya Dryomov static int decrypt_authorizer_reply(struct ceph_crypto_key *secret,
845285ea34fSIlya Dryomov void **p, void *end, u64 *nonce_plus_one,
846285ea34fSIlya Dryomov u8 *con_secret, int *con_secret_len)
8473d14c5d2SYehuda Sadeh {
848285ea34fSIlya Dryomov void *dp, *dend;
849285ea34fSIlya Dryomov u8 struct_v;
850e15fd0a1SIlya Dryomov int ret;
8513d14c5d2SYehuda Sadeh
852285ea34fSIlya Dryomov dp = *p + ceph_x_encrypt_offset();
853285ea34fSIlya Dryomov ret = ceph_x_decrypt(secret, p, end);
8543d14c5d2SYehuda Sadeh if (ret < 0)
8553d14c5d2SYehuda Sadeh return ret;
856285ea34fSIlya Dryomov
857285ea34fSIlya Dryomov dout("%s decrypted %d bytes\n", __func__, ret);
858285ea34fSIlya Dryomov dend = dp + ret;
859285ea34fSIlya Dryomov
860285ea34fSIlya Dryomov ceph_decode_8_safe(&dp, dend, struct_v, e_inval);
861285ea34fSIlya Dryomov ceph_decode_64_safe(&dp, dend, *nonce_plus_one, e_inval);
862285ea34fSIlya Dryomov dout("%s nonce_plus_one %llu\n", __func__, *nonce_plus_one);
863285ea34fSIlya Dryomov if (struct_v >= 2) {
86410f42b3eSIlya Dryomov ret = decode_con_secret(&dp, dend, con_secret, con_secret_len);
86510f42b3eSIlya Dryomov if (ret)
86610f42b3eSIlya Dryomov return ret;
867285ea34fSIlya Dryomov }
868285ea34fSIlya Dryomov
869285ea34fSIlya Dryomov return 0;
870285ea34fSIlya Dryomov
871285ea34fSIlya Dryomov e_inval:
872285ea34fSIlya Dryomov return -EINVAL;
873285ea34fSIlya Dryomov }
874285ea34fSIlya Dryomov
ceph_x_verify_authorizer_reply(struct ceph_auth_client * ac,struct ceph_authorizer * a,void * reply,int reply_len,u8 * session_key,int * session_key_len,u8 * con_secret,int * con_secret_len)875285ea34fSIlya Dryomov static int ceph_x_verify_authorizer_reply(struct ceph_auth_client *ac,
876285ea34fSIlya Dryomov struct ceph_authorizer *a,
877285ea34fSIlya Dryomov void *reply, int reply_len,
878285ea34fSIlya Dryomov u8 *session_key, int *session_key_len,
879285ea34fSIlya Dryomov u8 *con_secret, int *con_secret_len)
880285ea34fSIlya Dryomov {
881285ea34fSIlya Dryomov struct ceph_x_authorizer *au = (void *)a;
882285ea34fSIlya Dryomov u64 nonce_plus_one;
883285ea34fSIlya Dryomov int ret;
884285ea34fSIlya Dryomov
885285ea34fSIlya Dryomov if (session_key) {
886285ea34fSIlya Dryomov memcpy(session_key, au->session_key.key, au->session_key.len);
887285ea34fSIlya Dryomov *session_key_len = au->session_key.len;
888285ea34fSIlya Dryomov }
889285ea34fSIlya Dryomov
890285ea34fSIlya Dryomov ret = decrypt_authorizer_reply(&au->session_key, &reply,
891285ea34fSIlya Dryomov reply + reply_len, &nonce_plus_one,
892285ea34fSIlya Dryomov con_secret, con_secret_len);
893285ea34fSIlya Dryomov if (ret)
8943d14c5d2SYehuda Sadeh return ret;
895285ea34fSIlya Dryomov
896285ea34fSIlya Dryomov if (nonce_plus_one != au->nonce + 1) {
897285ea34fSIlya Dryomov pr_err("failed to authenticate server\n");
898285ea34fSIlya Dryomov return -EPERM;
899285ea34fSIlya Dryomov }
900285ea34fSIlya Dryomov
901285ea34fSIlya Dryomov return 0;
9023d14c5d2SYehuda Sadeh }
9033d14c5d2SYehuda Sadeh
ceph_x_reset(struct ceph_auth_client * ac)9043d14c5d2SYehuda Sadeh static void ceph_x_reset(struct ceph_auth_client *ac)
9053d14c5d2SYehuda Sadeh {
9063d14c5d2SYehuda Sadeh struct ceph_x_info *xi = ac->private;
9073d14c5d2SYehuda Sadeh
9083d14c5d2SYehuda Sadeh dout("reset\n");
9093d14c5d2SYehuda Sadeh xi->starting = true;
9103d14c5d2SYehuda Sadeh xi->server_challenge = 0;
9113d14c5d2SYehuda Sadeh }
9123d14c5d2SYehuda Sadeh
ceph_x_destroy(struct ceph_auth_client * ac)9133d14c5d2SYehuda Sadeh static void ceph_x_destroy(struct ceph_auth_client *ac)
9143d14c5d2SYehuda Sadeh {
9153d14c5d2SYehuda Sadeh struct ceph_x_info *xi = ac->private;
9163d14c5d2SYehuda Sadeh struct rb_node *p;
9173d14c5d2SYehuda Sadeh
9183d14c5d2SYehuda Sadeh dout("ceph_x_destroy %p\n", ac);
9193d14c5d2SYehuda Sadeh ceph_crypto_key_destroy(&xi->secret);
9203d14c5d2SYehuda Sadeh
9213d14c5d2SYehuda Sadeh while ((p = rb_first(&xi->ticket_handlers)) != NULL) {
9223d14c5d2SYehuda Sadeh struct ceph_x_ticket_handler *th =
9233d14c5d2SYehuda Sadeh rb_entry(p, struct ceph_x_ticket_handler, node);
9243d14c5d2SYehuda Sadeh remove_ticket_handler(ac, th);
9253d14c5d2SYehuda Sadeh }
9263d14c5d2SYehuda Sadeh
927cbf99a11SIlya Dryomov ceph_x_authorizer_cleanup(&xi->auth_authorizer);
9283d14c5d2SYehuda Sadeh
9293d14c5d2SYehuda Sadeh kfree(ac->private);
9303d14c5d2SYehuda Sadeh ac->private = NULL;
9313d14c5d2SYehuda Sadeh }
9323d14c5d2SYehuda Sadeh
invalidate_ticket(struct ceph_auth_client * ac,int peer_type)933187d131dSIlya Dryomov static void invalidate_ticket(struct ceph_auth_client *ac, int peer_type)
9343d14c5d2SYehuda Sadeh {
9353d14c5d2SYehuda Sadeh struct ceph_x_ticket_handler *th;
9363d14c5d2SYehuda Sadeh
9373d14c5d2SYehuda Sadeh th = get_ticket_handler(ac, peer_type);
938f79e25b0SIlya Dryomov if (IS_ERR(th))
939f79e25b0SIlya Dryomov return;
940f79e25b0SIlya Dryomov
941f79e25b0SIlya Dryomov if (th->have_key) {
942f79e25b0SIlya Dryomov dout("ticket %d (%s) secret_id %llu invalidated\n",
943f79e25b0SIlya Dryomov th->service, ceph_entity_type_name(th->service),
944f79e25b0SIlya Dryomov th->secret_id);
9456abe097dSIlya Dryomov th->have_key = false;
9463d14c5d2SYehuda Sadeh }
947f79e25b0SIlya Dryomov }
9483d14c5d2SYehuda Sadeh
ceph_x_invalidate_authorizer(struct ceph_auth_client * ac,int peer_type)949187d131dSIlya Dryomov static void ceph_x_invalidate_authorizer(struct ceph_auth_client *ac,
950187d131dSIlya Dryomov int peer_type)
951187d131dSIlya Dryomov {
952187d131dSIlya Dryomov /*
953187d131dSIlya Dryomov * We are to invalidate a service ticket in the hopes of
954187d131dSIlya Dryomov * getting a new, hopefully more valid, one. But, we won't get
955187d131dSIlya Dryomov * it unless our AUTH ticket is good, so invalidate AUTH ticket
956187d131dSIlya Dryomov * as well, just in case.
957187d131dSIlya Dryomov */
958187d131dSIlya Dryomov invalidate_ticket(ac, peer_type);
959187d131dSIlya Dryomov invalidate_ticket(ac, CEPH_ENTITY_TYPE_AUTH);
960187d131dSIlya Dryomov }
961187d131dSIlya Dryomov
calc_signature(struct ceph_x_authorizer * au,struct ceph_msg * msg,__le64 * psig)9624eb4517cSIlya Dryomov static int calc_signature(struct ceph_x_authorizer *au, struct ceph_msg *msg,
9634eb4517cSIlya Dryomov __le64 *psig)
96433d07337SYan, Zheng {
965d03857c6SIlya Dryomov void *enc_buf = au->enc_buf;
966cc255c76SIlya Dryomov int ret;
967cc255c76SIlya Dryomov
968cc255c76SIlya Dryomov if (!CEPH_HAVE_FEATURE(msg->con->peer_features, CEPHX_V2)) {
9694eb4517cSIlya Dryomov struct {
9704eb4517cSIlya Dryomov __le32 len;
9714eb4517cSIlya Dryomov __le32 header_crc;
9724eb4517cSIlya Dryomov __le32 front_crc;
9734eb4517cSIlya Dryomov __le32 middle_crc;
9744eb4517cSIlya Dryomov __le32 data_crc;
975d03857c6SIlya Dryomov } __packed *sigblock = enc_buf + ceph_x_encrypt_offset();
9764eb4517cSIlya Dryomov
977d03857c6SIlya Dryomov sigblock->len = cpu_to_le32(4*sizeof(u32));
978d03857c6SIlya Dryomov sigblock->header_crc = msg->hdr.crc;
979d03857c6SIlya Dryomov sigblock->front_crc = msg->footer.front_crc;
980d03857c6SIlya Dryomov sigblock->middle_crc = msg->footer.middle_crc;
981d03857c6SIlya Dryomov sigblock->data_crc = msg->footer.data_crc;
982cc255c76SIlya Dryomov
983cc255c76SIlya Dryomov ret = ceph_x_encrypt(&au->session_key, enc_buf,
984cc255c76SIlya Dryomov CEPHX_AU_ENC_BUF_LEN, sizeof(*sigblock));
98533d07337SYan, Zheng if (ret < 0)
98633d07337SYan, Zheng return ret;
9874eb4517cSIlya Dryomov
988d03857c6SIlya Dryomov *psig = *(__le64 *)(enc_buf + sizeof(u32));
989cc255c76SIlya Dryomov } else {
990cc255c76SIlya Dryomov struct {
991cc255c76SIlya Dryomov __le32 header_crc;
992cc255c76SIlya Dryomov __le32 front_crc;
993cc255c76SIlya Dryomov __le32 front_len;
994cc255c76SIlya Dryomov __le32 middle_crc;
995cc255c76SIlya Dryomov __le32 middle_len;
996cc255c76SIlya Dryomov __le32 data_crc;
997cc255c76SIlya Dryomov __le32 data_len;
998cc255c76SIlya Dryomov __le32 seq_lower_word;
999cc255c76SIlya Dryomov } __packed *sigblock = enc_buf;
1000cc255c76SIlya Dryomov struct {
1001cc255c76SIlya Dryomov __le64 a, b, c, d;
1002cc255c76SIlya Dryomov } __packed *penc = enc_buf;
1003cc255c76SIlya Dryomov int ciphertext_len;
1004cc255c76SIlya Dryomov
1005cc255c76SIlya Dryomov sigblock->header_crc = msg->hdr.crc;
1006cc255c76SIlya Dryomov sigblock->front_crc = msg->footer.front_crc;
1007cc255c76SIlya Dryomov sigblock->front_len = msg->hdr.front_len;
1008cc255c76SIlya Dryomov sigblock->middle_crc = msg->footer.middle_crc;
1009cc255c76SIlya Dryomov sigblock->middle_len = msg->hdr.middle_len;
1010cc255c76SIlya Dryomov sigblock->data_crc = msg->footer.data_crc;
1011cc255c76SIlya Dryomov sigblock->data_len = msg->hdr.data_len;
1012cc255c76SIlya Dryomov sigblock->seq_lower_word = *(__le32 *)&msg->hdr.seq;
1013cc255c76SIlya Dryomov
1014cc255c76SIlya Dryomov /* no leading len, no ceph_x_encrypt_header */
1015cc255c76SIlya Dryomov ret = ceph_crypt(&au->session_key, true, enc_buf,
1016cc255c76SIlya Dryomov CEPHX_AU_ENC_BUF_LEN, sizeof(*sigblock),
1017cc255c76SIlya Dryomov &ciphertext_len);
1018cc255c76SIlya Dryomov if (ret)
1019cc255c76SIlya Dryomov return ret;
1020cc255c76SIlya Dryomov
1021cc255c76SIlya Dryomov *psig = penc->a ^ penc->b ^ penc->c ^ penc->d;
1022cc255c76SIlya Dryomov }
1023cc255c76SIlya Dryomov
102433d07337SYan, Zheng return 0;
102533d07337SYan, Zheng }
102633d07337SYan, Zheng
ceph_x_sign_message(struct ceph_auth_handshake * auth,struct ceph_msg * msg)102733d07337SYan, Zheng static int ceph_x_sign_message(struct ceph_auth_handshake *auth,
102833d07337SYan, Zheng struct ceph_msg *msg)
102933d07337SYan, Zheng {
10304eb4517cSIlya Dryomov __le64 sig;
103133d07337SYan, Zheng int ret;
10324199b8eeSIlya Dryomov
1033a51983e4SIlya Dryomov if (ceph_test_opt(from_msgr(msg->con->msgr), NOMSGSIGN))
1034a51983e4SIlya Dryomov return 0;
1035a51983e4SIlya Dryomov
10364eb4517cSIlya Dryomov ret = calc_signature((struct ceph_x_authorizer *)auth->authorizer,
10374eb4517cSIlya Dryomov msg, &sig);
10384eb4517cSIlya Dryomov if (ret)
103933d07337SYan, Zheng return ret;
10404eb4517cSIlya Dryomov
10414eb4517cSIlya Dryomov msg->footer.sig = sig;
104233d07337SYan, Zheng msg->footer.flags |= CEPH_MSG_FOOTER_SIGNED;
104333d07337SYan, Zheng return 0;
104433d07337SYan, Zheng }
104533d07337SYan, Zheng
ceph_x_check_message_signature(struct ceph_auth_handshake * auth,struct ceph_msg * msg)104633d07337SYan, Zheng static int ceph_x_check_message_signature(struct ceph_auth_handshake *auth,
104733d07337SYan, Zheng struct ceph_msg *msg)
104833d07337SYan, Zheng {
104933d07337SYan, Zheng __le64 sig_check;
105033d07337SYan, Zheng int ret;
105133d07337SYan, Zheng
1052a51983e4SIlya Dryomov if (ceph_test_opt(from_msgr(msg->con->msgr), NOMSGSIGN))
1053a51983e4SIlya Dryomov return 0;
1054a51983e4SIlya Dryomov
10554eb4517cSIlya Dryomov ret = calc_signature((struct ceph_x_authorizer *)auth->authorizer,
105633d07337SYan, Zheng msg, &sig_check);
10574eb4517cSIlya Dryomov if (ret)
105833d07337SYan, Zheng return ret;
105933d07337SYan, Zheng if (sig_check == msg->footer.sig)
106033d07337SYan, Zheng return 0;
106133d07337SYan, Zheng if (msg->footer.flags & CEPH_MSG_FOOTER_SIGNED)
106233d07337SYan, Zheng dout("ceph_x_check_message_signature %p has signature %llx "
106333d07337SYan, Zheng "expect %llx\n", msg, msg->footer.sig, sig_check);
106433d07337SYan, Zheng else
106533d07337SYan, Zheng dout("ceph_x_check_message_signature %p sender did not set "
106633d07337SYan, Zheng "CEPH_MSG_FOOTER_SIGNED\n", msg);
106733d07337SYan, Zheng return -EBADMSG;
106833d07337SYan, Zheng }
10693d14c5d2SYehuda Sadeh
10703d14c5d2SYehuda Sadeh static const struct ceph_auth_client_ops ceph_x_ops = {
10713d14c5d2SYehuda Sadeh .is_authenticated = ceph_x_is_authenticated,
10723d14c5d2SYehuda Sadeh .should_authenticate = ceph_x_should_authenticate,
10733d14c5d2SYehuda Sadeh .build_request = ceph_x_build_request,
10743d14c5d2SYehuda Sadeh .handle_reply = ceph_x_handle_reply,
10753d14c5d2SYehuda Sadeh .create_authorizer = ceph_x_create_authorizer,
10760bed9b5cSSage Weil .update_authorizer = ceph_x_update_authorizer,
10776daca13dSIlya Dryomov .add_authorizer_challenge = ceph_x_add_authorizer_challenge,
10783d14c5d2SYehuda Sadeh .verify_authorizer_reply = ceph_x_verify_authorizer_reply,
10793d14c5d2SYehuda Sadeh .invalidate_authorizer = ceph_x_invalidate_authorizer,
10803d14c5d2SYehuda Sadeh .reset = ceph_x_reset,
10813d14c5d2SYehuda Sadeh .destroy = ceph_x_destroy,
108233d07337SYan, Zheng .sign_message = ceph_x_sign_message,
108333d07337SYan, Zheng .check_message_signature = ceph_x_check_message_signature,
10843d14c5d2SYehuda Sadeh };
10853d14c5d2SYehuda Sadeh
10863d14c5d2SYehuda Sadeh
ceph_x_init(struct ceph_auth_client * ac)10873d14c5d2SYehuda Sadeh int ceph_x_init(struct ceph_auth_client *ac)
10883d14c5d2SYehuda Sadeh {
10893d14c5d2SYehuda Sadeh struct ceph_x_info *xi;
10903d14c5d2SYehuda Sadeh int ret;
10913d14c5d2SYehuda Sadeh
10923d14c5d2SYehuda Sadeh dout("ceph_x_init %p\n", ac);
10933d14c5d2SYehuda Sadeh ret = -ENOMEM;
10943d14c5d2SYehuda Sadeh xi = kzalloc(sizeof(*xi), GFP_NOFS);
10953d14c5d2SYehuda Sadeh if (!xi)
10963d14c5d2SYehuda Sadeh goto out;
10973d14c5d2SYehuda Sadeh
10983d14c5d2SYehuda Sadeh ret = -EINVAL;
10998323c3aaSTommi Virtanen if (!ac->key) {
11003d14c5d2SYehuda Sadeh pr_err("no secret set (for auth_x protocol)\n");
11013d14c5d2SYehuda Sadeh goto out_nomem;
11023d14c5d2SYehuda Sadeh }
11033d14c5d2SYehuda Sadeh
11048323c3aaSTommi Virtanen ret = ceph_crypto_key_clone(&xi->secret, ac->key);
11058323c3aaSTommi Virtanen if (ret < 0) {
11068323c3aaSTommi Virtanen pr_err("cannot clone key: %d\n", ret);
11073d14c5d2SYehuda Sadeh goto out_nomem;
11088323c3aaSTommi Virtanen }
11093d14c5d2SYehuda Sadeh
11103d14c5d2SYehuda Sadeh xi->starting = true;
11113d14c5d2SYehuda Sadeh xi->ticket_handlers = RB_ROOT;
11123d14c5d2SYehuda Sadeh
11133d14c5d2SYehuda Sadeh ac->protocol = CEPH_AUTH_CEPHX;
11143d14c5d2SYehuda Sadeh ac->private = xi;
11153d14c5d2SYehuda Sadeh ac->ops = &ceph_x_ops;
11163d14c5d2SYehuda Sadeh return 0;
11173d14c5d2SYehuda Sadeh
11183d14c5d2SYehuda Sadeh out_nomem:
11193d14c5d2SYehuda Sadeh kfree(xi);
11203d14c5d2SYehuda Sadeh out:
11213d14c5d2SYehuda Sadeh return ret;
11223d14c5d2SYehuda Sadeh }
1123