KEYS: add missing permission check for request_key() destination
[linux/fpc-iii.git] / net / ceph / ceph_common.c
blob1675021d8c12cf6e941720802553f942171eb79b
2 #include <linux/ceph/ceph_debug.h>
3 #include <linux/backing-dev.h>
4 #include <linux/ctype.h>
5 #include <linux/fs.h>
6 #include <linux/inet.h>
7 #include <linux/in6.h>
8 #include <linux/key.h>
9 #include <keys/ceph-type.h>
10 #include <linux/module.h>
11 #include <linux/mount.h>
12 #include <linux/parser.h>
13 #include <linux/sched.h>
14 #include <linux/seq_file.h>
15 #include <linux/slab.h>
16 #include <linux/statfs.h>
17 #include <linux/string.h>
18 #include <linux/vmalloc.h>
19 #include <linux/nsproxy.h>
20 #include <net/net_namespace.h>
23 #include <linux/ceph/ceph_features.h>
24 #include <linux/ceph/libceph.h>
25 #include <linux/ceph/debugfs.h>
26 #include <linux/ceph/decode.h>
27 #include <linux/ceph/mon_client.h>
28 #include <linux/ceph/auth.h>
29 #include "crypto.h"
33 * Module compatibility interface. For now it doesn't do anything,
34 * but its existence signals a certain level of functionality.
36 * The data buffer is used to pass information both to and from
37 * libceph. The return value indicates whether libceph determines
38 * it is compatible with the caller (from another kernel module),
39 * given the provided data.
41 * The data pointer can be null.
43 bool libceph_compatible(void *data)
45 return true;
47 EXPORT_SYMBOL(libceph_compatible);
50 * find filename portion of a path (/foo/bar/baz -> baz)
52 const char *ceph_file_part(const char *s, int len)
54 const char *e = s + len;
56 while (e != s && *(e-1) != '/')
57 e--;
58 return e;
60 EXPORT_SYMBOL(ceph_file_part);
62 const char *ceph_msg_type_name(int type)
64 switch (type) {
65 case CEPH_MSG_SHUTDOWN: return "shutdown";
66 case CEPH_MSG_PING: return "ping";
67 case CEPH_MSG_AUTH: return "auth";
68 case CEPH_MSG_AUTH_REPLY: return "auth_reply";
69 case CEPH_MSG_MON_MAP: return "mon_map";
70 case CEPH_MSG_MON_GET_MAP: return "mon_get_map";
71 case CEPH_MSG_MON_SUBSCRIBE: return "mon_subscribe";
72 case CEPH_MSG_MON_SUBSCRIBE_ACK: return "mon_subscribe_ack";
73 case CEPH_MSG_STATFS: return "statfs";
74 case CEPH_MSG_STATFS_REPLY: return "statfs_reply";
75 case CEPH_MSG_MON_GET_VERSION: return "mon_get_version";
76 case CEPH_MSG_MON_GET_VERSION_REPLY: return "mon_get_version_reply";
77 case CEPH_MSG_MDS_MAP: return "mds_map";
78 case CEPH_MSG_CLIENT_SESSION: return "client_session";
79 case CEPH_MSG_CLIENT_RECONNECT: return "client_reconnect";
80 case CEPH_MSG_CLIENT_REQUEST: return "client_request";
81 case CEPH_MSG_CLIENT_REQUEST_FORWARD: return "client_request_forward";
82 case CEPH_MSG_CLIENT_REPLY: return "client_reply";
83 case CEPH_MSG_CLIENT_CAPS: return "client_caps";
84 case CEPH_MSG_CLIENT_CAPRELEASE: return "client_cap_release";
85 case CEPH_MSG_CLIENT_SNAP: return "client_snap";
86 case CEPH_MSG_CLIENT_LEASE: return "client_lease";
87 case CEPH_MSG_OSD_MAP: return "osd_map";
88 case CEPH_MSG_OSD_OP: return "osd_op";
89 case CEPH_MSG_OSD_OPREPLY: return "osd_opreply";
90 case CEPH_MSG_WATCH_NOTIFY: return "watch_notify";
91 default: return "unknown";
94 EXPORT_SYMBOL(ceph_msg_type_name);
97 * Initially learn our fsid, or verify an fsid matches.
99 int ceph_check_fsid(struct ceph_client *client, struct ceph_fsid *fsid)
101 if (client->have_fsid) {
102 if (ceph_fsid_compare(&client->fsid, fsid)) {
103 pr_err("bad fsid, had %pU got %pU",
104 &client->fsid, fsid);
105 return -1;
107 } else {
108 memcpy(&client->fsid, fsid, sizeof(*fsid));
110 return 0;
112 EXPORT_SYMBOL(ceph_check_fsid);
114 static int strcmp_null(const char *s1, const char *s2)
116 if (!s1 && !s2)
117 return 0;
118 if (s1 && !s2)
119 return -1;
120 if (!s1 && s2)
121 return 1;
122 return strcmp(s1, s2);
125 int ceph_compare_options(struct ceph_options *new_opt,
126 struct ceph_client *client)
128 struct ceph_options *opt1 = new_opt;
129 struct ceph_options *opt2 = client->options;
130 int ofs = offsetof(struct ceph_options, mon_addr);
131 int i;
132 int ret;
134 ret = memcmp(opt1, opt2, ofs);
135 if (ret)
136 return ret;
138 ret = strcmp_null(opt1->name, opt2->name);
139 if (ret)
140 return ret;
142 if (opt1->key && !opt2->key)
143 return -1;
144 if (!opt1->key && opt2->key)
145 return 1;
146 if (opt1->key && opt2->key) {
147 if (opt1->key->type != opt2->key->type)
148 return -1;
149 if (opt1->key->created.tv_sec != opt2->key->created.tv_sec)
150 return -1;
151 if (opt1->key->created.tv_nsec != opt2->key->created.tv_nsec)
152 return -1;
153 if (opt1->key->len != opt2->key->len)
154 return -1;
155 if (opt1->key->key && !opt2->key->key)
156 return -1;
157 if (!opt1->key->key && opt2->key->key)
158 return 1;
159 if (opt1->key->key && opt2->key->key) {
160 ret = memcmp(opt1->key->key, opt2->key->key, opt1->key->len);
161 if (ret)
162 return ret;
166 /* any matching mon ip implies a match */
167 for (i = 0; i < opt1->num_mon; i++) {
168 if (ceph_monmap_contains(client->monc.monmap,
169 &opt1->mon_addr[i]))
170 return 0;
172 return -1;
174 EXPORT_SYMBOL(ceph_compare_options);
176 void *ceph_kvmalloc(size_t size, gfp_t flags)
178 if (size <= (PAGE_SIZE << PAGE_ALLOC_COSTLY_ORDER)) {
179 void *ptr = kmalloc(size, flags | __GFP_NOWARN);
180 if (ptr)
181 return ptr;
184 return __vmalloc(size, flags | __GFP_HIGHMEM, PAGE_KERNEL);
187 void ceph_kvfree(const void *ptr)
189 if (is_vmalloc_addr(ptr))
190 vfree(ptr);
191 else
192 kfree(ptr);
196 static int parse_fsid(const char *str, struct ceph_fsid *fsid)
198 int i = 0;
199 char tmp[3];
200 int err = -EINVAL;
201 int d;
203 dout("parse_fsid '%s'\n", str);
204 tmp[2] = 0;
205 while (*str && i < 16) {
206 if (ispunct(*str)) {
207 str++;
208 continue;
210 if (!isxdigit(str[0]) || !isxdigit(str[1]))
211 break;
212 tmp[0] = str[0];
213 tmp[1] = str[1];
214 if (sscanf(tmp, "%x", &d) < 1)
215 break;
216 fsid->fsid[i] = d & 0xff;
217 i++;
218 str += 2;
221 if (i == 16)
222 err = 0;
223 dout("parse_fsid ret %d got fsid %pU", err, fsid);
224 return err;
228 * ceph options
230 enum {
231 Opt_osdtimeout,
232 Opt_osdkeepalivetimeout,
233 Opt_mount_timeout,
234 Opt_osd_idle_ttl,
235 Opt_last_int,
236 /* int args above */
237 Opt_fsid,
238 Opt_name,
239 Opt_secret,
240 Opt_key,
241 Opt_ip,
242 Opt_last_string,
243 /* string args above */
244 Opt_share,
245 Opt_noshare,
246 Opt_crc,
247 Opt_nocrc,
250 static match_table_t opt_tokens = {
251 {Opt_osdtimeout, "osdtimeout=%d"},
252 {Opt_osdkeepalivetimeout, "osdkeepalive=%d"},
253 {Opt_mount_timeout, "mount_timeout=%d"},
254 {Opt_osd_idle_ttl, "osd_idle_ttl=%d"},
255 /* int args above */
256 {Opt_fsid, "fsid=%s"},
257 {Opt_name, "name=%s"},
258 {Opt_secret, "secret=%s"},
259 {Opt_key, "key=%s"},
260 {Opt_ip, "ip=%s"},
261 /* string args above */
262 {Opt_share, "share"},
263 {Opt_noshare, "noshare"},
264 {Opt_crc, "crc"},
265 {Opt_nocrc, "nocrc"},
266 {-1, NULL}
269 void ceph_destroy_options(struct ceph_options *opt)
271 dout("destroy_options %p\n", opt);
272 kfree(opt->name);
273 if (opt->key) {
274 ceph_crypto_key_destroy(opt->key);
275 kfree(opt->key);
277 kfree(opt->mon_addr);
278 kfree(opt);
280 EXPORT_SYMBOL(ceph_destroy_options);
282 /* get secret from key store */
283 static int get_secret(struct ceph_crypto_key *dst, const char *name) {
284 struct key *ukey;
285 int key_err;
286 int err = 0;
287 struct ceph_crypto_key *ckey;
289 ukey = request_key(&key_type_ceph, name, NULL);
290 if (!ukey || IS_ERR(ukey)) {
291 /* request_key errors don't map nicely to mount(2)
292 errors; don't even try, but still printk */
293 key_err = PTR_ERR(ukey);
294 switch (key_err) {
295 case -ENOKEY:
296 pr_warning("ceph: Mount failed due to key not found: %s\n", name);
297 break;
298 case -EKEYEXPIRED:
299 pr_warning("ceph: Mount failed due to expired key: %s\n", name);
300 break;
301 case -EKEYREVOKED:
302 pr_warning("ceph: Mount failed due to revoked key: %s\n", name);
303 break;
304 default:
305 pr_warning("ceph: Mount failed due to unknown key error"
306 " %d: %s\n", key_err, name);
308 err = -EPERM;
309 goto out;
312 ckey = ukey->payload.data;
313 err = ceph_crypto_key_clone(dst, ckey);
314 if (err)
315 goto out_key;
316 /* pass through, err is 0 */
318 out_key:
319 key_put(ukey);
320 out:
321 return err;
324 struct ceph_options *
325 ceph_parse_options(char *options, const char *dev_name,
326 const char *dev_name_end,
327 int (*parse_extra_token)(char *c, void *private),
328 void *private)
330 struct ceph_options *opt;
331 const char *c;
332 int err = -ENOMEM;
333 substring_t argstr[MAX_OPT_ARGS];
335 if (current->nsproxy->net_ns != &init_net)
336 return ERR_PTR(-EINVAL);
338 opt = kzalloc(sizeof(*opt), GFP_KERNEL);
339 if (!opt)
340 return ERR_PTR(-ENOMEM);
341 opt->mon_addr = kcalloc(CEPH_MAX_MON, sizeof(*opt->mon_addr),
342 GFP_KERNEL);
343 if (!opt->mon_addr)
344 goto out;
346 dout("parse_options %p options '%s' dev_name '%s'\n", opt, options,
347 dev_name);
349 /* start with defaults */
350 opt->flags = CEPH_OPT_DEFAULT;
351 opt->osd_keepalive_timeout = CEPH_OSD_KEEPALIVE_DEFAULT;
352 opt->mount_timeout = CEPH_MOUNT_TIMEOUT_DEFAULT; /* seconds */
353 opt->osd_idle_ttl = CEPH_OSD_IDLE_TTL_DEFAULT; /* seconds */
355 /* get mon ip(s) */
356 /* ip1[:port1][,ip2[:port2]...] */
357 err = ceph_parse_ips(dev_name, dev_name_end, opt->mon_addr,
358 CEPH_MAX_MON, &opt->num_mon);
359 if (err < 0)
360 goto out;
362 /* parse mount options */
363 while ((c = strsep(&options, ",")) != NULL) {
364 int token, intval, ret;
365 if (!*c)
366 continue;
367 err = -EINVAL;
368 token = match_token((char *)c, opt_tokens, argstr);
369 if (token < 0 && parse_extra_token) {
370 /* extra? */
371 err = parse_extra_token((char *)c, private);
372 if (err < 0) {
373 pr_err("bad option at '%s'\n", c);
374 goto out;
376 continue;
378 if (token < Opt_last_int) {
379 ret = match_int(&argstr[0], &intval);
380 if (ret < 0) {
381 pr_err("bad mount option arg (not int) "
382 "at '%s'\n", c);
383 continue;
385 dout("got int token %d val %d\n", token, intval);
386 } else if (token > Opt_last_int && token < Opt_last_string) {
387 dout("got string token %d val %s\n", token,
388 argstr[0].from);
389 } else {
390 dout("got token %d\n", token);
392 switch (token) {
393 case Opt_ip:
394 err = ceph_parse_ips(argstr[0].from,
395 argstr[0].to,
396 &opt->my_addr,
397 1, NULL);
398 if (err < 0)
399 goto out;
400 opt->flags |= CEPH_OPT_MYIP;
401 break;
403 case Opt_fsid:
404 err = parse_fsid(argstr[0].from, &opt->fsid);
405 if (err == 0)
406 opt->flags |= CEPH_OPT_FSID;
407 break;
408 case Opt_name:
409 opt->name = kstrndup(argstr[0].from,
410 argstr[0].to-argstr[0].from,
411 GFP_KERNEL);
412 break;
413 case Opt_secret:
414 opt->key = kzalloc(sizeof(*opt->key), GFP_KERNEL);
415 if (!opt->key) {
416 err = -ENOMEM;
417 goto out;
419 err = ceph_crypto_key_unarmor(opt->key, argstr[0].from);
420 if (err < 0)
421 goto out;
422 break;
423 case Opt_key:
424 opt->key = kzalloc(sizeof(*opt->key), GFP_KERNEL);
425 if (!opt->key) {
426 err = -ENOMEM;
427 goto out;
429 err = get_secret(opt->key, argstr[0].from);
430 if (err < 0)
431 goto out;
432 break;
434 /* misc */
435 case Opt_osdtimeout:
436 pr_warning("ignoring deprecated osdtimeout option\n");
437 break;
438 case Opt_osdkeepalivetimeout:
439 opt->osd_keepalive_timeout = intval;
440 break;
441 case Opt_osd_idle_ttl:
442 opt->osd_idle_ttl = intval;
443 break;
444 case Opt_mount_timeout:
445 opt->mount_timeout = intval;
446 break;
448 case Opt_share:
449 opt->flags &= ~CEPH_OPT_NOSHARE;
450 break;
451 case Opt_noshare:
452 opt->flags |= CEPH_OPT_NOSHARE;
453 break;
455 case Opt_crc:
456 opt->flags &= ~CEPH_OPT_NOCRC;
457 break;
458 case Opt_nocrc:
459 opt->flags |= CEPH_OPT_NOCRC;
460 break;
462 default:
463 BUG_ON(token);
467 /* success */
468 return opt;
470 out:
471 ceph_destroy_options(opt);
472 return ERR_PTR(err);
474 EXPORT_SYMBOL(ceph_parse_options);
476 u64 ceph_client_id(struct ceph_client *client)
478 return client->monc.auth->global_id;
480 EXPORT_SYMBOL(ceph_client_id);
483 * create a fresh client instance
485 struct ceph_client *ceph_create_client(struct ceph_options *opt, void *private,
486 u64 supported_features,
487 u64 required_features)
489 struct ceph_client *client;
490 struct ceph_entity_addr *myaddr = NULL;
491 int err = -ENOMEM;
493 client = kzalloc(sizeof(*client), GFP_KERNEL);
494 if (client == NULL)
495 return ERR_PTR(-ENOMEM);
497 client->private = private;
498 client->options = opt;
500 mutex_init(&client->mount_mutex);
501 init_waitqueue_head(&client->auth_wq);
502 client->auth_err = 0;
504 client->extra_mon_dispatch = NULL;
505 client->supported_features = CEPH_FEATURES_SUPPORTED_DEFAULT |
506 supported_features;
507 client->required_features = CEPH_FEATURES_REQUIRED_DEFAULT |
508 required_features;
510 /* msgr */
511 if (ceph_test_opt(client, MYIP))
512 myaddr = &client->options->my_addr;
513 ceph_messenger_init(&client->msgr, myaddr,
514 client->supported_features,
515 client->required_features,
516 ceph_test_opt(client, NOCRC));
518 /* subsystems */
519 err = ceph_monc_init(&client->monc, client);
520 if (err < 0)
521 goto fail;
522 err = ceph_osdc_init(&client->osdc, client);
523 if (err < 0)
524 goto fail_monc;
526 return client;
528 fail_monc:
529 ceph_monc_stop(&client->monc);
530 fail:
531 kfree(client);
532 return ERR_PTR(err);
534 EXPORT_SYMBOL(ceph_create_client);
536 void ceph_destroy_client(struct ceph_client *client)
538 dout("destroy_client %p\n", client);
540 atomic_set(&client->msgr.stopping, 1);
542 /* unmount */
543 ceph_osdc_stop(&client->osdc);
545 ceph_monc_stop(&client->monc);
547 ceph_debugfs_client_cleanup(client);
549 ceph_destroy_options(client->options);
551 kfree(client);
552 dout("destroy_client %p done\n", client);
554 EXPORT_SYMBOL(ceph_destroy_client);
557 * true if we have the mon map (and have thus joined the cluster)
559 static int have_mon_and_osd_map(struct ceph_client *client)
561 return client->monc.monmap && client->monc.monmap->epoch &&
562 client->osdc.osdmap && client->osdc.osdmap->epoch;
566 * mount: join the ceph cluster, and open root directory.
568 int __ceph_open_session(struct ceph_client *client, unsigned long started)
570 int err;
571 unsigned long timeout = client->options->mount_timeout * HZ;
573 /* open session, and wait for mon and osd maps */
574 err = ceph_monc_open_session(&client->monc);
575 if (err < 0)
576 return err;
578 while (!have_mon_and_osd_map(client)) {
579 err = -EIO;
580 if (timeout && time_after_eq(jiffies, started + timeout))
581 return err;
583 /* wait */
584 dout("mount waiting for mon_map\n");
585 err = wait_event_interruptible_timeout(client->auth_wq,
586 have_mon_and_osd_map(client) || (client->auth_err < 0),
587 timeout);
588 if (err == -EINTR || err == -ERESTARTSYS)
589 return err;
590 if (client->auth_err < 0)
591 return client->auth_err;
594 return 0;
596 EXPORT_SYMBOL(__ceph_open_session);
599 int ceph_open_session(struct ceph_client *client)
601 int ret;
602 unsigned long started = jiffies; /* note the start time */
604 dout("open_session start\n");
605 mutex_lock(&client->mount_mutex);
607 ret = __ceph_open_session(client, started);
609 mutex_unlock(&client->mount_mutex);
610 return ret;
612 EXPORT_SYMBOL(ceph_open_session);
615 static int __init init_ceph_lib(void)
617 int ret = 0;
619 ret = ceph_debugfs_init();
620 if (ret < 0)
621 goto out;
623 ret = ceph_crypto_init();
624 if (ret < 0)
625 goto out_debugfs;
627 ret = ceph_msgr_init();
628 if (ret < 0)
629 goto out_crypto;
631 ret = ceph_osdc_setup();
632 if (ret < 0)
633 goto out_msgr;
635 pr_info("loaded (mon/osd proto %d/%d)\n",
636 CEPH_MONC_PROTOCOL, CEPH_OSDC_PROTOCOL);
638 return 0;
640 out_msgr:
641 ceph_msgr_exit();
642 out_crypto:
643 ceph_crypto_shutdown();
644 out_debugfs:
645 ceph_debugfs_cleanup();
646 out:
647 return ret;
650 static void __exit exit_ceph_lib(void)
652 dout("exit_ceph_lib\n");
653 ceph_osdc_cleanup();
654 ceph_msgr_exit();
655 ceph_crypto_shutdown();
656 ceph_debugfs_cleanup();
659 module_init(init_ceph_lib);
660 module_exit(exit_ceph_lib);
662 MODULE_AUTHOR("Sage Weil <sage@newdream.net>");
663 MODULE_AUTHOR("Yehuda Sadeh <yehuda@hq.newdream.net>");
664 MODULE_AUTHOR("Patience Warnick <patience@newdream.net>");
665 MODULE_DESCRIPTION("Ceph filesystem for Linux");
666 MODULE_LICENSE("GPL");