1 /*
2 * GPL HEADER START
3 *
4 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 only,
8 * as published by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License version 2 for more details (a copy is included
14 * in the LICENSE file that accompanied this code).
15 *
16 * You should have received a copy of the GNU General Public License
17 * version 2 along with this program; If not, see
18 * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf
19 *
20 * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
21 * CA 95054 USA or visit www.sun.com if you need additional information or
22 * have any questions.
23 *
24 * GPL HEADER END
25 */
26 /*
27 * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
28 * Use is subject to license terms.
29 *
30 * Copyright (c) 2012, Intel Corporation.
31 */
32 /*
33 * This file is part of Lustre, http://www.lustre.org/
34 * Lustre is a trademark of Sun Microsystems, Inc.
35 *
36 * lustre/include/lustre_capa.h
37 *
38 * Author: Lai Siyao <lsy@clusterfs.com>
39 */
40
41 #ifndef __LINUX_CAPA_H_
42 #define __LINUX_CAPA_H_
43
44 /** \defgroup capa capa
45 *
46 * @{
47 */
48
49 /*
50 * capability
51 */
52 #include <linux/crypto.h>
53 #include "lustre/lustre_idl.h"
54
55 #define CAPA_TIMEOUT 1800 /* sec, == 30 min */
56 #define CAPA_KEY_TIMEOUT (24 * 60 * 60) /* sec, == 1 days */
57
58 struct capa_hmac_alg {
59 const char *ha_name;
60 int ha_len;
61 int ha_keylen;
62 };
63
64 #define DEF_CAPA_HMAC_ALG(name, type, len, keylen) \
65 [CAPA_HMAC_ALG_ ## type] = { \
66 .ha_name = name, \
67 .ha_len = len, \
68 .ha_keylen = keylen, \
69 }
70
71 struct client_capa {
72 struct inode *inode;
73 struct list_head lli_list; /* link to lli_oss_capas */
74 };
75
76 struct target_capa {
77 struct hlist_node c_hash; /* link to capa hash */
78 };
79
80 struct obd_capa {
81 struct list_head c_list; /* link to capa_list */
82
83 struct lustre_capa c_capa; /* capa */
84 atomic_t c_refc; /* ref count */
85 unsigned long c_expiry; /* jiffies */
86 spinlock_t c_lock; /* protect capa content */
87 int c_site;
88
89 union {
90 struct client_capa cli;
91 struct target_capa tgt;
92 } u;
93 };
94
95 enum {
96 CAPA_SITE_CLIENT = 0,
97 CAPA_SITE_SERVER,
98 CAPA_SITE_MAX
99 };
100
capa_fid(struct lustre_capa * capa)101 static inline struct lu_fid *capa_fid(struct lustre_capa *capa)
102 {
103 return &capa->lc_fid;
104 }
105
capa_opc(struct lustre_capa * capa)106 static inline __u64 capa_opc(struct lustre_capa *capa)
107 {
108 return capa->lc_opc;
109 }
110
capa_uid(struct lustre_capa * capa)111 static inline __u64 capa_uid(struct lustre_capa *capa)
112 {
113 return capa->lc_uid;
114 }
115
capa_gid(struct lustre_capa * capa)116 static inline __u64 capa_gid(struct lustre_capa *capa)
117 {
118 return capa->lc_gid;
119 }
120
capa_flags(struct lustre_capa * capa)121 static inline __u32 capa_flags(struct lustre_capa *capa)
122 {
123 return capa->lc_flags & 0xffffff;
124 }
125
capa_alg(struct lustre_capa * capa)126 static inline __u32 capa_alg(struct lustre_capa *capa)
127 {
128 return (capa->lc_flags >> 24);
129 }
130
capa_keyid(struct lustre_capa * capa)131 static inline __u32 capa_keyid(struct lustre_capa *capa)
132 {
133 return capa->lc_keyid;
134 }
135
capa_key_seq(struct lustre_capa_key * key)136 static inline __u64 capa_key_seq(struct lustre_capa_key *key)
137 {
138 return key->lk_seq;
139 }
140
capa_key_keyid(struct lustre_capa_key * key)141 static inline __u32 capa_key_keyid(struct lustre_capa_key *key)
142 {
143 return key->lk_keyid;
144 }
145
capa_timeout(struct lustre_capa * capa)146 static inline __u32 capa_timeout(struct lustre_capa *capa)
147 {
148 return capa->lc_timeout;
149 }
150
capa_expiry(struct lustre_capa * capa)151 static inline __u32 capa_expiry(struct lustre_capa *capa)
152 {
153 return capa->lc_expiry;
154 }
155
156 void _debug_capa(struct lustre_capa *, struct libcfs_debug_msg_data *,
157 const char *fmt, ... );
158 #define DEBUG_CAPA(level, capa, fmt, args...) \
159 do { \
160 if (((level) & D_CANTMASK) != 0 || \
161 ((libcfs_debug & (level)) != 0 && \
162 (libcfs_subsystem_debug & DEBUG_SUBSYSTEM) != 0)) { \
163 LIBCFS_DEBUG_MSG_DATA_DECL(msgdata, level, NULL); \
164 _debug_capa((capa), &msgdata, fmt, ##args); \
165 } \
166 } while (0)
167
168 #define DEBUG_CAPA_KEY(level, k, fmt, args...) \
169 do { \
170 CDEBUG(level, fmt " capability key@%p seq %llu keyid %u\n", \
171 ##args, k, capa_key_seq(k), capa_key_keyid(k)); \
172 } while (0)
173
174 typedef int (* renew_capa_cb_t)(struct obd_capa *, struct lustre_capa *);
175
176 /* obdclass/capa.c */
177 extern struct list_head capa_list[];
178 extern spinlock_t capa_lock;
179 extern int capa_count[];
180 extern struct kmem_cache *capa_cachep;
181
182 struct hlist_head *init_capa_hash(void);
183 void cleanup_capa_hash(struct hlist_head *hash);
184
185 struct obd_capa *capa_add(struct hlist_head *hash,
186 struct lustre_capa *capa);
187 struct obd_capa *capa_lookup(struct hlist_head *hash,
188 struct lustre_capa *capa, int alive);
189
190 int capa_hmac(__u8 *hmac, struct lustre_capa *capa, __u8 *key);
191 int capa_encrypt_id(__u32 *d, __u32 *s, __u8 *key, int keylen);
192 int capa_decrypt_id(__u32 *d, __u32 *s, __u8 *key, int keylen);
193 void capa_cpy(void *dst, struct obd_capa *ocapa);
alloc_capa(int site)194 static inline struct obd_capa *alloc_capa(int site)
195 {
196 struct obd_capa *ocapa;
197
198 if (unlikely(site != CAPA_SITE_CLIENT && site != CAPA_SITE_SERVER))
199 return ERR_PTR(-EINVAL);
200
201 OBD_SLAB_ALLOC_PTR(ocapa, capa_cachep);
202 if (unlikely(!ocapa))
203 return ERR_PTR(-ENOMEM);
204
205 INIT_LIST_HEAD(&ocapa->c_list);
206 atomic_set(&ocapa->c_refc, 1);
207 spin_lock_init(&ocapa->c_lock);
208 ocapa->c_site = site;
209 if (ocapa->c_site == CAPA_SITE_CLIENT)
210 INIT_LIST_HEAD(&ocapa->u.cli.lli_list);
211 else
212 INIT_HLIST_NODE(&ocapa->u.tgt.c_hash);
213
214 return ocapa;
215 }
216
capa_get(struct obd_capa * ocapa)217 static inline struct obd_capa *capa_get(struct obd_capa *ocapa)
218 {
219 if (!ocapa)
220 return NULL;
221
222 atomic_inc(&ocapa->c_refc);
223 return ocapa;
224 }
225
capa_put(struct obd_capa * ocapa)226 static inline void capa_put(struct obd_capa *ocapa)
227 {
228 if (!ocapa)
229 return;
230
231 if (atomic_read(&ocapa->c_refc) == 0) {
232 DEBUG_CAPA(D_ERROR, &ocapa->c_capa, "refc is 0 for");
233 LBUG();
234 }
235
236 if (atomic_dec_and_test(&ocapa->c_refc)) {
237 LASSERT(list_empty(&ocapa->c_list));
238 if (ocapa->c_site == CAPA_SITE_CLIENT) {
239 LASSERT(list_empty(&ocapa->u.cli.lli_list));
240 } else {
241 struct hlist_node *hnode;
242
243 hnode = &ocapa->u.tgt.c_hash;
244 LASSERT(!hnode->next && !hnode->pprev);
245 }
246 OBD_SLAB_FREE(ocapa, capa_cachep, sizeof(*ocapa));
247 }
248 }
249
open_flags_to_accmode(int flags)250 static inline int open_flags_to_accmode(int flags)
251 {
252 int mode = flags;
253
254 if ((mode + 1) & O_ACCMODE)
255 mode++;
256 if (mode & O_TRUNC)
257 mode |= 2;
258
259 return mode;
260 }
261
capa_open_opc(int mode)262 static inline __u64 capa_open_opc(int mode)
263 {
264 return mode & FMODE_WRITE ? CAPA_OPC_OSS_WRITE : CAPA_OPC_OSS_READ;
265 }
266
set_capa_expiry(struct obd_capa * ocapa)267 static inline void set_capa_expiry(struct obd_capa *ocapa)
268 {
269 unsigned long expiry = cfs_time_sub((unsigned long)ocapa->c_capa.lc_expiry,
270 get_seconds());
271 ocapa->c_expiry = cfs_time_add(cfs_time_current(),
272 cfs_time_seconds(expiry));
273 }
274
capa_is_expired_sec(struct lustre_capa * capa)275 static inline int capa_is_expired_sec(struct lustre_capa *capa)
276 {
277 return (capa->lc_expiry - get_seconds() <= 0);
278 }
279
capa_is_expired(struct obd_capa * ocapa)280 static inline int capa_is_expired(struct obd_capa *ocapa)
281 {
282 return time_before_eq(ocapa->c_expiry, cfs_time_current());
283 }
284
capa_opc_supported(struct lustre_capa * capa,__u64 opc)285 static inline int capa_opc_supported(struct lustre_capa *capa, __u64 opc)
286 {
287 return (capa_opc(capa) & opc) == opc;
288 }
289
290 struct filter_capa_key {
291 struct list_head k_list;
292 struct lustre_capa_key k_key;
293 };
294
295 enum {
296 LC_ID_NONE = 0,
297 LC_ID_PLAIN = 1,
298 LC_ID_CONVERT = 2
299 };
300
301 #define BYPASS_CAPA (struct lustre_capa *)ERR_PTR(-ENOENT)
302
303 /** @} capa */
304
305 #endif /* __LINUX_CAPA_H_ */
306