sec


Data Structures

struct  bulk_spec_hash
struct  sptlrpc_flavor
struct  sptlrpc_rule
struct  sptlrpc_rule_set
struct  vfs_cred
struct  ptlrpc_ctx_ops
struct  ptlrpc_cli_ctx
struct  ptlrpc_sec_cops
struct  ptlrpc_sec_sops
struct  ptlrpc_sec_policy
struct  ptlrpc_sec
struct  ptlrpc_svc_ctx
struct  ptlrpc_user_desc
struct  sptlrpc_hash_type
struct  ptlrpc_bulk_sec_desc

Defines

#define FLVR_POLICY_OFFSET   (0)
#define FLVR_MECH_OFFSET   (4)
#define FLVR_SVC_OFFSET   (8)
#define FLVR_BULK_TYPE_OFFSET   (12)
#define FLVR_BULK_SVC_OFFSET   (16)
#define MAKE_FLVR(policy, mech, svc, btype, bsvc)
#define SPTLRPC_FLVR_POLICY(flavor)   ((((__u32)(flavor)) >> FLVR_POLICY_OFFSET) & 0xF)
#define SPTLRPC_FLVR_MECH(flavor)   ((((__u32)(flavor)) >> FLVR_MECH_OFFSET) & 0xF)
#define SPTLRPC_FLVR_SVC(flavor)   ((((__u32)(flavor)) >> FLVR_SVC_OFFSET) & 0xF)
#define SPTLRPC_FLVR_BULK_TYPE(flavor)   ((((__u32)(flavor)) >> FLVR_BULK_TYPE_OFFSET) & 0xF)
#define SPTLRPC_FLVR_BULK_SVC(flavor)   ((((__u32)(flavor)) >> FLVR_BULK_SVC_OFFSET) & 0xF)
#define SPTLRPC_FLVR_BASE(flavor)   ((((__u32)(flavor)) >> FLVR_POLICY_OFFSET) & 0xFFF)
#define SPTLRPC_FLVR_BASE_SUB(flavor)   ((((__u32)(flavor)) >> FLVR_MECH_OFFSET) & 0xFF)
#define MAKE_BASE_SUBFLVR(mech, svc)
#define SPTLRPC_SUBFLVR_KRB5N   MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_KRB5, SPTLRPC_SVC_NULL)
#define SPTLRPC_SUBFLVR_KRB5A   MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_KRB5, SPTLRPC_SVC_AUTH)
#define SPTLRPC_SUBFLVR_KRB5I   MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_KRB5, SPTLRPC_SVC_INTG)
#define SPTLRPC_SUBFLVR_KRB5P   MAKE_BASE_SUBFLVR(SPTLRPC_MECH_GSS_KRB5, SPTLRPC_SVC_PRIV)
#define SPTLRPC_FLVR_NULL
#define SPTLRPC_FLVR_PLAIN
#define SPTLRPC_FLVR_KRB5N
#define SPTLRPC_FLVR_KRB5A
#define SPTLRPC_FLVR_KRB5I
#define SPTLRPC_FLVR_KRB5P
#define SPTLRPC_FLVR_DEFAULT   SPTLRPC_FLVR_NULL
#define SPTLRPC_FLVR_INVALID   ((__u32) 0xFFFFFFFF)
#define SPTLRPC_FLVR_ANY   ((__u32) 0xFFF00000)
#define WIRE_FLVR(wflvr)   (((__u32) (wflvr)) & 0x000FFFFF)
#define SPTLRPC_MAX_PAYLOAD   (1024)
#define PTLRPC_CTX_NEW_BIT   (0)
#define PTLRPC_CTX_UPTODATE_BIT   (1)
#define PTLRPC_CTX_DEAD_BIT   (2)
#define PTLRPC_CTX_ERROR_BIT   (3)
#define PTLRPC_CTX_CACHED_BIT   (8)
#define PTLRPC_CTX_ETERNAL_BIT   (9)
#define PTLRPC_CTX_NEW   (1 << PTLRPC_CTX_NEW_BIT)
#define PTLRPC_CTX_UPTODATE   (1 << PTLRPC_CTX_UPTODATE_BIT)
#define PTLRPC_CTX_DEAD   (1 << PTLRPC_CTX_DEAD_BIT)
#define PTLRPC_CTX_ERROR   (1 << PTLRPC_CTX_ERROR_BIT)
#define PTLRPC_CTX_CACHED   (1 << PTLRPC_CTX_CACHED_BIT)
#define PTLRPC_CTX_ETERNAL   (1 << PTLRPC_CTX_ETERNAL_BIT)
#define PTLRPC_CTX_STATUS_MASK
#define PTLRPC_SEC_FL_REVERSE   0x0001
#define PTLRPC_SEC_FL_ROOTONLY   0x0002
#define PTLRPC_SEC_FL_UDESC   0x0004
#define PTLRPC_SEC_FL_BULK   0x0008
#define PTLRPC_SEC_FL_PAG   0x0010
#define LUSTRE_MAX_GROUPS   (128)
#define CFS_CAP_CHOWN_MASK   (1 << CFS_CAP_CHOWN)
#define CFS_CAP_SYS_RESOURCE_MASK   (1 << CFS_CAP_SYS_RESOURCE)

Enumerations

enum  sptlrpc_policy { SPTLRPC_POLICY_NULL = 0, SPTLRPC_POLICY_PLAIN = 1, SPTLRPC_POLICY_GSS = 2, SPTLRPC_POLICY_MAX }
enum  sptlrpc_mech_null { SPTLRPC_MECH_NULL = 0, SPTLRPC_MECH_NULL_MAX }
enum  sptlrpc_mech_plain { SPTLRPC_MECH_PLAIN = 0, SPTLRPC_MECH_PLAIN_MAX }
enum  sptlrpc_mech_gss { SPTLRPC_MECH_GSS_NULL = 0, SPTLRPC_MECH_GSS_KRB5 = 1, SPTLRPC_MECH_GSS_MAX }
enum  sptlrpc_service_type {
  SPTLRPC_SVC_NULL = 0, SPTLRPC_SVC_AUTH = 1, SPTLRPC_SVC_INTG = 2, SPTLRPC_SVC_PRIV = 3,
  SPTLRPC_SVC_MAX
}
enum  sptlrpc_bulk_type { SPTLRPC_BULK_DEFAULT = 0, SPTLRPC_BULK_HASH = 1, SPTLRPC_BULK_MAX }
enum  sptlrpc_bulk_service {
  SPTLRPC_BULK_SVC_NULL = 0, SPTLRPC_BULK_SVC_AUTH = 1, SPTLRPC_BULK_SVC_INTG = 2, SPTLRPC_BULK_SVC_PRIV = 3,
  SPTLRPC_BULK_SVC_MAX
}
enum  lustre_sec_part {
  LUSTRE_SP_CLI = 0, LUSTRE_SP_MDT, LUSTRE_SP_OST, LUSTRE_SP_MGC,
  LUSTRE_SP_MGS, LUSTRE_SP_ANY = 0xFF
}
enum  sptlrpc_bulk_hash_alg {
  BULK_HASH_ALG_NULL = 0, BULK_HASH_ALG_ADLER32, BULK_HASH_ALG_CRC32, BULK_HASH_ALG_MD5,
  BULK_HASH_ALG_SHA1, BULK_HASH_ALG_SHA256, BULK_HASH_ALG_SHA384, BULK_HASH_ALG_SHA512,
  BULK_HASH_ALG_MAX
}
enum  { BSD_FL_ERR = 1 }
enum  secsvc_accept_res { SECSVC_OK = 0, SECSVC_COMPLETE, SECSVC_DROP }
enum  { LUSTRE_SEC_NONE = 0, LUSTRE_SEC_REMOTE = 1, LUSTRE_SEC_SPECIFY = 2, LUSTRE_SEC_ALL = 3 }

Functions

const char * sptlrpc_part2name (enum lustre_sec_part sp)
enum lustre_sec_part sptlrpc_target_sec_part (struct obd_device *obd)
int sptlrpc_parse_flavor (const char *str, struct sptlrpc_flavor *flvr)
int sptlrpc_flavor_has_bulk (struct sptlrpc_flavor *flvr)
void sptlrpc_rule_set_free (struct sptlrpc_rule_set *set)
int sptlrpc_rule_set_expand (struct sptlrpc_rule_set *set)
int sptlrpc_rule_set_merge (struct sptlrpc_rule_set *set, struct sptlrpc_rule *rule)
int sptlrpc_rule_set_choose (struct sptlrpc_rule_set *rset, enum lustre_sec_part from, enum lustre_sec_part to, lnet_nid_t nid, struct sptlrpc_flavor *sf)
 given from/to/nid, determine a matching flavor in ruleset.
void sptlrpc_rule_set_dump (struct sptlrpc_rule_set *set)
int sptlrpc_process_config (struct lustre_cfg *lcfg)
void sptlrpc_conf_log_start (const char *logname)
void sptlrpc_conf_log_stop (const char *logname)
void sptlrpc_conf_log_update_begin (const char *logname)
void sptlrpc_conf_log_update_end (const char *logname)
 mark a config log has been updated
void sptlrpc_conf_client_adapt (struct obd_device *obd)
 called by client devices, notify the sptlrpc config has changed and do import_sec_adapt later.
int sptlrpc_conf_target_get_rules (struct obd_device *obd, struct sptlrpc_rule_set *rset, int initial)
 called by target devices, extract sptlrpc rules which applies to this target, to be used for future rpc flavor checking.
void sptlrpc_target_choose_flavor (struct sptlrpc_rule_set *rset, enum lustre_sec_part from, lnet_nid_t nid, struct sptlrpc_flavor *flavor)
 called by target devices, determine the expected flavor from certain peer (from, nid).
sptlrpc_hash_type * sptlrpc_get_hash_type (__u8 hash_alg)
const char * sptlrpc_get_hash_name (__u8 hash_alg)
__u8 sptlrpc_get_hash_alg (const char *algname)
void _sptlrpc_enlarge_msg_inplace (struct lustre_msg *msg, int segment, int newsize)
int sptlrpc_register_policy (struct ptlrpc_sec_policy *policy)
int sptlrpc_unregister_policy (struct ptlrpc_sec_policy *policy)
__u32 sptlrpc_name2flavor_base (const char *name)
const char * sptlrpc_flavor2name_base (__u32 flvr)
char * sptlrpc_flavor2name_bulk (struct sptlrpc_flavor *sf, char *buf, int bufsize)
char * sptlrpc_flavor2name (struct sptlrpc_flavor *sf, char *buf, int bufsize)
char * sptlrpc_secflags2str (__u32 flags, char *buf, int bufsize)
ptlrpc_sec * sptlrpc_sec_get (struct ptlrpc_sec *sec)
void sptlrpc_sec_put (struct ptlrpc_sec *sec)
int sptlrpc_get_next_secid (void)
void sptlrpc_sec_destroy (struct ptlrpc_sec *sec)
ptlrpc_cli_ctx * sptlrpc_cli_ctx_get (struct ptlrpc_cli_ctx *ctx)
void sptlrpc_cli_ctx_put (struct ptlrpc_cli_ctx *ctx, int sync)
void sptlrpc_cli_ctx_expire (struct ptlrpc_cli_ctx *ctx)
void sptlrpc_cli_ctx_wakeup (struct ptlrpc_cli_ctx *ctx)
int sptlrpc_cli_ctx_display (struct ptlrpc_cli_ctx *ctx, char *buf, int bufsize)
int sptlrpc_cli_wrap_request (struct ptlrpc_request *req)
int sptlrpc_cli_unwrap_reply (struct ptlrpc_request *req)
int sptlrpc_cli_alloc_reqbuf (struct ptlrpc_request *req, int msgsize)
void sptlrpc_cli_free_reqbuf (struct ptlrpc_request *req)
int sptlrpc_cli_alloc_repbuf (struct ptlrpc_request *req, int msgsize)
void sptlrpc_cli_free_repbuf (struct ptlrpc_request *req)
int sptlrpc_cli_enlarge_reqbuf (struct ptlrpc_request *req, int segment, int newsize)
int sptlrpc_cli_unwrap_early_reply (struct ptlrpc_request *req, struct ptlrpc_request **req_ret)
 Upon called, the receive buffer might be still posted, so the reply data might be changed at any time, no matter we're holding rq_lock or not.
void sptlrpc_cli_finish_early_reply (struct ptlrpc_request *early_req)
void sptlrpc_request_out_callback (struct ptlrpc_request *req)
int sptlrpc_import_sec_adapt (struct obd_import *imp, struct ptlrpc_svc_ctx *ctx, struct sptlrpc_flavor *flvr)
ptlrpc_sec * sptlrpc_import_sec_ref (struct obd_import *imp)
void sptlrpc_import_sec_put (struct obd_import *imp)
int sptlrpc_import_check_ctx (struct obd_import *imp)
void sptlrpc_import_flush_root_ctx (struct obd_import *imp)
void sptlrpc_import_flush_my_ctx (struct obd_import *imp)
void sptlrpc_import_flush_all_ctx (struct obd_import *imp)
int sptlrpc_req_get_ctx (struct ptlrpc_request *req)
void sptlrpc_req_put_ctx (struct ptlrpc_request *req, int sync)
int sptlrpc_req_refresh_ctx (struct ptlrpc_request *req, long timeout)
int sptlrpc_req_replace_dead_ctx (struct ptlrpc_request *req)
 if current context has died, or if we resend after flavor switched, call this func to switch context.
void sptlrpc_req_set_flavor (struct ptlrpc_request *req, int opcode)
int sptlrpc_parse_rule (char *param, struct sptlrpc_rule *rule)
void sptlrpc_gc_add_sec (struct ptlrpc_sec *sec)
void sptlrpc_gc_del_sec (struct ptlrpc_sec *sec)
void sptlrpc_gc_add_ctx (struct ptlrpc_cli_ctx *ctx)
const char * sec2target_str (struct ptlrpc_sec *sec)
int sptlrpc_lprocfs_cliobd_attach (struct obd_device *dev)
int sptlrpc_svc_unwrap_request (struct ptlrpc_request *req)
int sptlrpc_svc_alloc_rs (struct ptlrpc_request *req, int msglen)
int sptlrpc_svc_wrap_reply (struct ptlrpc_request *req)
void sptlrpc_svc_free_rs (struct ptlrpc_reply_state *rs)
void sptlrpc_svc_ctx_addref (struct ptlrpc_request *req)
void sptlrpc_svc_ctx_decref (struct ptlrpc_request *req)
void sptlrpc_svc_ctx_invalidate (struct ptlrpc_request *req)
int sptlrpc_target_export_check (struct obd_export *exp, struct ptlrpc_request *req)
void sptlrpc_target_update_exp_flavor (struct obd_device *obd, struct sptlrpc_rule_set *rset)
int sptlrpc_svc_install_rvs_ctx (struct obd_import *imp, struct ptlrpc_svc_ctx *ctx)
int sptlrpc_cli_install_rvs_ctx (struct obd_import *imp, struct ptlrpc_cli_ctx *ctx)
int sptlrpc_enc_pool_add_user (void)
int sptlrpc_enc_pool_del_user (void)
int sptlrpc_enc_pool_get_pages (struct ptlrpc_bulk_desc *desc)
void sptlrpc_enc_pool_put_pages (struct ptlrpc_bulk_desc *desc)
int sptlrpc_cli_wrap_bulk (struct ptlrpc_request *req, struct ptlrpc_bulk_desc *desc)
int sptlrpc_cli_unwrap_bulk_read (struct ptlrpc_request *req, struct ptlrpc_bulk_desc *desc, int nob)
int sptlrpc_cli_unwrap_bulk_write (struct ptlrpc_request *req, struct ptlrpc_bulk_desc *desc)
int sptlrpc_svc_prep_bulk (struct ptlrpc_request *req, struct ptlrpc_bulk_desc *desc)
int sptlrpc_svc_wrap_bulk (struct ptlrpc_request *req, struct ptlrpc_bulk_desc *desc)
int sptlrpc_svc_unwrap_bulk (struct ptlrpc_request *req, struct ptlrpc_bulk_desc *desc)
int sptlrpc_get_bulk_checksum (struct ptlrpc_bulk_desc *desc, __u8 alg, void *buf, int buflen)
int bulk_sec_desc_unpack (struct lustre_msg *msg, int offset, int swabbed)
int sptlrpc_current_user_desc_size (void)
int sptlrpc_pack_user_desc (struct lustre_msg *msg, int offset)
int sptlrpc_unpack_user_desc (struct lustre_msg *req, int offset, int swabbed)

Variables

proc_dir_entry * sptlrpc_proc_root

Define Documentation

#define MAKE_BASE_SUBFLVR ( mech,
svc   ) 

Value:

((__u32)(mech) |                                                \
         ((__u32)(svc) << (FLVR_SVC_OFFSET - FLVR_MECH_OFFSET)))

#define MAKE_FLVR ( policy,
mech,
svc,
btype,
bsvc   ) 

Value:

(((__u32)(policy) << FLVR_POLICY_OFFSET) |                      \
         ((__u32)(mech) << FLVR_MECH_OFFSET) |                          \
         ((__u32)(svc) << FLVR_SVC_OFFSET) |                            \
         ((__u32)(btype) << FLVR_BULK_TYPE_OFFSET) |                    \
         ((__u32)(bsvc) << FLVR_BULK_SVC_OFFSET))

#define PTLRPC_CTX_STATUS_MASK

Value:

(PTLRPC_CTX_NEW_BIT    |       \
                                        PTLRPC_CTX_UPTODATE   |       \
                                        PTLRPC_CTX_DEAD       |       \
                                        PTLRPC_CTX_ERROR)

#define SPTLRPC_FLVR_KRB5A

Value:

MAKE_FLVR(SPTLRPC_POLICY_GSS,                   \
                  SPTLRPC_MECH_GSS_KRB5,                \
                  SPTLRPC_SVC_AUTH,                     \
                  SPTLRPC_BULK_DEFAULT,                 \
                  SPTLRPC_BULK_SVC_NULL)

#define SPTLRPC_FLVR_KRB5I

Value:

MAKE_FLVR(SPTLRPC_POLICY_GSS,                   \
                  SPTLRPC_MECH_GSS_KRB5,                \
                  SPTLRPC_SVC_INTG,                     \
                  SPTLRPC_BULK_DEFAULT,                 \
                  SPTLRPC_BULK_SVC_INTG)

#define SPTLRPC_FLVR_KRB5N

Value:

MAKE_FLVR(SPTLRPC_POLICY_GSS,                   \
                  SPTLRPC_MECH_GSS_KRB5,                \
                  SPTLRPC_SVC_NULL,                     \
                  SPTLRPC_BULK_DEFAULT,                 \
                  SPTLRPC_BULK_SVC_NULL)

#define SPTLRPC_FLVR_KRB5P

Value:

MAKE_FLVR(SPTLRPC_POLICY_GSS,                   \
                  SPTLRPC_MECH_GSS_KRB5,                \
                  SPTLRPC_SVC_PRIV,                     \
                  SPTLRPC_BULK_DEFAULT,                 \
                  SPTLRPC_BULK_SVC_PRIV)

#define SPTLRPC_FLVR_NULL

Value:

MAKE_FLVR(SPTLRPC_POLICY_NULL,                  \
                  SPTLRPC_MECH_NULL,                    \
                  SPTLRPC_SVC_NULL,                     \
                  SPTLRPC_BULK_DEFAULT,                 \
                  SPTLRPC_BULK_SVC_NULL)

#define SPTLRPC_FLVR_PLAIN

Value:

MAKE_FLVR(SPTLRPC_POLICY_PLAIN,                 \
                  SPTLRPC_MECH_PLAIN,                   \
                  SPTLRPC_SVC_NULL,                     \
                  SPTLRPC_BULK_HASH,                    \
                  SPTLRPC_BULK_SVC_INTG)


Function Documentation

int sptlrpc_cli_unwrap_early_reply ( struct ptlrpc_request req,
struct ptlrpc_request **  req_ret 
)

Upon called, the receive buffer might be still posted, so the reply data might be changed at any time, no matter we're holding rq_lock or not.

we expect the rq_reply_off be 0, rq_nob_received is the early reply size.

we allocate separate ptlrpc_request and reply buffer for early reply processing, return 0 and req_ret is a duplicated ptlrpc_request. caller must call sptlrpc_cli_finish_early_reply() on the returned request to release it. if anything goes wrong req_ret will not be set.

int sptlrpc_req_replace_dead_ctx ( struct ptlrpc_request req  ) 

if current context has died, or if we resend after flavor switched, call this func to switch context.

if no switch is needed, request will end up with the same context.

request must have a context. in any case of failure, restore the restore the old one - a request must have a context.

int sptlrpc_rule_set_choose ( struct sptlrpc_rule_set *  rset,
enum lustre_sec_part  from,
enum lustre_sec_part  to,
lnet_nid_t  nid,
struct sptlrpc_flavor *  sf 
)

given from/to/nid, determine a matching flavor in ruleset.

return 1 if a match found, otherwise return 0.


Generated on Mon Apr 12 04:18:21 2010 for Lustre 1.10.0.40-0-g9a80ff7 by doxygen 1.4.7

Contact | About Sun | News | Employment | Privacy | Terms of Use | Trademarks | (C) 2008 Sun Microsystems, Inc.