messenger_v2.c (93314B)
1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Ceph msgr2 protocol implementation 4 * 5 * Copyright (C) 2020 Ilya Dryomov <idryomov@gmail.com> 6 */ 7 8#include <linux/ceph/ceph_debug.h> 9 10#include <crypto/aead.h> 11#include <crypto/algapi.h> /* for crypto_memneq() */ 12#include <crypto/hash.h> 13#include <crypto/sha2.h> 14#include <linux/bvec.h> 15#include <linux/crc32c.h> 16#include <linux/net.h> 17#include <linux/scatterlist.h> 18#include <linux/socket.h> 19#include <linux/sched/mm.h> 20#include <net/sock.h> 21#include <net/tcp.h> 22 23#include <linux/ceph/ceph_features.h> 24#include <linux/ceph/decode.h> 25#include <linux/ceph/libceph.h> 26#include <linux/ceph/messenger.h> 27 28#include "crypto.h" /* for CEPH_KEY_LEN and CEPH_MAX_CON_SECRET_LEN */ 29 30#define FRAME_TAG_HELLO 1 31#define FRAME_TAG_AUTH_REQUEST 2 32#define FRAME_TAG_AUTH_BAD_METHOD 3 33#define FRAME_TAG_AUTH_REPLY_MORE 4 34#define FRAME_TAG_AUTH_REQUEST_MORE 5 35#define FRAME_TAG_AUTH_DONE 6 36#define FRAME_TAG_AUTH_SIGNATURE 7 37#define FRAME_TAG_CLIENT_IDENT 8 38#define FRAME_TAG_SERVER_IDENT 9 39#define FRAME_TAG_IDENT_MISSING_FEATURES 10 40#define FRAME_TAG_SESSION_RECONNECT 11 41#define FRAME_TAG_SESSION_RESET 12 42#define FRAME_TAG_SESSION_RETRY 13 43#define FRAME_TAG_SESSION_RETRY_GLOBAL 14 44#define FRAME_TAG_SESSION_RECONNECT_OK 15 45#define FRAME_TAG_WAIT 16 46#define FRAME_TAG_MESSAGE 17 47#define FRAME_TAG_KEEPALIVE2 18 48#define FRAME_TAG_KEEPALIVE2_ACK 19 49#define FRAME_TAG_ACK 20 50 51#define FRAME_LATE_STATUS_ABORTED 0x1 52#define FRAME_LATE_STATUS_COMPLETE 0xe 53#define FRAME_LATE_STATUS_ABORTED_MASK 0xf 54 55#define IN_S_HANDLE_PREAMBLE 1 56#define IN_S_HANDLE_CONTROL 2 57#define IN_S_HANDLE_CONTROL_REMAINDER 3 58#define IN_S_PREPARE_READ_DATA 4 59#define IN_S_PREPARE_READ_DATA_CONT 5 60#define IN_S_PREPARE_READ_ENC_PAGE 6 61#define IN_S_HANDLE_EPILOGUE 7 62#define IN_S_FINISH_SKIP 8 63 64#define OUT_S_QUEUE_DATA 1 65#define OUT_S_QUEUE_DATA_CONT 2 66#define OUT_S_QUEUE_ENC_PAGE 3 67#define OUT_S_QUEUE_ZEROS 4 68#define OUT_S_FINISH_MESSAGE 5 69#define OUT_S_GET_NEXT 6 70 71#define CTRL_BODY(p) ((void *)(p) + CEPH_PREAMBLE_LEN) 72#define FRONT_PAD(p) ((void *)(p) + CEPH_EPILOGUE_SECURE_LEN) 73#define MIDDLE_PAD(p) (FRONT_PAD(p) + CEPH_GCM_BLOCK_LEN) 74#define DATA_PAD(p) (MIDDLE_PAD(p) + CEPH_GCM_BLOCK_LEN) 75 76#define CEPH_MSG_FLAGS (MSG_DONTWAIT | MSG_NOSIGNAL) 77 78static int do_recvmsg(struct socket *sock, struct iov_iter *it) 79{ 80 struct msghdr msg = { .msg_flags = CEPH_MSG_FLAGS }; 81 int ret; 82 83 msg.msg_iter = *it; 84 while (iov_iter_count(it)) { 85 ret = sock_recvmsg(sock, &msg, msg.msg_flags); 86 if (ret <= 0) { 87 if (ret == -EAGAIN) 88 ret = 0; 89 return ret; 90 } 91 92 iov_iter_advance(it, ret); 93 } 94 95 WARN_ON(msg_data_left(&msg)); 96 return 1; 97} 98 99/* 100 * Read as much as possible. 101 * 102 * Return: 103 * 1 - done, nothing (else) to read 104 * 0 - socket is empty, need to wait 105 * <0 - error 106 */ 107static int ceph_tcp_recv(struct ceph_connection *con) 108{ 109 int ret; 110 111 dout("%s con %p %s %zu\n", __func__, con, 112 iov_iter_is_discard(&con->v2.in_iter) ? "discard" : "need", 113 iov_iter_count(&con->v2.in_iter)); 114 ret = do_recvmsg(con->sock, &con->v2.in_iter); 115 dout("%s con %p ret %d left %zu\n", __func__, con, ret, 116 iov_iter_count(&con->v2.in_iter)); 117 return ret; 118} 119 120static int do_sendmsg(struct socket *sock, struct iov_iter *it) 121{ 122 struct msghdr msg = { .msg_flags = CEPH_MSG_FLAGS }; 123 int ret; 124 125 msg.msg_iter = *it; 126 while (iov_iter_count(it)) { 127 ret = sock_sendmsg(sock, &msg); 128 if (ret <= 0) { 129 if (ret == -EAGAIN) 130 ret = 0; 131 return ret; 132 } 133 134 iov_iter_advance(it, ret); 135 } 136 137 WARN_ON(msg_data_left(&msg)); 138 return 1; 139} 140 141static int do_try_sendpage(struct socket *sock, struct iov_iter *it) 142{ 143 struct msghdr msg = { .msg_flags = CEPH_MSG_FLAGS }; 144 struct bio_vec bv; 145 int ret; 146 147 if (WARN_ON(!iov_iter_is_bvec(it))) 148 return -EINVAL; 149 150 while (iov_iter_count(it)) { 151 /* iov_iter_iovec() for ITER_BVEC */ 152 bv.bv_page = it->bvec->bv_page; 153 bv.bv_offset = it->bvec->bv_offset + it->iov_offset; 154 bv.bv_len = min(iov_iter_count(it), 155 it->bvec->bv_len - it->iov_offset); 156 157 /* 158 * sendpage cannot properly handle pages with 159 * page_count == 0, we need to fall back to sendmsg if 160 * that's the case. 161 * 162 * Same goes for slab pages: skb_can_coalesce() allows 163 * coalescing neighboring slab objects into a single frag 164 * which triggers one of hardened usercopy checks. 165 */ 166 if (sendpage_ok(bv.bv_page)) { 167 ret = sock->ops->sendpage(sock, bv.bv_page, 168 bv.bv_offset, bv.bv_len, 169 CEPH_MSG_FLAGS); 170 } else { 171 iov_iter_bvec(&msg.msg_iter, WRITE, &bv, 1, bv.bv_len); 172 ret = sock_sendmsg(sock, &msg); 173 } 174 if (ret <= 0) { 175 if (ret == -EAGAIN) 176 ret = 0; 177 return ret; 178 } 179 180 iov_iter_advance(it, ret); 181 } 182 183 return 1; 184} 185 186/* 187 * Write as much as possible. The socket is expected to be corked, 188 * so we don't bother with MSG_MORE/MSG_SENDPAGE_NOTLAST here. 189 * 190 * Return: 191 * 1 - done, nothing (else) to write 192 * 0 - socket is full, need to wait 193 * <0 - error 194 */ 195static int ceph_tcp_send(struct ceph_connection *con) 196{ 197 int ret; 198 199 dout("%s con %p have %zu try_sendpage %d\n", __func__, con, 200 iov_iter_count(&con->v2.out_iter), con->v2.out_iter_sendpage); 201 if (con->v2.out_iter_sendpage) 202 ret = do_try_sendpage(con->sock, &con->v2.out_iter); 203 else 204 ret = do_sendmsg(con->sock, &con->v2.out_iter); 205 dout("%s con %p ret %d left %zu\n", __func__, con, ret, 206 iov_iter_count(&con->v2.out_iter)); 207 return ret; 208} 209 210static void add_in_kvec(struct ceph_connection *con, void *buf, int len) 211{ 212 BUG_ON(con->v2.in_kvec_cnt >= ARRAY_SIZE(con->v2.in_kvecs)); 213 WARN_ON(!iov_iter_is_kvec(&con->v2.in_iter)); 214 215 con->v2.in_kvecs[con->v2.in_kvec_cnt].iov_base = buf; 216 con->v2.in_kvecs[con->v2.in_kvec_cnt].iov_len = len; 217 con->v2.in_kvec_cnt++; 218 219 con->v2.in_iter.nr_segs++; 220 con->v2.in_iter.count += len; 221} 222 223static void reset_in_kvecs(struct ceph_connection *con) 224{ 225 WARN_ON(iov_iter_count(&con->v2.in_iter)); 226 227 con->v2.in_kvec_cnt = 0; 228 iov_iter_kvec(&con->v2.in_iter, READ, con->v2.in_kvecs, 0, 0); 229} 230 231static void set_in_bvec(struct ceph_connection *con, const struct bio_vec *bv) 232{ 233 WARN_ON(iov_iter_count(&con->v2.in_iter)); 234 235 con->v2.in_bvec = *bv; 236 iov_iter_bvec(&con->v2.in_iter, READ, &con->v2.in_bvec, 1, bv->bv_len); 237} 238 239static void set_in_skip(struct ceph_connection *con, int len) 240{ 241 WARN_ON(iov_iter_count(&con->v2.in_iter)); 242 243 dout("%s con %p len %d\n", __func__, con, len); 244 iov_iter_discard(&con->v2.in_iter, READ, len); 245} 246 247static void add_out_kvec(struct ceph_connection *con, void *buf, int len) 248{ 249 BUG_ON(con->v2.out_kvec_cnt >= ARRAY_SIZE(con->v2.out_kvecs)); 250 WARN_ON(!iov_iter_is_kvec(&con->v2.out_iter)); 251 WARN_ON(con->v2.out_zero); 252 253 con->v2.out_kvecs[con->v2.out_kvec_cnt].iov_base = buf; 254 con->v2.out_kvecs[con->v2.out_kvec_cnt].iov_len = len; 255 con->v2.out_kvec_cnt++; 256 257 con->v2.out_iter.nr_segs++; 258 con->v2.out_iter.count += len; 259} 260 261static void reset_out_kvecs(struct ceph_connection *con) 262{ 263 WARN_ON(iov_iter_count(&con->v2.out_iter)); 264 WARN_ON(con->v2.out_zero); 265 266 con->v2.out_kvec_cnt = 0; 267 268 iov_iter_kvec(&con->v2.out_iter, WRITE, con->v2.out_kvecs, 0, 0); 269 con->v2.out_iter_sendpage = false; 270} 271 272static void set_out_bvec(struct ceph_connection *con, const struct bio_vec *bv, 273 bool zerocopy) 274{ 275 WARN_ON(iov_iter_count(&con->v2.out_iter)); 276 WARN_ON(con->v2.out_zero); 277 278 con->v2.out_bvec = *bv; 279 con->v2.out_iter_sendpage = zerocopy; 280 iov_iter_bvec(&con->v2.out_iter, WRITE, &con->v2.out_bvec, 1, 281 con->v2.out_bvec.bv_len); 282} 283 284static void set_out_bvec_zero(struct ceph_connection *con) 285{ 286 WARN_ON(iov_iter_count(&con->v2.out_iter)); 287 WARN_ON(!con->v2.out_zero); 288 289 con->v2.out_bvec.bv_page = ceph_zero_page; 290 con->v2.out_bvec.bv_offset = 0; 291 con->v2.out_bvec.bv_len = min(con->v2.out_zero, (int)PAGE_SIZE); 292 con->v2.out_iter_sendpage = true; 293 iov_iter_bvec(&con->v2.out_iter, WRITE, &con->v2.out_bvec, 1, 294 con->v2.out_bvec.bv_len); 295} 296 297static void out_zero_add(struct ceph_connection *con, int len) 298{ 299 dout("%s con %p len %d\n", __func__, con, len); 300 con->v2.out_zero += len; 301} 302 303static void *alloc_conn_buf(struct ceph_connection *con, int len) 304{ 305 void *buf; 306 307 dout("%s con %p len %d\n", __func__, con, len); 308 309 if (WARN_ON(con->v2.conn_buf_cnt >= ARRAY_SIZE(con->v2.conn_bufs))) 310 return NULL; 311 312 buf = kvmalloc(len, GFP_NOIO); 313 if (!buf) 314 return NULL; 315 316 con->v2.conn_bufs[con->v2.conn_buf_cnt++] = buf; 317 return buf; 318} 319 320static void free_conn_bufs(struct ceph_connection *con) 321{ 322 while (con->v2.conn_buf_cnt) 323 kvfree(con->v2.conn_bufs[--con->v2.conn_buf_cnt]); 324} 325 326static void add_in_sign_kvec(struct ceph_connection *con, void *buf, int len) 327{ 328 BUG_ON(con->v2.in_sign_kvec_cnt >= ARRAY_SIZE(con->v2.in_sign_kvecs)); 329 330 con->v2.in_sign_kvecs[con->v2.in_sign_kvec_cnt].iov_base = buf; 331 con->v2.in_sign_kvecs[con->v2.in_sign_kvec_cnt].iov_len = len; 332 con->v2.in_sign_kvec_cnt++; 333} 334 335static void clear_in_sign_kvecs(struct ceph_connection *con) 336{ 337 con->v2.in_sign_kvec_cnt = 0; 338} 339 340static void add_out_sign_kvec(struct ceph_connection *con, void *buf, int len) 341{ 342 BUG_ON(con->v2.out_sign_kvec_cnt >= ARRAY_SIZE(con->v2.out_sign_kvecs)); 343 344 con->v2.out_sign_kvecs[con->v2.out_sign_kvec_cnt].iov_base = buf; 345 con->v2.out_sign_kvecs[con->v2.out_sign_kvec_cnt].iov_len = len; 346 con->v2.out_sign_kvec_cnt++; 347} 348 349static void clear_out_sign_kvecs(struct ceph_connection *con) 350{ 351 con->v2.out_sign_kvec_cnt = 0; 352} 353 354static bool con_secure(struct ceph_connection *con) 355{ 356 return con->v2.con_mode == CEPH_CON_MODE_SECURE; 357} 358 359static int front_len(const struct ceph_msg *msg) 360{ 361 return le32_to_cpu(msg->hdr.front_len); 362} 363 364static int middle_len(const struct ceph_msg *msg) 365{ 366 return le32_to_cpu(msg->hdr.middle_len); 367} 368 369static int data_len(const struct ceph_msg *msg) 370{ 371 return le32_to_cpu(msg->hdr.data_len); 372} 373 374static bool need_padding(int len) 375{ 376 return !IS_ALIGNED(len, CEPH_GCM_BLOCK_LEN); 377} 378 379static int padded_len(int len) 380{ 381 return ALIGN(len, CEPH_GCM_BLOCK_LEN); 382} 383 384static int padding_len(int len) 385{ 386 return padded_len(len) - len; 387} 388 389/* preamble + control segment */ 390static int head_onwire_len(int ctrl_len, bool secure) 391{ 392 int head_len; 393 int rem_len; 394 395 if (secure) { 396 head_len = CEPH_PREAMBLE_SECURE_LEN; 397 if (ctrl_len > CEPH_PREAMBLE_INLINE_LEN) { 398 rem_len = ctrl_len - CEPH_PREAMBLE_INLINE_LEN; 399 head_len += padded_len(rem_len) + CEPH_GCM_TAG_LEN; 400 } 401 } else { 402 head_len = CEPH_PREAMBLE_PLAIN_LEN; 403 if (ctrl_len) 404 head_len += ctrl_len + CEPH_CRC_LEN; 405 } 406 return head_len; 407} 408 409/* front, middle and data segments + epilogue */ 410static int __tail_onwire_len(int front_len, int middle_len, int data_len, 411 bool secure) 412{ 413 if (!front_len && !middle_len && !data_len) 414 return 0; 415 416 if (!secure) 417 return front_len + middle_len + data_len + 418 CEPH_EPILOGUE_PLAIN_LEN; 419 420 return padded_len(front_len) + padded_len(middle_len) + 421 padded_len(data_len) + CEPH_EPILOGUE_SECURE_LEN; 422} 423 424static int tail_onwire_len(const struct ceph_msg *msg, bool secure) 425{ 426 return __tail_onwire_len(front_len(msg), middle_len(msg), 427 data_len(msg), secure); 428} 429 430/* head_onwire_len(sizeof(struct ceph_msg_header2), false) */ 431#define MESSAGE_HEAD_PLAIN_LEN (CEPH_PREAMBLE_PLAIN_LEN + \ 432 sizeof(struct ceph_msg_header2) + \ 433 CEPH_CRC_LEN) 434 435static const int frame_aligns[] = { 436 sizeof(void *), 437 sizeof(void *), 438 sizeof(void *), 439 PAGE_SIZE 440}; 441 442/* 443 * Discards trailing empty segments, unless there is just one segment. 444 * A frame always has at least one (possibly empty) segment. 445 */ 446static int calc_segment_count(const int *lens, int len_cnt) 447{ 448 int i; 449 450 for (i = len_cnt - 1; i >= 0; i--) { 451 if (lens[i]) 452 return i + 1; 453 } 454 455 return 1; 456} 457 458static void init_frame_desc(struct ceph_frame_desc *desc, int tag, 459 const int *lens, int len_cnt) 460{ 461 int i; 462 463 memset(desc, 0, sizeof(*desc)); 464 465 desc->fd_tag = tag; 466 desc->fd_seg_cnt = calc_segment_count(lens, len_cnt); 467 BUG_ON(desc->fd_seg_cnt > CEPH_FRAME_MAX_SEGMENT_COUNT); 468 for (i = 0; i < desc->fd_seg_cnt; i++) { 469 desc->fd_lens[i] = lens[i]; 470 desc->fd_aligns[i] = frame_aligns[i]; 471 } 472} 473 474/* 475 * Preamble crc covers everything up to itself (28 bytes) and 476 * is calculated and verified irrespective of the connection mode 477 * (i.e. even if the frame is encrypted). 478 */ 479static void encode_preamble(const struct ceph_frame_desc *desc, void *p) 480{ 481 void *crcp = p + CEPH_PREAMBLE_LEN - CEPH_CRC_LEN; 482 void *start = p; 483 int i; 484 485 memset(p, 0, CEPH_PREAMBLE_LEN); 486 487 ceph_encode_8(&p, desc->fd_tag); 488 ceph_encode_8(&p, desc->fd_seg_cnt); 489 for (i = 0; i < desc->fd_seg_cnt; i++) { 490 ceph_encode_32(&p, desc->fd_lens[i]); 491 ceph_encode_16(&p, desc->fd_aligns[i]); 492 } 493 494 put_unaligned_le32(crc32c(0, start, crcp - start), crcp); 495} 496 497static int decode_preamble(void *p, struct ceph_frame_desc *desc) 498{ 499 void *crcp = p + CEPH_PREAMBLE_LEN - CEPH_CRC_LEN; 500 u32 crc, expected_crc; 501 int i; 502 503 crc = crc32c(0, p, crcp - p); 504 expected_crc = get_unaligned_le32(crcp); 505 if (crc != expected_crc) { 506 pr_err("bad preamble crc, calculated %u, expected %u\n", 507 crc, expected_crc); 508 return -EBADMSG; 509 } 510 511 memset(desc, 0, sizeof(*desc)); 512 513 desc->fd_tag = ceph_decode_8(&p); 514 desc->fd_seg_cnt = ceph_decode_8(&p); 515 if (desc->fd_seg_cnt < 1 || 516 desc->fd_seg_cnt > CEPH_FRAME_MAX_SEGMENT_COUNT) { 517 pr_err("bad segment count %d\n", desc->fd_seg_cnt); 518 return -EINVAL; 519 } 520 for (i = 0; i < desc->fd_seg_cnt; i++) { 521 desc->fd_lens[i] = ceph_decode_32(&p); 522 desc->fd_aligns[i] = ceph_decode_16(&p); 523 } 524 525 /* 526 * This would fire for FRAME_TAG_WAIT (it has one empty 527 * segment), but we should never get it as client. 528 */ 529 if (!desc->fd_lens[desc->fd_seg_cnt - 1]) { 530 pr_err("last segment empty\n"); 531 return -EINVAL; 532 } 533 534 if (desc->fd_lens[0] > CEPH_MSG_MAX_CONTROL_LEN) { 535 pr_err("control segment too big %d\n", desc->fd_lens[0]); 536 return -EINVAL; 537 } 538 if (desc->fd_lens[1] > CEPH_MSG_MAX_FRONT_LEN) { 539 pr_err("front segment too big %d\n", desc->fd_lens[1]); 540 return -EINVAL; 541 } 542 if (desc->fd_lens[2] > CEPH_MSG_MAX_MIDDLE_LEN) { 543 pr_err("middle segment too big %d\n", desc->fd_lens[2]); 544 return -EINVAL; 545 } 546 if (desc->fd_lens[3] > CEPH_MSG_MAX_DATA_LEN) { 547 pr_err("data segment too big %d\n", desc->fd_lens[3]); 548 return -EINVAL; 549 } 550 551 return 0; 552} 553 554static void encode_epilogue_plain(struct ceph_connection *con, bool aborted) 555{ 556 con->v2.out_epil.late_status = aborted ? FRAME_LATE_STATUS_ABORTED : 557 FRAME_LATE_STATUS_COMPLETE; 558 cpu_to_le32s(&con->v2.out_epil.front_crc); 559 cpu_to_le32s(&con->v2.out_epil.middle_crc); 560 cpu_to_le32s(&con->v2.out_epil.data_crc); 561} 562 563static void encode_epilogue_secure(struct ceph_connection *con, bool aborted) 564{ 565 memset(&con->v2.out_epil, 0, sizeof(con->v2.out_epil)); 566 con->v2.out_epil.late_status = aborted ? FRAME_LATE_STATUS_ABORTED : 567 FRAME_LATE_STATUS_COMPLETE; 568} 569 570static int decode_epilogue(void *p, u32 *front_crc, u32 *middle_crc, 571 u32 *data_crc) 572{ 573 u8 late_status; 574 575 late_status = ceph_decode_8(&p); 576 if ((late_status & FRAME_LATE_STATUS_ABORTED_MASK) != 577 FRAME_LATE_STATUS_COMPLETE) { 578 /* we should never get an aborted message as client */ 579 pr_err("bad late_status 0x%x\n", late_status); 580 return -EINVAL; 581 } 582 583 if (front_crc && middle_crc && data_crc) { 584 *front_crc = ceph_decode_32(&p); 585 *middle_crc = ceph_decode_32(&p); 586 *data_crc = ceph_decode_32(&p); 587 } 588 589 return 0; 590} 591 592static void fill_header(struct ceph_msg_header *hdr, 593 const struct ceph_msg_header2 *hdr2, 594 int front_len, int middle_len, int data_len, 595 const struct ceph_entity_name *peer_name) 596{ 597 hdr->seq = hdr2->seq; 598 hdr->tid = hdr2->tid; 599 hdr->type = hdr2->type; 600 hdr->priority = hdr2->priority; 601 hdr->version = hdr2->version; 602 hdr->front_len = cpu_to_le32(front_len); 603 hdr->middle_len = cpu_to_le32(middle_len); 604 hdr->data_len = cpu_to_le32(data_len); 605 hdr->data_off = hdr2->data_off; 606 hdr->src = *peer_name; 607 hdr->compat_version = hdr2->compat_version; 608 hdr->reserved = 0; 609 hdr->crc = 0; 610} 611 612static void fill_header2(struct ceph_msg_header2 *hdr2, 613 const struct ceph_msg_header *hdr, u64 ack_seq) 614{ 615 hdr2->seq = hdr->seq; 616 hdr2->tid = hdr->tid; 617 hdr2->type = hdr->type; 618 hdr2->priority = hdr->priority; 619 hdr2->version = hdr->version; 620 hdr2->data_pre_padding_len = 0; 621 hdr2->data_off = hdr->data_off; 622 hdr2->ack_seq = cpu_to_le64(ack_seq); 623 hdr2->flags = 0; 624 hdr2->compat_version = hdr->compat_version; 625 hdr2->reserved = 0; 626} 627 628static int verify_control_crc(struct ceph_connection *con) 629{ 630 int ctrl_len = con->v2.in_desc.fd_lens[0]; 631 u32 crc, expected_crc; 632 633 WARN_ON(con->v2.in_kvecs[0].iov_len != ctrl_len); 634 WARN_ON(con->v2.in_kvecs[1].iov_len != CEPH_CRC_LEN); 635 636 crc = crc32c(-1, con->v2.in_kvecs[0].iov_base, ctrl_len); 637 expected_crc = get_unaligned_le32(con->v2.in_kvecs[1].iov_base); 638 if (crc != expected_crc) { 639 pr_err("bad control crc, calculated %u, expected %u\n", 640 crc, expected_crc); 641 return -EBADMSG; 642 } 643 644 return 0; 645} 646 647static int verify_epilogue_crcs(struct ceph_connection *con, u32 front_crc, 648 u32 middle_crc, u32 data_crc) 649{ 650 if (front_len(con->in_msg)) { 651 con->in_front_crc = crc32c(-1, con->in_msg->front.iov_base, 652 front_len(con->in_msg)); 653 } else { 654 WARN_ON(!middle_len(con->in_msg) && !data_len(con->in_msg)); 655 con->in_front_crc = -1; 656 } 657 658 if (middle_len(con->in_msg)) 659 con->in_middle_crc = crc32c(-1, 660 con->in_msg->middle->vec.iov_base, 661 middle_len(con->in_msg)); 662 else if (data_len(con->in_msg)) 663 con->in_middle_crc = -1; 664 else 665 con->in_middle_crc = 0; 666 667 if (!data_len(con->in_msg)) 668 con->in_data_crc = 0; 669 670 dout("%s con %p msg %p crcs %u %u %u\n", __func__, con, con->in_msg, 671 con->in_front_crc, con->in_middle_crc, con->in_data_crc); 672 673 if (con->in_front_crc != front_crc) { 674 pr_err("bad front crc, calculated %u, expected %u\n", 675 con->in_front_crc, front_crc); 676 return -EBADMSG; 677 } 678 if (con->in_middle_crc != middle_crc) { 679 pr_err("bad middle crc, calculated %u, expected %u\n", 680 con->in_middle_crc, middle_crc); 681 return -EBADMSG; 682 } 683 if (con->in_data_crc != data_crc) { 684 pr_err("bad data crc, calculated %u, expected %u\n", 685 con->in_data_crc, data_crc); 686 return -EBADMSG; 687 } 688 689 return 0; 690} 691 692static int setup_crypto(struct ceph_connection *con, 693 const u8 *session_key, int session_key_len, 694 const u8 *con_secret, int con_secret_len) 695{ 696 unsigned int noio_flag; 697 int ret; 698 699 dout("%s con %p con_mode %d session_key_len %d con_secret_len %d\n", 700 __func__, con, con->v2.con_mode, session_key_len, con_secret_len); 701 WARN_ON(con->v2.hmac_tfm || con->v2.gcm_tfm || con->v2.gcm_req); 702 703 if (con->v2.con_mode != CEPH_CON_MODE_CRC && 704 con->v2.con_mode != CEPH_CON_MODE_SECURE) { 705 pr_err("bad con_mode %d\n", con->v2.con_mode); 706 return -EINVAL; 707 } 708 709 if (!session_key_len) { 710 WARN_ON(con->v2.con_mode != CEPH_CON_MODE_CRC); 711 WARN_ON(con_secret_len); 712 return 0; /* auth_none */ 713 } 714 715 noio_flag = memalloc_noio_save(); 716 con->v2.hmac_tfm = crypto_alloc_shash("hmac(sha256)", 0, 0); 717 memalloc_noio_restore(noio_flag); 718 if (IS_ERR(con->v2.hmac_tfm)) { 719 ret = PTR_ERR(con->v2.hmac_tfm); 720 con->v2.hmac_tfm = NULL; 721 pr_err("failed to allocate hmac tfm context: %d\n", ret); 722 return ret; 723 } 724 725 WARN_ON((unsigned long)session_key & 726 crypto_shash_alignmask(con->v2.hmac_tfm)); 727 ret = crypto_shash_setkey(con->v2.hmac_tfm, session_key, 728 session_key_len); 729 if (ret) { 730 pr_err("failed to set hmac key: %d\n", ret); 731 return ret; 732 } 733 734 if (con->v2.con_mode == CEPH_CON_MODE_CRC) { 735 WARN_ON(con_secret_len); 736 return 0; /* auth_x, plain mode */ 737 } 738 739 if (con_secret_len < CEPH_GCM_KEY_LEN + 2 * CEPH_GCM_IV_LEN) { 740 pr_err("con_secret too small %d\n", con_secret_len); 741 return -EINVAL; 742 } 743 744 noio_flag = memalloc_noio_save(); 745 con->v2.gcm_tfm = crypto_alloc_aead("gcm(aes)", 0, 0); 746 memalloc_noio_restore(noio_flag); 747 if (IS_ERR(con->v2.gcm_tfm)) { 748 ret = PTR_ERR(con->v2.gcm_tfm); 749 con->v2.gcm_tfm = NULL; 750 pr_err("failed to allocate gcm tfm context: %d\n", ret); 751 return ret; 752 } 753 754 WARN_ON((unsigned long)con_secret & 755 crypto_aead_alignmask(con->v2.gcm_tfm)); 756 ret = crypto_aead_setkey(con->v2.gcm_tfm, con_secret, CEPH_GCM_KEY_LEN); 757 if (ret) { 758 pr_err("failed to set gcm key: %d\n", ret); 759 return ret; 760 } 761 762 WARN_ON(crypto_aead_ivsize(con->v2.gcm_tfm) != CEPH_GCM_IV_LEN); 763 ret = crypto_aead_setauthsize(con->v2.gcm_tfm, CEPH_GCM_TAG_LEN); 764 if (ret) { 765 pr_err("failed to set gcm tag size: %d\n", ret); 766 return ret; 767 } 768 769 con->v2.gcm_req = aead_request_alloc(con->v2.gcm_tfm, GFP_NOIO); 770 if (!con->v2.gcm_req) { 771 pr_err("failed to allocate gcm request\n"); 772 return -ENOMEM; 773 } 774 775 crypto_init_wait(&con->v2.gcm_wait); 776 aead_request_set_callback(con->v2.gcm_req, CRYPTO_TFM_REQ_MAY_BACKLOG, 777 crypto_req_done, &con->v2.gcm_wait); 778 779 memcpy(&con->v2.in_gcm_nonce, con_secret + CEPH_GCM_KEY_LEN, 780 CEPH_GCM_IV_LEN); 781 memcpy(&con->v2.out_gcm_nonce, 782 con_secret + CEPH_GCM_KEY_LEN + CEPH_GCM_IV_LEN, 783 CEPH_GCM_IV_LEN); 784 return 0; /* auth_x, secure mode */ 785} 786 787static int hmac_sha256(struct ceph_connection *con, const struct kvec *kvecs, 788 int kvec_cnt, u8 *hmac) 789{ 790 SHASH_DESC_ON_STACK(desc, con->v2.hmac_tfm); /* tfm arg is ignored */ 791 int ret; 792 int i; 793 794 dout("%s con %p hmac_tfm %p kvec_cnt %d\n", __func__, con, 795 con->v2.hmac_tfm, kvec_cnt); 796 797 if (!con->v2.hmac_tfm) { 798 memset(hmac, 0, SHA256_DIGEST_SIZE); 799 return 0; /* auth_none */ 800 } 801 802 desc->tfm = con->v2.hmac_tfm; 803 ret = crypto_shash_init(desc); 804 if (ret) 805 goto out; 806 807 for (i = 0; i < kvec_cnt; i++) { 808 WARN_ON((unsigned long)kvecs[i].iov_base & 809 crypto_shash_alignmask(con->v2.hmac_tfm)); 810 ret = crypto_shash_update(desc, kvecs[i].iov_base, 811 kvecs[i].iov_len); 812 if (ret) 813 goto out; 814 } 815 816 ret = crypto_shash_final(desc, hmac); 817 818out: 819 shash_desc_zero(desc); 820 return ret; /* auth_x, both plain and secure modes */ 821} 822 823static void gcm_inc_nonce(struct ceph_gcm_nonce *nonce) 824{ 825 u64 counter; 826 827 counter = le64_to_cpu(nonce->counter); 828 nonce->counter = cpu_to_le64(counter + 1); 829} 830 831static int gcm_crypt(struct ceph_connection *con, bool encrypt, 832 struct scatterlist *src, struct scatterlist *dst, 833 int src_len) 834{ 835 struct ceph_gcm_nonce *nonce; 836 int ret; 837 838 nonce = encrypt ? &con->v2.out_gcm_nonce : &con->v2.in_gcm_nonce; 839 840 aead_request_set_ad(con->v2.gcm_req, 0); /* no AAD */ 841 aead_request_set_crypt(con->v2.gcm_req, src, dst, src_len, (u8 *)nonce); 842 ret = crypto_wait_req(encrypt ? crypto_aead_encrypt(con->v2.gcm_req) : 843 crypto_aead_decrypt(con->v2.gcm_req), 844 &con->v2.gcm_wait); 845 if (ret) 846 return ret; 847 848 gcm_inc_nonce(nonce); 849 return 0; 850} 851 852static void get_bvec_at(struct ceph_msg_data_cursor *cursor, 853 struct bio_vec *bv) 854{ 855 struct page *page; 856 size_t off, len; 857 858 WARN_ON(!cursor->total_resid); 859 860 /* skip zero-length data items */ 861 while (!cursor->resid) 862 ceph_msg_data_advance(cursor, 0); 863 864 /* get a piece of data, cursor isn't advanced */ 865 page = ceph_msg_data_next(cursor, &off, &len, NULL); 866 867 bv->bv_page = page; 868 bv->bv_offset = off; 869 bv->bv_len = len; 870} 871 872static int calc_sg_cnt(void *buf, int buf_len) 873{ 874 int sg_cnt; 875 876 if (!buf_len) 877 return 0; 878 879 sg_cnt = need_padding(buf_len) ? 1 : 0; 880 if (is_vmalloc_addr(buf)) { 881 WARN_ON(offset_in_page(buf)); 882 sg_cnt += PAGE_ALIGN(buf_len) >> PAGE_SHIFT; 883 } else { 884 sg_cnt++; 885 } 886 887 return sg_cnt; 888} 889 890static int calc_sg_cnt_cursor(struct ceph_msg_data_cursor *cursor) 891{ 892 int data_len = cursor->total_resid; 893 struct bio_vec bv; 894 int sg_cnt; 895 896 if (!data_len) 897 return 0; 898 899 sg_cnt = need_padding(data_len) ? 1 : 0; 900 do { 901 get_bvec_at(cursor, &bv); 902 sg_cnt++; 903 904 ceph_msg_data_advance(cursor, bv.bv_len); 905 } while (cursor->total_resid); 906 907 return sg_cnt; 908} 909 910static void init_sgs(struct scatterlist **sg, void *buf, int buf_len, u8 *pad) 911{ 912 void *end = buf + buf_len; 913 struct page *page; 914 int len; 915 void *p; 916 917 if (!buf_len) 918 return; 919 920 if (is_vmalloc_addr(buf)) { 921 p = buf; 922 do { 923 page = vmalloc_to_page(p); 924 len = min_t(int, end - p, PAGE_SIZE); 925 WARN_ON(!page || !len || offset_in_page(p)); 926 sg_set_page(*sg, page, len, 0); 927 *sg = sg_next(*sg); 928 p += len; 929 } while (p != end); 930 } else { 931 sg_set_buf(*sg, buf, buf_len); 932 *sg = sg_next(*sg); 933 } 934 935 if (need_padding(buf_len)) { 936 sg_set_buf(*sg, pad, padding_len(buf_len)); 937 *sg = sg_next(*sg); 938 } 939} 940 941static void init_sgs_cursor(struct scatterlist **sg, 942 struct ceph_msg_data_cursor *cursor, u8 *pad) 943{ 944 int data_len = cursor->total_resid; 945 struct bio_vec bv; 946 947 if (!data_len) 948 return; 949 950 do { 951 get_bvec_at(cursor, &bv); 952 sg_set_page(*sg, bv.bv_page, bv.bv_len, bv.bv_offset); 953 *sg = sg_next(*sg); 954 955 ceph_msg_data_advance(cursor, bv.bv_len); 956 } while (cursor->total_resid); 957 958 if (need_padding(data_len)) { 959 sg_set_buf(*sg, pad, padding_len(data_len)); 960 *sg = sg_next(*sg); 961 } 962} 963 964static int setup_message_sgs(struct sg_table *sgt, struct ceph_msg *msg, 965 u8 *front_pad, u8 *middle_pad, u8 *data_pad, 966 void *epilogue, bool add_tag) 967{ 968 struct ceph_msg_data_cursor cursor; 969 struct scatterlist *cur_sg; 970 int sg_cnt; 971 int ret; 972 973 if (!front_len(msg) && !middle_len(msg) && !data_len(msg)) 974 return 0; 975 976 sg_cnt = 1; /* epilogue + [auth tag] */ 977 if (front_len(msg)) 978 sg_cnt += calc_sg_cnt(msg->front.iov_base, 979 front_len(msg)); 980 if (middle_len(msg)) 981 sg_cnt += calc_sg_cnt(msg->middle->vec.iov_base, 982 middle_len(msg)); 983 if (data_len(msg)) { 984 ceph_msg_data_cursor_init(&cursor, msg, data_len(msg)); 985 sg_cnt += calc_sg_cnt_cursor(&cursor); 986 } 987 988 ret = sg_alloc_table(sgt, sg_cnt, GFP_NOIO); 989 if (ret) 990 return ret; 991 992 cur_sg = sgt->sgl; 993 if (front_len(msg)) 994 init_sgs(&cur_sg, msg->front.iov_base, front_len(msg), 995 front_pad); 996 if (middle_len(msg)) 997 init_sgs(&cur_sg, msg->middle->vec.iov_base, middle_len(msg), 998 middle_pad); 999 if (data_len(msg)) { 1000 ceph_msg_data_cursor_init(&cursor, msg, data_len(msg)); 1001 init_sgs_cursor(&cur_sg, &cursor, data_pad); 1002 } 1003 1004 WARN_ON(!sg_is_last(cur_sg)); 1005 sg_set_buf(cur_sg, epilogue, 1006 CEPH_GCM_BLOCK_LEN + (add_tag ? CEPH_GCM_TAG_LEN : 0)); 1007 return 0; 1008} 1009 1010static int decrypt_preamble(struct ceph_connection *con) 1011{ 1012 struct scatterlist sg; 1013 1014 sg_init_one(&sg, con->v2.in_buf, CEPH_PREAMBLE_SECURE_LEN); 1015 return gcm_crypt(con, false, &sg, &sg, CEPH_PREAMBLE_SECURE_LEN); 1016} 1017 1018static int decrypt_control_remainder(struct ceph_connection *con) 1019{ 1020 int ctrl_len = con->v2.in_desc.fd_lens[0]; 1021 int rem_len = ctrl_len - CEPH_PREAMBLE_INLINE_LEN; 1022 int pt_len = padding_len(rem_len) + CEPH_GCM_TAG_LEN; 1023 struct scatterlist sgs[2]; 1024 1025 WARN_ON(con->v2.in_kvecs[0].iov_len != rem_len); 1026 WARN_ON(con->v2.in_kvecs[1].iov_len != pt_len); 1027 1028 sg_init_table(sgs, 2); 1029 sg_set_buf(&sgs[0], con->v2.in_kvecs[0].iov_base, rem_len); 1030 sg_set_buf(&sgs[1], con->v2.in_buf, pt_len); 1031 1032 return gcm_crypt(con, false, sgs, sgs, 1033 padded_len(rem_len) + CEPH_GCM_TAG_LEN); 1034} 1035 1036static int decrypt_tail(struct ceph_connection *con) 1037{ 1038 struct sg_table enc_sgt = {}; 1039 struct sg_table sgt = {}; 1040 int tail_len; 1041 int ret; 1042 1043 tail_len = tail_onwire_len(con->in_msg, true); 1044 ret = sg_alloc_table_from_pages(&enc_sgt, con->v2.in_enc_pages, 1045 con->v2.in_enc_page_cnt, 0, tail_len, 1046 GFP_NOIO); 1047 if (ret) 1048 goto out; 1049 1050 ret = setup_message_sgs(&sgt, con->in_msg, FRONT_PAD(con->v2.in_buf), 1051 MIDDLE_PAD(con->v2.in_buf), DATA_PAD(con->v2.in_buf), 1052 con->v2.in_buf, true); 1053 if (ret) 1054 goto out; 1055 1056 dout("%s con %p msg %p enc_page_cnt %d sg_cnt %d\n", __func__, con, 1057 con->in_msg, con->v2.in_enc_page_cnt, sgt.orig_nents); 1058 ret = gcm_crypt(con, false, enc_sgt.sgl, sgt.sgl, tail_len); 1059 if (ret) 1060 goto out; 1061 1062 WARN_ON(!con->v2.in_enc_page_cnt); 1063 ceph_release_page_vector(con->v2.in_enc_pages, 1064 con->v2.in_enc_page_cnt); 1065 con->v2.in_enc_pages = NULL; 1066 con->v2.in_enc_page_cnt = 0; 1067 1068out: 1069 sg_free_table(&sgt); 1070 sg_free_table(&enc_sgt); 1071 return ret; 1072} 1073 1074static int prepare_banner(struct ceph_connection *con) 1075{ 1076 int buf_len = CEPH_BANNER_V2_LEN + 2 + 8 + 8; 1077 void *buf, *p; 1078 1079 buf = alloc_conn_buf(con, buf_len); 1080 if (!buf) 1081 return -ENOMEM; 1082 1083 p = buf; 1084 ceph_encode_copy(&p, CEPH_BANNER_V2, CEPH_BANNER_V2_LEN); 1085 ceph_encode_16(&p, sizeof(u64) + sizeof(u64)); 1086 ceph_encode_64(&p, CEPH_MSGR2_SUPPORTED_FEATURES); 1087 ceph_encode_64(&p, CEPH_MSGR2_REQUIRED_FEATURES); 1088 WARN_ON(p != buf + buf_len); 1089 1090 add_out_kvec(con, buf, buf_len); 1091 add_out_sign_kvec(con, buf, buf_len); 1092 ceph_con_flag_set(con, CEPH_CON_F_WRITE_PENDING); 1093 return 0; 1094} 1095 1096/* 1097 * base: 1098 * preamble 1099 * control body (ctrl_len bytes) 1100 * space for control crc 1101 * 1102 * extdata (optional): 1103 * control body (extdata_len bytes) 1104 * 1105 * Compute control crc and gather base and extdata into: 1106 * 1107 * preamble 1108 * control body (ctrl_len + extdata_len bytes) 1109 * control crc 1110 * 1111 * Preamble should already be encoded at the start of base. 1112 */ 1113static void prepare_head_plain(struct ceph_connection *con, void *base, 1114 int ctrl_len, void *extdata, int extdata_len, 1115 bool to_be_signed) 1116{ 1117 int base_len = CEPH_PREAMBLE_LEN + ctrl_len + CEPH_CRC_LEN; 1118 void *crcp = base + base_len - CEPH_CRC_LEN; 1119 u32 crc; 1120 1121 crc = crc32c(-1, CTRL_BODY(base), ctrl_len); 1122 if (extdata_len) 1123 crc = crc32c(crc, extdata, extdata_len); 1124 put_unaligned_le32(crc, crcp); 1125 1126 if (!extdata_len) { 1127 add_out_kvec(con, base, base_len); 1128 if (to_be_signed) 1129 add_out_sign_kvec(con, base, base_len); 1130 return; 1131 } 1132 1133 add_out_kvec(con, base, crcp - base); 1134 add_out_kvec(con, extdata, extdata_len); 1135 add_out_kvec(con, crcp, CEPH_CRC_LEN); 1136 if (to_be_signed) { 1137 add_out_sign_kvec(con, base, crcp - base); 1138 add_out_sign_kvec(con, extdata, extdata_len); 1139 add_out_sign_kvec(con, crcp, CEPH_CRC_LEN); 1140 } 1141} 1142 1143static int prepare_head_secure_small(struct ceph_connection *con, 1144 void *base, int ctrl_len) 1145{ 1146 struct scatterlist sg; 1147 int ret; 1148 1149 /* inline buffer padding? */ 1150 if (ctrl_len < CEPH_PREAMBLE_INLINE_LEN) 1151 memset(CTRL_BODY(base) + ctrl_len, 0, 1152 CEPH_PREAMBLE_INLINE_LEN - ctrl_len); 1153 1154 sg_init_one(&sg, base, CEPH_PREAMBLE_SECURE_LEN); 1155 ret = gcm_crypt(con, true, &sg, &sg, 1156 CEPH_PREAMBLE_SECURE_LEN - CEPH_GCM_TAG_LEN); 1157 if (ret) 1158 return ret; 1159 1160 add_out_kvec(con, base, CEPH_PREAMBLE_SECURE_LEN); 1161 return 0; 1162} 1163 1164/* 1165 * base: 1166 * preamble 1167 * control body (ctrl_len bytes) 1168 * space for padding, if needed 1169 * space for control remainder auth tag 1170 * space for preamble auth tag 1171 * 1172 * Encrypt preamble and the inline portion, then encrypt the remainder 1173 * and gather into: 1174 * 1175 * preamble 1176 * control body (48 bytes) 1177 * preamble auth tag 1178 * control body (ctrl_len - 48 bytes) 1179 * zero padding, if needed 1180 * control remainder auth tag 1181 * 1182 * Preamble should already be encoded at the start of base. 1183 */ 1184static int prepare_head_secure_big(struct ceph_connection *con, 1185 void *base, int ctrl_len) 1186{ 1187 int rem_len = ctrl_len - CEPH_PREAMBLE_INLINE_LEN; 1188 void *rem = CTRL_BODY(base) + CEPH_PREAMBLE_INLINE_LEN; 1189 void *rem_tag = rem + padded_len(rem_len); 1190 void *pmbl_tag = rem_tag + CEPH_GCM_TAG_LEN; 1191 struct scatterlist sgs[2]; 1192 int ret; 1193 1194 sg_init_table(sgs, 2); 1195 sg_set_buf(&sgs[0], base, rem - base); 1196 sg_set_buf(&sgs[1], pmbl_tag, CEPH_GCM_TAG_LEN); 1197 ret = gcm_crypt(con, true, sgs, sgs, rem - base); 1198 if (ret) 1199 return ret; 1200 1201 /* control remainder padding? */ 1202 if (need_padding(rem_len)) 1203 memset(rem + rem_len, 0, padding_len(rem_len)); 1204 1205 sg_init_one(&sgs[0], rem, pmbl_tag - rem); 1206 ret = gcm_crypt(con, true, sgs, sgs, rem_tag - rem); 1207 if (ret) 1208 return ret; 1209 1210 add_out_kvec(con, base, rem - base); 1211 add_out_kvec(con, pmbl_tag, CEPH_GCM_TAG_LEN); 1212 add_out_kvec(con, rem, pmbl_tag - rem); 1213 return 0; 1214} 1215 1216static int __prepare_control(struct ceph_connection *con, int tag, 1217 void *base, int ctrl_len, void *extdata, 1218 int extdata_len, bool to_be_signed) 1219{ 1220 int total_len = ctrl_len + extdata_len; 1221 struct ceph_frame_desc desc; 1222 int ret; 1223 1224 dout("%s con %p tag %d len %d (%d+%d)\n", __func__, con, tag, 1225 total_len, ctrl_len, extdata_len); 1226 1227 /* extdata may be vmalloc'ed but not base */ 1228 if (WARN_ON(is_vmalloc_addr(base) || !ctrl_len)) 1229 return -EINVAL; 1230 1231 init_frame_desc(&desc, tag, &total_len, 1); 1232 encode_preamble(&desc, base); 1233 1234 if (con_secure(con)) { 1235 if (WARN_ON(extdata_len || to_be_signed)) 1236 return -EINVAL; 1237 1238 if (ctrl_len <= CEPH_PREAMBLE_INLINE_LEN) 1239 /* fully inlined, inline buffer may need padding */ 1240 ret = prepare_head_secure_small(con, base, ctrl_len); 1241 else 1242 /* partially inlined, inline buffer is full */ 1243 ret = prepare_head_secure_big(con, base, ctrl_len); 1244 if (ret) 1245 return ret; 1246 } else { 1247 prepare_head_plain(con, base, ctrl_len, extdata, extdata_len, 1248 to_be_signed); 1249 } 1250 1251 ceph_con_flag_set(con, CEPH_CON_F_WRITE_PENDING); 1252 return 0; 1253} 1254 1255static int prepare_control(struct ceph_connection *con, int tag, 1256 void *base, int ctrl_len) 1257{ 1258 return __prepare_control(con, tag, base, ctrl_len, NULL, 0, false); 1259} 1260 1261static int prepare_hello(struct ceph_connection *con) 1262{ 1263 void *buf, *p; 1264 int ctrl_len; 1265 1266 ctrl_len = 1 + ceph_entity_addr_encoding_len(&con->peer_addr); 1267 buf = alloc_conn_buf(con, head_onwire_len(ctrl_len, false)); 1268 if (!buf) 1269 return -ENOMEM; 1270 1271 p = CTRL_BODY(buf); 1272 ceph_encode_8(&p, CEPH_ENTITY_TYPE_CLIENT); 1273 ceph_encode_entity_addr(&p, &con->peer_addr); 1274 WARN_ON(p != CTRL_BODY(buf) + ctrl_len); 1275 1276 return __prepare_control(con, FRAME_TAG_HELLO, buf, ctrl_len, 1277 NULL, 0, true); 1278} 1279 1280/* so that head_onwire_len(AUTH_BUF_LEN, false) is 512 */ 1281#define AUTH_BUF_LEN (512 - CEPH_CRC_LEN - CEPH_PREAMBLE_PLAIN_LEN) 1282 1283static int prepare_auth_request(struct ceph_connection *con) 1284{ 1285 void *authorizer, *authorizer_copy; 1286 int ctrl_len, authorizer_len; 1287 void *buf; 1288 int ret; 1289 1290 ctrl_len = AUTH_BUF_LEN; 1291 buf = alloc_conn_buf(con, head_onwire_len(ctrl_len, false)); 1292 if (!buf) 1293 return -ENOMEM; 1294 1295 mutex_unlock(&con->mutex); 1296 ret = con->ops->get_auth_request(con, CTRL_BODY(buf), &ctrl_len, 1297 &authorizer, &authorizer_len); 1298 mutex_lock(&con->mutex); 1299 if (con->state != CEPH_CON_S_V2_HELLO) { 1300 dout("%s con %p state changed to %d\n", __func__, con, 1301 con->state); 1302 return -EAGAIN; 1303 } 1304 1305 dout("%s con %p get_auth_request ret %d\n", __func__, con, ret); 1306 if (ret) 1307 return ret; 1308 1309 authorizer_copy = alloc_conn_buf(con, authorizer_len); 1310 if (!authorizer_copy) 1311 return -ENOMEM; 1312 1313 memcpy(authorizer_copy, authorizer, authorizer_len); 1314 1315 return __prepare_control(con, FRAME_TAG_AUTH_REQUEST, buf, ctrl_len, 1316 authorizer_copy, authorizer_len, true); 1317} 1318 1319static int prepare_auth_request_more(struct ceph_connection *con, 1320 void *reply, int reply_len) 1321{ 1322 int ctrl_len, authorizer_len; 1323 void *authorizer; 1324 void *buf; 1325 int ret; 1326 1327 ctrl_len = AUTH_BUF_LEN; 1328 buf = alloc_conn_buf(con, head_onwire_len(ctrl_len, false)); 1329 if (!buf) 1330 return -ENOMEM; 1331 1332 mutex_unlock(&con->mutex); 1333 ret = con->ops->handle_auth_reply_more(con, reply, reply_len, 1334 CTRL_BODY(buf), &ctrl_len, 1335 &authorizer, &authorizer_len); 1336 mutex_lock(&con->mutex); 1337 if (con->state != CEPH_CON_S_V2_AUTH) { 1338 dout("%s con %p state changed to %d\n", __func__, con, 1339 con->state); 1340 return -EAGAIN; 1341 } 1342 1343 dout("%s con %p handle_auth_reply_more ret %d\n", __func__, con, ret); 1344 if (ret) 1345 return ret; 1346 1347 return __prepare_control(con, FRAME_TAG_AUTH_REQUEST_MORE, buf, 1348 ctrl_len, authorizer, authorizer_len, true); 1349} 1350 1351static int prepare_auth_signature(struct ceph_connection *con) 1352{ 1353 void *buf; 1354 int ret; 1355 1356 buf = alloc_conn_buf(con, head_onwire_len(SHA256_DIGEST_SIZE, 1357 con_secure(con))); 1358 if (!buf) 1359 return -ENOMEM; 1360 1361 ret = hmac_sha256(con, con->v2.in_sign_kvecs, con->v2.in_sign_kvec_cnt, 1362 CTRL_BODY(buf)); 1363 if (ret) 1364 return ret; 1365 1366 return prepare_control(con, FRAME_TAG_AUTH_SIGNATURE, buf, 1367 SHA256_DIGEST_SIZE); 1368} 1369 1370static int prepare_client_ident(struct ceph_connection *con) 1371{ 1372 struct ceph_entity_addr *my_addr = &con->msgr->inst.addr; 1373 struct ceph_client *client = from_msgr(con->msgr); 1374 u64 global_id = ceph_client_gid(client); 1375 void *buf, *p; 1376 int ctrl_len; 1377 1378 WARN_ON(con->v2.server_cookie); 1379 WARN_ON(con->v2.connect_seq); 1380 WARN_ON(con->v2.peer_global_seq); 1381 1382 if (!con->v2.client_cookie) { 1383 do { 1384 get_random_bytes(&con->v2.client_cookie, 1385 sizeof(con->v2.client_cookie)); 1386 } while (!con->v2.client_cookie); 1387 dout("%s con %p generated cookie 0x%llx\n", __func__, con, 1388 con->v2.client_cookie); 1389 } else { 1390 dout("%s con %p cookie already set 0x%llx\n", __func__, con, 1391 con->v2.client_cookie); 1392 } 1393 1394 dout("%s con %p my_addr %s/%u peer_addr %s/%u global_id %llu global_seq %llu features 0x%llx required_features 0x%llx cookie 0x%llx\n", 1395 __func__, con, ceph_pr_addr(my_addr), le32_to_cpu(my_addr->nonce), 1396 ceph_pr_addr(&con->peer_addr), le32_to_cpu(con->peer_addr.nonce), 1397 global_id, con->v2.global_seq, client->supported_features, 1398 client->required_features, con->v2.client_cookie); 1399 1400 ctrl_len = 1 + 4 + ceph_entity_addr_encoding_len(my_addr) + 1401 ceph_entity_addr_encoding_len(&con->peer_addr) + 6 * 8; 1402 buf = alloc_conn_buf(con, head_onwire_len(ctrl_len, con_secure(con))); 1403 if (!buf) 1404 return -ENOMEM; 1405 1406 p = CTRL_BODY(buf); 1407 ceph_encode_8(&p, 2); /* addrvec marker */ 1408 ceph_encode_32(&p, 1); /* addr_cnt */ 1409 ceph_encode_entity_addr(&p, my_addr); 1410 ceph_encode_entity_addr(&p, &con->peer_addr); 1411 ceph_encode_64(&p, global_id); 1412 ceph_encode_64(&p, con->v2.global_seq); 1413 ceph_encode_64(&p, client->supported_features); 1414 ceph_encode_64(&p, client->required_features); 1415 ceph_encode_64(&p, 0); /* flags */ 1416 ceph_encode_64(&p, con->v2.client_cookie); 1417 WARN_ON(p != CTRL_BODY(buf) + ctrl_len); 1418 1419 return prepare_control(con, FRAME_TAG_CLIENT_IDENT, buf, ctrl_len); 1420} 1421 1422static int prepare_session_reconnect(struct ceph_connection *con) 1423{ 1424 struct ceph_entity_addr *my_addr = &con->msgr->inst.addr; 1425 void *buf, *p; 1426 int ctrl_len; 1427 1428 WARN_ON(!con->v2.client_cookie); 1429 WARN_ON(!con->v2.server_cookie); 1430 WARN_ON(!con->v2.connect_seq); 1431 WARN_ON(!con->v2.peer_global_seq); 1432 1433 dout("%s con %p my_addr %s/%u client_cookie 0x%llx server_cookie 0x%llx global_seq %llu connect_seq %llu in_seq %llu\n", 1434 __func__, con, ceph_pr_addr(my_addr), le32_to_cpu(my_addr->nonce), 1435 con->v2.client_cookie, con->v2.server_cookie, con->v2.global_seq, 1436 con->v2.connect_seq, con->in_seq); 1437 1438 ctrl_len = 1 + 4 + ceph_entity_addr_encoding_len(my_addr) + 5 * 8; 1439 buf = alloc_conn_buf(con, head_onwire_len(ctrl_len, con_secure(con))); 1440 if (!buf) 1441 return -ENOMEM; 1442 1443 p = CTRL_BODY(buf); 1444 ceph_encode_8(&p, 2); /* entity_addrvec_t marker */ 1445 ceph_encode_32(&p, 1); /* my_addrs len */ 1446 ceph_encode_entity_addr(&p, my_addr); 1447 ceph_encode_64(&p, con->v2.client_cookie); 1448 ceph_encode_64(&p, con->v2.server_cookie); 1449 ceph_encode_64(&p, con->v2.global_seq); 1450 ceph_encode_64(&p, con->v2.connect_seq); 1451 ceph_encode_64(&p, con->in_seq); 1452 WARN_ON(p != CTRL_BODY(buf) + ctrl_len); 1453 1454 return prepare_control(con, FRAME_TAG_SESSION_RECONNECT, buf, ctrl_len); 1455} 1456 1457static int prepare_keepalive2(struct ceph_connection *con) 1458{ 1459 struct ceph_timespec *ts = CTRL_BODY(con->v2.out_buf); 1460 struct timespec64 now; 1461 1462 ktime_get_real_ts64(&now); 1463 dout("%s con %p timestamp %lld.%09ld\n", __func__, con, now.tv_sec, 1464 now.tv_nsec); 1465 1466 ceph_encode_timespec64(ts, &now); 1467 1468 reset_out_kvecs(con); 1469 return prepare_control(con, FRAME_TAG_KEEPALIVE2, con->v2.out_buf, 1470 sizeof(struct ceph_timespec)); 1471} 1472 1473static int prepare_ack(struct ceph_connection *con) 1474{ 1475 void *p; 1476 1477 dout("%s con %p in_seq_acked %llu -> %llu\n", __func__, con, 1478 con->in_seq_acked, con->in_seq); 1479 con->in_seq_acked = con->in_seq; 1480 1481 p = CTRL_BODY(con->v2.out_buf); 1482 ceph_encode_64(&p, con->in_seq_acked); 1483 1484 reset_out_kvecs(con); 1485 return prepare_control(con, FRAME_TAG_ACK, con->v2.out_buf, 8); 1486} 1487 1488static void prepare_epilogue_plain(struct ceph_connection *con, bool aborted) 1489{ 1490 dout("%s con %p msg %p aborted %d crcs %u %u %u\n", __func__, con, 1491 con->out_msg, aborted, con->v2.out_epil.front_crc, 1492 con->v2.out_epil.middle_crc, con->v2.out_epil.data_crc); 1493 1494 encode_epilogue_plain(con, aborted); 1495 add_out_kvec(con, &con->v2.out_epil, CEPH_EPILOGUE_PLAIN_LEN); 1496} 1497 1498/* 1499 * For "used" empty segments, crc is -1. For unused (trailing) 1500 * segments, crc is 0. 1501 */ 1502static void prepare_message_plain(struct ceph_connection *con) 1503{ 1504 struct ceph_msg *msg = con->out_msg; 1505 1506 prepare_head_plain(con, con->v2.out_buf, 1507 sizeof(struct ceph_msg_header2), NULL, 0, false); 1508 1509 if (!front_len(msg) && !middle_len(msg)) { 1510 if (!data_len(msg)) { 1511 /* 1512 * Empty message: once the head is written, 1513 * we are done -- there is no epilogue. 1514 */ 1515 con->v2.out_state = OUT_S_FINISH_MESSAGE; 1516 return; 1517 } 1518 1519 con->v2.out_epil.front_crc = -1; 1520 con->v2.out_epil.middle_crc = -1; 1521 con->v2.out_state = OUT_S_QUEUE_DATA; 1522 return; 1523 } 1524 1525 if (front_len(msg)) { 1526 con->v2.out_epil.front_crc = crc32c(-1, msg->front.iov_base, 1527 front_len(msg)); 1528 add_out_kvec(con, msg->front.iov_base, front_len(msg)); 1529 } else { 1530 /* middle (at least) is there, checked above */ 1531 con->v2.out_epil.front_crc = -1; 1532 } 1533 1534 if (middle_len(msg)) { 1535 con->v2.out_epil.middle_crc = 1536 crc32c(-1, msg->middle->vec.iov_base, middle_len(msg)); 1537 add_out_kvec(con, msg->middle->vec.iov_base, middle_len(msg)); 1538 } else { 1539 con->v2.out_epil.middle_crc = data_len(msg) ? -1 : 0; 1540 } 1541 1542 if (data_len(msg)) { 1543 con->v2.out_state = OUT_S_QUEUE_DATA; 1544 } else { 1545 con->v2.out_epil.data_crc = 0; 1546 prepare_epilogue_plain(con, false); 1547 con->v2.out_state = OUT_S_FINISH_MESSAGE; 1548 } 1549} 1550 1551/* 1552 * Unfortunately the kernel crypto API doesn't support streaming 1553 * (piecewise) operation for AEAD algorithms, so we can't get away 1554 * with a fixed size buffer and a couple sgs. Instead, we have to 1555 * allocate pages for the entire tail of the message (currently up 1556 * to ~32M) and two sgs arrays (up to ~256K each)... 1557 */ 1558static int prepare_message_secure(struct ceph_connection *con) 1559{ 1560 void *zerop = page_address(ceph_zero_page); 1561 struct sg_table enc_sgt = {}; 1562 struct sg_table sgt = {}; 1563 struct page **enc_pages; 1564 int enc_page_cnt; 1565 int tail_len; 1566 int ret; 1567 1568 ret = prepare_head_secure_small(con, con->v2.out_buf, 1569 sizeof(struct ceph_msg_header2)); 1570 if (ret) 1571 return ret; 1572 1573 tail_len = tail_onwire_len(con->out_msg, true); 1574 if (!tail_len) { 1575 /* 1576 * Empty message: once the head is written, 1577 * we are done -- there is no epilogue. 1578 */ 1579 con->v2.out_state = OUT_S_FINISH_MESSAGE; 1580 return 0; 1581 } 1582 1583 encode_epilogue_secure(con, false); 1584 ret = setup_message_sgs(&sgt, con->out_msg, zerop, zerop, zerop, 1585 &con->v2.out_epil, false); 1586 if (ret) 1587 goto out; 1588 1589 enc_page_cnt = calc_pages_for(0, tail_len); 1590 enc_pages = ceph_alloc_page_vector(enc_page_cnt, GFP_NOIO); 1591 if (IS_ERR(enc_pages)) { 1592 ret = PTR_ERR(enc_pages); 1593 goto out; 1594 } 1595 1596 WARN_ON(con->v2.out_enc_pages || con->v2.out_enc_page_cnt); 1597 con->v2.out_enc_pages = enc_pages; 1598 con->v2.out_enc_page_cnt = enc_page_cnt; 1599 con->v2.out_enc_resid = tail_len; 1600 con->v2.out_enc_i = 0; 1601 1602 ret = sg_alloc_table_from_pages(&enc_sgt, enc_pages, enc_page_cnt, 1603 0, tail_len, GFP_NOIO); 1604 if (ret) 1605 goto out; 1606 1607 ret = gcm_crypt(con, true, sgt.sgl, enc_sgt.sgl, 1608 tail_len - CEPH_GCM_TAG_LEN); 1609 if (ret) 1610 goto out; 1611 1612 dout("%s con %p msg %p sg_cnt %d enc_page_cnt %d\n", __func__, con, 1613 con->out_msg, sgt.orig_nents, enc_page_cnt); 1614 con->v2.out_state = OUT_S_QUEUE_ENC_PAGE; 1615 1616out: 1617 sg_free_table(&sgt); 1618 sg_free_table(&enc_sgt); 1619 return ret; 1620} 1621 1622static int prepare_message(struct ceph_connection *con) 1623{ 1624 int lens[] = { 1625 sizeof(struct ceph_msg_header2), 1626 front_len(con->out_msg), 1627 middle_len(con->out_msg), 1628 data_len(con->out_msg) 1629 }; 1630 struct ceph_frame_desc desc; 1631 int ret; 1632 1633 dout("%s con %p msg %p logical %d+%d+%d+%d\n", __func__, con, 1634 con->out_msg, lens[0], lens[1], lens[2], lens[3]); 1635 1636 if (con->in_seq > con->in_seq_acked) { 1637 dout("%s con %p in_seq_acked %llu -> %llu\n", __func__, con, 1638 con->in_seq_acked, con->in_seq); 1639 con->in_seq_acked = con->in_seq; 1640 } 1641 1642 reset_out_kvecs(con); 1643 init_frame_desc(&desc, FRAME_TAG_MESSAGE, lens, 4); 1644 encode_preamble(&desc, con->v2.out_buf); 1645 fill_header2(CTRL_BODY(con->v2.out_buf), &con->out_msg->hdr, 1646 con->in_seq_acked); 1647 1648 if (con_secure(con)) { 1649 ret = prepare_message_secure(con); 1650 if (ret) 1651 return ret; 1652 } else { 1653 prepare_message_plain(con); 1654 } 1655 1656 ceph_con_flag_set(con, CEPH_CON_F_WRITE_PENDING); 1657 return 0; 1658} 1659 1660static int prepare_read_banner_prefix(struct ceph_connection *con) 1661{ 1662 void *buf; 1663 1664 buf = alloc_conn_buf(con, CEPH_BANNER_V2_PREFIX_LEN); 1665 if (!buf) 1666 return -ENOMEM; 1667 1668 reset_in_kvecs(con); 1669 add_in_kvec(con, buf, CEPH_BANNER_V2_PREFIX_LEN); 1670 add_in_sign_kvec(con, buf, CEPH_BANNER_V2_PREFIX_LEN); 1671 con->state = CEPH_CON_S_V2_BANNER_PREFIX; 1672 return 0; 1673} 1674 1675static int prepare_read_banner_payload(struct ceph_connection *con, 1676 int payload_len) 1677{ 1678 void *buf; 1679 1680 buf = alloc_conn_buf(con, payload_len); 1681 if (!buf) 1682 return -ENOMEM; 1683 1684 reset_in_kvecs(con); 1685 add_in_kvec(con, buf, payload_len); 1686 add_in_sign_kvec(con, buf, payload_len); 1687 con->state = CEPH_CON_S_V2_BANNER_PAYLOAD; 1688 return 0; 1689} 1690 1691static void prepare_read_preamble(struct ceph_connection *con) 1692{ 1693 reset_in_kvecs(con); 1694 add_in_kvec(con, con->v2.in_buf, 1695 con_secure(con) ? CEPH_PREAMBLE_SECURE_LEN : 1696 CEPH_PREAMBLE_PLAIN_LEN); 1697 con->v2.in_state = IN_S_HANDLE_PREAMBLE; 1698} 1699 1700static int prepare_read_control(struct ceph_connection *con) 1701{ 1702 int ctrl_len = con->v2.in_desc.fd_lens[0]; 1703 int head_len; 1704 void *buf; 1705 1706 reset_in_kvecs(con); 1707 if (con->state == CEPH_CON_S_V2_HELLO || 1708 con->state == CEPH_CON_S_V2_AUTH) { 1709 head_len = head_onwire_len(ctrl_len, false); 1710 buf = alloc_conn_buf(con, head_len); 1711 if (!buf) 1712 return -ENOMEM; 1713 1714 /* preserve preamble */ 1715 memcpy(buf, con->v2.in_buf, CEPH_PREAMBLE_LEN); 1716 1717 add_in_kvec(con, CTRL_BODY(buf), ctrl_len); 1718 add_in_kvec(con, CTRL_BODY(buf) + ctrl_len, CEPH_CRC_LEN); 1719 add_in_sign_kvec(con, buf, head_len); 1720 } else { 1721 if (ctrl_len > CEPH_PREAMBLE_INLINE_LEN) { 1722 buf = alloc_conn_buf(con, ctrl_len); 1723 if (!buf) 1724 return -ENOMEM; 1725 1726 add_in_kvec(con, buf, ctrl_len); 1727 } else { 1728 add_in_kvec(con, CTRL_BODY(con->v2.in_buf), ctrl_len); 1729 } 1730 add_in_kvec(con, con->v2.in_buf, CEPH_CRC_LEN); 1731 } 1732 con->v2.in_state = IN_S_HANDLE_CONTROL; 1733 return 0; 1734} 1735 1736static int prepare_read_control_remainder(struct ceph_connection *con) 1737{ 1738 int ctrl_len = con->v2.in_desc.fd_lens[0]; 1739 int rem_len = ctrl_len - CEPH_PREAMBLE_INLINE_LEN; 1740 void *buf; 1741 1742 buf = alloc_conn_buf(con, ctrl_len); 1743 if (!buf) 1744 return -ENOMEM; 1745 1746 memcpy(buf, CTRL_BODY(con->v2.in_buf), CEPH_PREAMBLE_INLINE_LEN); 1747 1748 reset_in_kvecs(con); 1749 add_in_kvec(con, buf + CEPH_PREAMBLE_INLINE_LEN, rem_len); 1750 add_in_kvec(con, con->v2.in_buf, 1751 padding_len(rem_len) + CEPH_GCM_TAG_LEN); 1752 con->v2.in_state = IN_S_HANDLE_CONTROL_REMAINDER; 1753 return 0; 1754} 1755 1756static int prepare_read_data(struct ceph_connection *con) 1757{ 1758 struct bio_vec bv; 1759 1760 con->in_data_crc = -1; 1761 ceph_msg_data_cursor_init(&con->v2.in_cursor, con->in_msg, 1762 data_len(con->in_msg)); 1763 1764 get_bvec_at(&con->v2.in_cursor, &bv); 1765 if (ceph_test_opt(from_msgr(con->msgr), RXBOUNCE)) { 1766 if (unlikely(!con->bounce_page)) { 1767 con->bounce_page = alloc_page(GFP_NOIO); 1768 if (!con->bounce_page) { 1769 pr_err("failed to allocate bounce page\n"); 1770 return -ENOMEM; 1771 } 1772 } 1773 1774 bv.bv_page = con->bounce_page; 1775 bv.bv_offset = 0; 1776 } 1777 set_in_bvec(con, &bv); 1778 con->v2.in_state = IN_S_PREPARE_READ_DATA_CONT; 1779 return 0; 1780} 1781 1782static void prepare_read_data_cont(struct ceph_connection *con) 1783{ 1784 struct bio_vec bv; 1785 1786 if (ceph_test_opt(from_msgr(con->msgr), RXBOUNCE)) { 1787 con->in_data_crc = crc32c(con->in_data_crc, 1788 page_address(con->bounce_page), 1789 con->v2.in_bvec.bv_len); 1790 1791 get_bvec_at(&con->v2.in_cursor, &bv); 1792 memcpy_to_page(bv.bv_page, bv.bv_offset, 1793 page_address(con->bounce_page), 1794 con->v2.in_bvec.bv_len); 1795 } else { 1796 con->in_data_crc = ceph_crc32c_page(con->in_data_crc, 1797 con->v2.in_bvec.bv_page, 1798 con->v2.in_bvec.bv_offset, 1799 con->v2.in_bvec.bv_len); 1800 } 1801 1802 ceph_msg_data_advance(&con->v2.in_cursor, con->v2.in_bvec.bv_len); 1803 if (con->v2.in_cursor.total_resid) { 1804 get_bvec_at(&con->v2.in_cursor, &bv); 1805 if (ceph_test_opt(from_msgr(con->msgr), RXBOUNCE)) { 1806 bv.bv_page = con->bounce_page; 1807 bv.bv_offset = 0; 1808 } 1809 set_in_bvec(con, &bv); 1810 WARN_ON(con->v2.in_state != IN_S_PREPARE_READ_DATA_CONT); 1811 return; 1812 } 1813 1814 /* 1815 * We've read all data. Prepare to read epilogue. 1816 */ 1817 reset_in_kvecs(con); 1818 add_in_kvec(con, con->v2.in_buf, CEPH_EPILOGUE_PLAIN_LEN); 1819 con->v2.in_state = IN_S_HANDLE_EPILOGUE; 1820} 1821 1822static int prepare_read_tail_plain(struct ceph_connection *con) 1823{ 1824 struct ceph_msg *msg = con->in_msg; 1825 1826 if (!front_len(msg) && !middle_len(msg)) { 1827 WARN_ON(!data_len(msg)); 1828 return prepare_read_data(con); 1829 } 1830 1831 reset_in_kvecs(con); 1832 if (front_len(msg)) { 1833 add_in_kvec(con, msg->front.iov_base, front_len(msg)); 1834 WARN_ON(msg->front.iov_len != front_len(msg)); 1835 } 1836 if (middle_len(msg)) { 1837 add_in_kvec(con, msg->middle->vec.iov_base, middle_len(msg)); 1838 WARN_ON(msg->middle->vec.iov_len != middle_len(msg)); 1839 } 1840 1841 if (data_len(msg)) { 1842 con->v2.in_state = IN_S_PREPARE_READ_DATA; 1843 } else { 1844 add_in_kvec(con, con->v2.in_buf, CEPH_EPILOGUE_PLAIN_LEN); 1845 con->v2.in_state = IN_S_HANDLE_EPILOGUE; 1846 } 1847 return 0; 1848} 1849 1850static void prepare_read_enc_page(struct ceph_connection *con) 1851{ 1852 struct bio_vec bv; 1853 1854 dout("%s con %p i %d resid %d\n", __func__, con, con->v2.in_enc_i, 1855 con->v2.in_enc_resid); 1856 WARN_ON(!con->v2.in_enc_resid); 1857 1858 bv.bv_page = con->v2.in_enc_pages[con->v2.in_enc_i]; 1859 bv.bv_offset = 0; 1860 bv.bv_len = min(con->v2.in_enc_resid, (int)PAGE_SIZE); 1861 1862 set_in_bvec(con, &bv); 1863 con->v2.in_enc_i++; 1864 con->v2.in_enc_resid -= bv.bv_len; 1865 1866 if (con->v2.in_enc_resid) { 1867 con->v2.in_state = IN_S_PREPARE_READ_ENC_PAGE; 1868 return; 1869 } 1870 1871 /* 1872 * We are set to read the last piece of ciphertext (ending 1873 * with epilogue) + auth tag. 1874 */ 1875 WARN_ON(con->v2.in_enc_i != con->v2.in_enc_page_cnt); 1876 con->v2.in_state = IN_S_HANDLE_EPILOGUE; 1877} 1878 1879static int prepare_read_tail_secure(struct ceph_connection *con) 1880{ 1881 struct page **enc_pages; 1882 int enc_page_cnt; 1883 int tail_len; 1884 1885 tail_len = tail_onwire_len(con->in_msg, true); 1886 WARN_ON(!tail_len); 1887 1888 enc_page_cnt = calc_pages_for(0, tail_len); 1889 enc_pages = ceph_alloc_page_vector(enc_page_cnt, GFP_NOIO); 1890 if (IS_ERR(enc_pages)) 1891 return PTR_ERR(enc_pages); 1892 1893 WARN_ON(con->v2.in_enc_pages || con->v2.in_enc_page_cnt); 1894 con->v2.in_enc_pages = enc_pages; 1895 con->v2.in_enc_page_cnt = enc_page_cnt; 1896 con->v2.in_enc_resid = tail_len; 1897 con->v2.in_enc_i = 0; 1898 1899 prepare_read_enc_page(con); 1900 return 0; 1901} 1902 1903static void __finish_skip(struct ceph_connection *con) 1904{ 1905 con->in_seq++; 1906 prepare_read_preamble(con); 1907} 1908 1909static void prepare_skip_message(struct ceph_connection *con) 1910{ 1911 struct ceph_frame_desc *desc = &con->v2.in_desc; 1912 int tail_len; 1913 1914 dout("%s con %p %d+%d+%d\n", __func__, con, desc->fd_lens[1], 1915 desc->fd_lens[2], desc->fd_lens[3]); 1916 1917 tail_len = __tail_onwire_len(desc->fd_lens[1], desc->fd_lens[2], 1918 desc->fd_lens[3], con_secure(con)); 1919 if (!tail_len) { 1920 __finish_skip(con); 1921 } else { 1922 set_in_skip(con, tail_len); 1923 con->v2.in_state = IN_S_FINISH_SKIP; 1924 } 1925} 1926 1927static int process_banner_prefix(struct ceph_connection *con) 1928{ 1929 int payload_len; 1930 void *p; 1931 1932 WARN_ON(con->v2.in_kvecs[0].iov_len != CEPH_BANNER_V2_PREFIX_LEN); 1933 1934 p = con->v2.in_kvecs[0].iov_base; 1935 if (memcmp(p, CEPH_BANNER_V2, CEPH_BANNER_V2_LEN)) { 1936 if (!memcmp(p, CEPH_BANNER, CEPH_BANNER_LEN)) 1937 con->error_msg = "server is speaking msgr1 protocol"; 1938 else 1939 con->error_msg = "protocol error, bad banner"; 1940 return -EINVAL; 1941 } 1942 1943 p += CEPH_BANNER_V2_LEN; 1944 payload_len = ceph_decode_16(&p); 1945 dout("%s con %p payload_len %d\n", __func__, con, payload_len); 1946 1947 return prepare_read_banner_payload(con, payload_len); 1948} 1949 1950static int process_banner_payload(struct ceph_connection *con) 1951{ 1952 void *end = con->v2.in_kvecs[0].iov_base + con->v2.in_kvecs[0].iov_len; 1953 u64 feat = CEPH_MSGR2_SUPPORTED_FEATURES; 1954 u64 req_feat = CEPH_MSGR2_REQUIRED_FEATURES; 1955 u64 server_feat, server_req_feat; 1956 void *p; 1957 int ret; 1958 1959 p = con->v2.in_kvecs[0].iov_base; 1960 ceph_decode_64_safe(&p, end, server_feat, bad); 1961 ceph_decode_64_safe(&p, end, server_req_feat, bad); 1962 1963 dout("%s con %p server_feat 0x%llx server_req_feat 0x%llx\n", 1964 __func__, con, server_feat, server_req_feat); 1965 1966 if (req_feat & ~server_feat) { 1967 pr_err("msgr2 feature set mismatch: my required > server's supported 0x%llx, need 0x%llx\n", 1968 server_feat, req_feat & ~server_feat); 1969 con->error_msg = "missing required protocol features"; 1970 return -EINVAL; 1971 } 1972 if (server_req_feat & ~feat) { 1973 pr_err("msgr2 feature set mismatch: server's required > my supported 0x%llx, missing 0x%llx\n", 1974 feat, server_req_feat & ~feat); 1975 con->error_msg = "missing required protocol features"; 1976 return -EINVAL; 1977 } 1978 1979 /* no reset_out_kvecs() as our banner may still be pending */ 1980 ret = prepare_hello(con); 1981 if (ret) { 1982 pr_err("prepare_hello failed: %d\n", ret); 1983 return ret; 1984 } 1985 1986 con->state = CEPH_CON_S_V2_HELLO; 1987 prepare_read_preamble(con); 1988 return 0; 1989 1990bad: 1991 pr_err("failed to decode banner payload\n"); 1992 return -EINVAL; 1993} 1994 1995static int process_hello(struct ceph_connection *con, void *p, void *end) 1996{ 1997 struct ceph_entity_addr *my_addr = &con->msgr->inst.addr; 1998 struct ceph_entity_addr addr_for_me; 1999 u8 entity_type; 2000 int ret; 2001 2002 if (con->state != CEPH_CON_S_V2_HELLO) { 2003 con->error_msg = "protocol error, unexpected hello"; 2004 return -EINVAL; 2005 } 2006 2007 ceph_decode_8_safe(&p, end, entity_type, bad); 2008 ret = ceph_decode_entity_addr(&p, end, &addr_for_me); 2009 if (ret) { 2010 pr_err("failed to decode addr_for_me: %d\n", ret); 2011 return ret; 2012 } 2013 2014 dout("%s con %p entity_type %d addr_for_me %s\n", __func__, con, 2015 entity_type, ceph_pr_addr(&addr_for_me)); 2016 2017 if (entity_type != con->peer_name.type) { 2018 pr_err("bad peer type, want %d, got %d\n", 2019 con->peer_name.type, entity_type); 2020 con->error_msg = "wrong peer at address"; 2021 return -EINVAL; 2022 } 2023 2024 /* 2025 * Set our address to the address our first peer (i.e. monitor) 2026 * sees that we are connecting from. If we are behind some sort 2027 * of NAT and want to be identified by some private (not NATed) 2028 * address, ip option should be used. 2029 */ 2030 if (ceph_addr_is_blank(my_addr)) { 2031 memcpy(&my_addr->in_addr, &addr_for_me.in_addr, 2032 sizeof(my_addr->in_addr)); 2033 ceph_addr_set_port(my_addr, 0); 2034 dout("%s con %p set my addr %s, as seen by peer %s\n", 2035 __func__, con, ceph_pr_addr(my_addr), 2036 ceph_pr_addr(&con->peer_addr)); 2037 } else { 2038 dout("%s con %p my addr already set %s\n", 2039 __func__, con, ceph_pr_addr(my_addr)); 2040 } 2041 2042 WARN_ON(ceph_addr_is_blank(my_addr) || ceph_addr_port(my_addr)); 2043 WARN_ON(my_addr->type != CEPH_ENTITY_ADDR_TYPE_ANY); 2044 WARN_ON(!my_addr->nonce); 2045 2046 /* no reset_out_kvecs() as our hello may still be pending */ 2047 ret = prepare_auth_request(con); 2048 if (ret) { 2049 if (ret != -EAGAIN) 2050 pr_err("prepare_auth_request failed: %d\n", ret); 2051 return ret; 2052 } 2053 2054 con->state = CEPH_CON_S_V2_AUTH; 2055 return 0; 2056 2057bad: 2058 pr_err("failed to decode hello\n"); 2059 return -EINVAL; 2060} 2061 2062static int process_auth_bad_method(struct ceph_connection *con, 2063 void *p, void *end) 2064{ 2065 int allowed_protos[8], allowed_modes[8]; 2066 int allowed_proto_cnt, allowed_mode_cnt; 2067 int used_proto, result; 2068 int ret; 2069 int i; 2070 2071 if (con->state != CEPH_CON_S_V2_AUTH) { 2072 con->error_msg = "protocol error, unexpected auth_bad_method"; 2073 return -EINVAL; 2074 } 2075 2076 ceph_decode_32_safe(&p, end, used_proto, bad); 2077 ceph_decode_32_safe(&p, end, result, bad); 2078 dout("%s con %p used_proto %d result %d\n", __func__, con, used_proto, 2079 result); 2080 2081 ceph_decode_32_safe(&p, end, allowed_proto_cnt, bad); 2082 if (allowed_proto_cnt > ARRAY_SIZE(allowed_protos)) { 2083 pr_err("allowed_protos too big %d\n", allowed_proto_cnt); 2084 return -EINVAL; 2085 } 2086 for (i = 0; i < allowed_proto_cnt; i++) { 2087 ceph_decode_32_safe(&p, end, allowed_protos[i], bad); 2088 dout("%s con %p allowed_protos[%d] %d\n", __func__, con, 2089 i, allowed_protos[i]); 2090 } 2091 2092 ceph_decode_32_safe(&p, end, allowed_mode_cnt, bad); 2093 if (allowed_mode_cnt > ARRAY_SIZE(allowed_modes)) { 2094 pr_err("allowed_modes too big %d\n", allowed_mode_cnt); 2095 return -EINVAL; 2096 } 2097 for (i = 0; i < allowed_mode_cnt; i++) { 2098 ceph_decode_32_safe(&p, end, allowed_modes[i], bad); 2099 dout("%s con %p allowed_modes[%d] %d\n", __func__, con, 2100 i, allowed_modes[i]); 2101 } 2102 2103 mutex_unlock(&con->mutex); 2104 ret = con->ops->handle_auth_bad_method(con, used_proto, result, 2105 allowed_protos, 2106 allowed_proto_cnt, 2107 allowed_modes, 2108 allowed_mode_cnt); 2109 mutex_lock(&con->mutex); 2110 if (con->state != CEPH_CON_S_V2_AUTH) { 2111 dout("%s con %p state changed to %d\n", __func__, con, 2112 con->state); 2113 return -EAGAIN; 2114 } 2115 2116 dout("%s con %p handle_auth_bad_method ret %d\n", __func__, con, ret); 2117 return ret; 2118 2119bad: 2120 pr_err("failed to decode auth_bad_method\n"); 2121 return -EINVAL; 2122} 2123 2124static int process_auth_reply_more(struct ceph_connection *con, 2125 void *p, void *end) 2126{ 2127 int payload_len; 2128 int ret; 2129 2130 if (con->state != CEPH_CON_S_V2_AUTH) { 2131 con->error_msg = "protocol error, unexpected auth_reply_more"; 2132 return -EINVAL; 2133 } 2134 2135 ceph_decode_32_safe(&p, end, payload_len, bad); 2136 ceph_decode_need(&p, end, payload_len, bad); 2137 2138 dout("%s con %p payload_len %d\n", __func__, con, payload_len); 2139 2140 reset_out_kvecs(con); 2141 ret = prepare_auth_request_more(con, p, payload_len); 2142 if (ret) { 2143 if (ret != -EAGAIN) 2144 pr_err("prepare_auth_request_more failed: %d\n", ret); 2145 return ret; 2146 } 2147 2148 return 0; 2149 2150bad: 2151 pr_err("failed to decode auth_reply_more\n"); 2152 return -EINVAL; 2153} 2154 2155/* 2156 * Align session_key and con_secret to avoid GFP_ATOMIC allocation 2157 * inside crypto_shash_setkey() and crypto_aead_setkey() called from 2158 * setup_crypto(). __aligned(16) isn't guaranteed to work for stack 2159 * objects, so do it by hand. 2160 */ 2161static int process_auth_done(struct ceph_connection *con, void *p, void *end) 2162{ 2163 u8 session_key_buf[CEPH_KEY_LEN + 16]; 2164 u8 con_secret_buf[CEPH_MAX_CON_SECRET_LEN + 16]; 2165 u8 *session_key = PTR_ALIGN(&session_key_buf[0], 16); 2166 u8 *con_secret = PTR_ALIGN(&con_secret_buf[0], 16); 2167 int session_key_len, con_secret_len; 2168 int payload_len; 2169 u64 global_id; 2170 int ret; 2171 2172 if (con->state != CEPH_CON_S_V2_AUTH) { 2173 con->error_msg = "protocol error, unexpected auth_done"; 2174 return -EINVAL; 2175 } 2176 2177 ceph_decode_64_safe(&p, end, global_id, bad); 2178 ceph_decode_32_safe(&p, end, con->v2.con_mode, bad); 2179 ceph_decode_32_safe(&p, end, payload_len, bad); 2180 2181 dout("%s con %p global_id %llu con_mode %d payload_len %d\n", 2182 __func__, con, global_id, con->v2.con_mode, payload_len); 2183 2184 mutex_unlock(&con->mutex); 2185 session_key_len = 0; 2186 con_secret_len = 0; 2187 ret = con->ops->handle_auth_done(con, global_id, p, payload_len, 2188 session_key, &session_key_len, 2189 con_secret, &con_secret_len); 2190 mutex_lock(&con->mutex); 2191 if (con->state != CEPH_CON_S_V2_AUTH) { 2192 dout("%s con %p state changed to %d\n", __func__, con, 2193 con->state); 2194 ret = -EAGAIN; 2195 goto out; 2196 } 2197 2198 dout("%s con %p handle_auth_done ret %d\n", __func__, con, ret); 2199 if (ret) 2200 goto out; 2201 2202 ret = setup_crypto(con, session_key, session_key_len, con_secret, 2203 con_secret_len); 2204 if (ret) 2205 goto out; 2206 2207 reset_out_kvecs(con); 2208 ret = prepare_auth_signature(con); 2209 if (ret) { 2210 pr_err("prepare_auth_signature failed: %d\n", ret); 2211 goto out; 2212 } 2213 2214 con->state = CEPH_CON_S_V2_AUTH_SIGNATURE; 2215 2216out: 2217 memzero_explicit(session_key_buf, sizeof(session_key_buf)); 2218 memzero_explicit(con_secret_buf, sizeof(con_secret_buf)); 2219 return ret; 2220 2221bad: 2222 pr_err("failed to decode auth_done\n"); 2223 return -EINVAL; 2224} 2225 2226static int process_auth_signature(struct ceph_connection *con, 2227 void *p, void *end) 2228{ 2229 u8 hmac[SHA256_DIGEST_SIZE]; 2230 int ret; 2231 2232 if (con->state != CEPH_CON_S_V2_AUTH_SIGNATURE) { 2233 con->error_msg = "protocol error, unexpected auth_signature"; 2234 return -EINVAL; 2235 } 2236 2237 ret = hmac_sha256(con, con->v2.out_sign_kvecs, 2238 con->v2.out_sign_kvec_cnt, hmac); 2239 if (ret) 2240 return ret; 2241 2242 ceph_decode_need(&p, end, SHA256_DIGEST_SIZE, bad); 2243 if (crypto_memneq(p, hmac, SHA256_DIGEST_SIZE)) { 2244 con->error_msg = "integrity error, bad auth signature"; 2245 return -EBADMSG; 2246 } 2247 2248 dout("%s con %p auth signature ok\n", __func__, con); 2249 2250 /* no reset_out_kvecs() as our auth_signature may still be pending */ 2251 if (!con->v2.server_cookie) { 2252 ret = prepare_client_ident(con); 2253 if (ret) { 2254 pr_err("prepare_client_ident failed: %d\n", ret); 2255 return ret; 2256 } 2257 2258 con->state = CEPH_CON_S_V2_SESSION_CONNECT; 2259 } else { 2260 ret = prepare_session_reconnect(con); 2261 if (ret) { 2262 pr_err("prepare_session_reconnect failed: %d\n", ret); 2263 return ret; 2264 } 2265 2266 con->state = CEPH_CON_S_V2_SESSION_RECONNECT; 2267 } 2268 2269 return 0; 2270 2271bad: 2272 pr_err("failed to decode auth_signature\n"); 2273 return -EINVAL; 2274} 2275 2276static int process_server_ident(struct ceph_connection *con, 2277 void *p, void *end) 2278{ 2279 struct ceph_client *client = from_msgr(con->msgr); 2280 u64 features, required_features; 2281 struct ceph_entity_addr addr; 2282 u64 global_seq; 2283 u64 global_id; 2284 u64 cookie; 2285 u64 flags; 2286 int ret; 2287 2288 if (con->state != CEPH_CON_S_V2_SESSION_CONNECT) { 2289 con->error_msg = "protocol error, unexpected server_ident"; 2290 return -EINVAL; 2291 } 2292 2293 ret = ceph_decode_entity_addrvec(&p, end, true, &addr); 2294 if (ret) { 2295 pr_err("failed to decode server addrs: %d\n", ret); 2296 return ret; 2297 } 2298 2299 ceph_decode_64_safe(&p, end, global_id, bad); 2300 ceph_decode_64_safe(&p, end, global_seq, bad); 2301 ceph_decode_64_safe(&p, end, features, bad); 2302 ceph_decode_64_safe(&p, end, required_features, bad); 2303 ceph_decode_64_safe(&p, end, flags, bad); 2304 ceph_decode_64_safe(&p, end, cookie, bad); 2305 2306 dout("%s con %p addr %s/%u global_id %llu global_seq %llu features 0x%llx required_features 0x%llx flags 0x%llx cookie 0x%llx\n", 2307 __func__, con, ceph_pr_addr(&addr), le32_to_cpu(addr.nonce), 2308 global_id, global_seq, features, required_features, flags, cookie); 2309 2310 /* is this who we intended to talk to? */ 2311 if (memcmp(&addr, &con->peer_addr, sizeof(con->peer_addr))) { 2312 pr_err("bad peer addr/nonce, want %s/%u, got %s/%u\n", 2313 ceph_pr_addr(&con->peer_addr), 2314 le32_to_cpu(con->peer_addr.nonce), 2315 ceph_pr_addr(&addr), le32_to_cpu(addr.nonce)); 2316 con->error_msg = "wrong peer at address"; 2317 return -EINVAL; 2318 } 2319 2320 if (client->required_features & ~features) { 2321 pr_err("RADOS feature set mismatch: my required > server's supported 0x%llx, need 0x%llx\n", 2322 features, client->required_features & ~features); 2323 con->error_msg = "missing required protocol features"; 2324 return -EINVAL; 2325 } 2326 2327 /* 2328 * Both name->type and name->num are set in ceph_con_open() but 2329 * name->num may be bogus in the initial monmap. name->type is 2330 * verified in handle_hello(). 2331 */ 2332 WARN_ON(!con->peer_name.type); 2333 con->peer_name.num = cpu_to_le64(global_id); 2334 con->v2.peer_global_seq = global_seq; 2335 con->peer_features = features; 2336 WARN_ON(required_features & ~client->supported_features); 2337 con->v2.server_cookie = cookie; 2338 2339 if (flags & CEPH_MSG_CONNECT_LOSSY) { 2340 ceph_con_flag_set(con, CEPH_CON_F_LOSSYTX); 2341 WARN_ON(con->v2.server_cookie); 2342 } else { 2343 WARN_ON(!con->v2.server_cookie); 2344 } 2345 2346 clear_in_sign_kvecs(con); 2347 clear_out_sign_kvecs(con); 2348 free_conn_bufs(con); 2349 con->delay = 0; /* reset backoff memory */ 2350 2351 con->state = CEPH_CON_S_OPEN; 2352 con->v2.out_state = OUT_S_GET_NEXT; 2353 return 0; 2354 2355bad: 2356 pr_err("failed to decode server_ident\n"); 2357 return -EINVAL; 2358} 2359 2360static int process_ident_missing_features(struct ceph_connection *con, 2361 void *p, void *end) 2362{ 2363 struct ceph_client *client = from_msgr(con->msgr); 2364 u64 missing_features; 2365 2366 if (con->state != CEPH_CON_S_V2_SESSION_CONNECT) { 2367 con->error_msg = "protocol error, unexpected ident_missing_features"; 2368 return -EINVAL; 2369 } 2370 2371 ceph_decode_64_safe(&p, end, missing_features, bad); 2372 pr_err("RADOS feature set mismatch: server's required > my supported 0x%llx, missing 0x%llx\n", 2373 client->supported_features, missing_features); 2374 con->error_msg = "missing required protocol features"; 2375 return -EINVAL; 2376 2377bad: 2378 pr_err("failed to decode ident_missing_features\n"); 2379 return -EINVAL; 2380} 2381 2382static int process_session_reconnect_ok(struct ceph_connection *con, 2383 void *p, void *end) 2384{ 2385 u64 seq; 2386 2387 if (con->state != CEPH_CON_S_V2_SESSION_RECONNECT) { 2388 con->error_msg = "protocol error, unexpected session_reconnect_ok"; 2389 return -EINVAL; 2390 } 2391 2392 ceph_decode_64_safe(&p, end, seq, bad); 2393 2394 dout("%s con %p seq %llu\n", __func__, con, seq); 2395 ceph_con_discard_requeued(con, seq); 2396 2397 clear_in_sign_kvecs(con); 2398 clear_out_sign_kvecs(con); 2399 free_conn_bufs(con); 2400 con->delay = 0; /* reset backoff memory */ 2401 2402 con->state = CEPH_CON_S_OPEN; 2403 con->v2.out_state = OUT_S_GET_NEXT; 2404 return 0; 2405 2406bad: 2407 pr_err("failed to decode session_reconnect_ok\n"); 2408 return -EINVAL; 2409} 2410 2411static int process_session_retry(struct ceph_connection *con, 2412 void *p, void *end) 2413{ 2414 u64 connect_seq; 2415 int ret; 2416 2417 if (con->state != CEPH_CON_S_V2_SESSION_RECONNECT) { 2418 con->error_msg = "protocol error, unexpected session_retry"; 2419 return -EINVAL; 2420 } 2421 2422 ceph_decode_64_safe(&p, end, connect_seq, bad); 2423 2424 dout("%s con %p connect_seq %llu\n", __func__, con, connect_seq); 2425 WARN_ON(connect_seq <= con->v2.connect_seq); 2426 con->v2.connect_seq = connect_seq + 1; 2427 2428 free_conn_bufs(con); 2429 2430 reset_out_kvecs(con); 2431 ret = prepare_session_reconnect(con); 2432 if (ret) { 2433 pr_err("prepare_session_reconnect (cseq) failed: %d\n", ret); 2434 return ret; 2435 } 2436 2437 return 0; 2438 2439bad: 2440 pr_err("failed to decode session_retry\n"); 2441 return -EINVAL; 2442} 2443 2444static int process_session_retry_global(struct ceph_connection *con, 2445 void *p, void *end) 2446{ 2447 u64 global_seq; 2448 int ret; 2449 2450 if (con->state != CEPH_CON_S_V2_SESSION_RECONNECT) { 2451 con->error_msg = "protocol error, unexpected session_retry_global"; 2452 return -EINVAL; 2453 } 2454 2455 ceph_decode_64_safe(&p, end, global_seq, bad); 2456 2457 dout("%s con %p global_seq %llu\n", __func__, con, global_seq); 2458 WARN_ON(global_seq <= con->v2.global_seq); 2459 con->v2.global_seq = ceph_get_global_seq(con->msgr, global_seq); 2460 2461 free_conn_bufs(con); 2462 2463 reset_out_kvecs(con); 2464 ret = prepare_session_reconnect(con); 2465 if (ret) { 2466 pr_err("prepare_session_reconnect (gseq) failed: %d\n", ret); 2467 return ret; 2468 } 2469 2470 return 0; 2471 2472bad: 2473 pr_err("failed to decode session_retry_global\n"); 2474 return -EINVAL; 2475} 2476 2477static int process_session_reset(struct ceph_connection *con, 2478 void *p, void *end) 2479{ 2480 bool full; 2481 int ret; 2482 2483 if (con->state != CEPH_CON_S_V2_SESSION_RECONNECT) { 2484 con->error_msg = "protocol error, unexpected session_reset"; 2485 return -EINVAL; 2486 } 2487 2488 ceph_decode_8_safe(&p, end, full, bad); 2489 if (!full) { 2490 con->error_msg = "protocol error, bad session_reset"; 2491 return -EINVAL; 2492 } 2493 2494 pr_info("%s%lld %s session reset\n", ENTITY_NAME(con->peer_name), 2495 ceph_pr_addr(&con->peer_addr)); 2496 ceph_con_reset_session(con); 2497 2498 mutex_unlock(&con->mutex); 2499 if (con->ops->peer_reset) 2500 con->ops->peer_reset(con); 2501 mutex_lock(&con->mutex); 2502 if (con->state != CEPH_CON_S_V2_SESSION_RECONNECT) { 2503 dout("%s con %p state changed to %d\n", __func__, con, 2504 con->state); 2505 return -EAGAIN; 2506 } 2507 2508 free_conn_bufs(con); 2509 2510 reset_out_kvecs(con); 2511 ret = prepare_client_ident(con); 2512 if (ret) { 2513 pr_err("prepare_client_ident (rst) failed: %d\n", ret); 2514 return ret; 2515 } 2516 2517 con->state = CEPH_CON_S_V2_SESSION_CONNECT; 2518 return 0; 2519 2520bad: 2521 pr_err("failed to decode session_reset\n"); 2522 return -EINVAL; 2523} 2524 2525static int process_keepalive2_ack(struct ceph_connection *con, 2526 void *p, void *end) 2527{ 2528 if (con->state != CEPH_CON_S_OPEN) { 2529 con->error_msg = "protocol error, unexpected keepalive2_ack"; 2530 return -EINVAL; 2531 } 2532 2533 ceph_decode_need(&p, end, sizeof(struct ceph_timespec), bad); 2534 ceph_decode_timespec64(&con->last_keepalive_ack, p); 2535 2536 dout("%s con %p timestamp %lld.%09ld\n", __func__, con, 2537 con->last_keepalive_ack.tv_sec, con->last_keepalive_ack.tv_nsec); 2538 2539 return 0; 2540 2541bad: 2542 pr_err("failed to decode keepalive2_ack\n"); 2543 return -EINVAL; 2544} 2545 2546static int process_ack(struct ceph_connection *con, void *p, void *end) 2547{ 2548 u64 seq; 2549 2550 if (con->state != CEPH_CON_S_OPEN) { 2551 con->error_msg = "protocol error, unexpected ack"; 2552 return -EINVAL; 2553 } 2554 2555 ceph_decode_64_safe(&p, end, seq, bad); 2556 2557 dout("%s con %p seq %llu\n", __func__, con, seq); 2558 ceph_con_discard_sent(con, seq); 2559 return 0; 2560 2561bad: 2562 pr_err("failed to decode ack\n"); 2563 return -EINVAL; 2564} 2565 2566static int process_control(struct ceph_connection *con, void *p, void *end) 2567{ 2568 int tag = con->v2.in_desc.fd_tag; 2569 int ret; 2570 2571 dout("%s con %p tag %d len %d\n", __func__, con, tag, (int)(end - p)); 2572 2573 switch (tag) { 2574 case FRAME_TAG_HELLO: 2575 ret = process_hello(con, p, end); 2576 break; 2577 case FRAME_TAG_AUTH_BAD_METHOD: 2578 ret = process_auth_bad_method(con, p, end); 2579 break; 2580 case FRAME_TAG_AUTH_REPLY_MORE: 2581 ret = process_auth_reply_more(con, p, end); 2582 break; 2583 case FRAME_TAG_AUTH_DONE: 2584 ret = process_auth_done(con, p, end); 2585 break; 2586 case FRAME_TAG_AUTH_SIGNATURE: 2587 ret = process_auth_signature(con, p, end); 2588 break; 2589 case FRAME_TAG_SERVER_IDENT: 2590 ret = process_server_ident(con, p, end); 2591 break; 2592 case FRAME_TAG_IDENT_MISSING_FEATURES: 2593 ret = process_ident_missing_features(con, p, end); 2594 break; 2595 case FRAME_TAG_SESSION_RECONNECT_OK: 2596 ret = process_session_reconnect_ok(con, p, end); 2597 break; 2598 case FRAME_TAG_SESSION_RETRY: 2599 ret = process_session_retry(con, p, end); 2600 break; 2601 case FRAME_TAG_SESSION_RETRY_GLOBAL: 2602 ret = process_session_retry_global(con, p, end); 2603 break; 2604 case FRAME_TAG_SESSION_RESET: 2605 ret = process_session_reset(con, p, end); 2606 break; 2607 case FRAME_TAG_KEEPALIVE2_ACK: 2608 ret = process_keepalive2_ack(con, p, end); 2609 break; 2610 case FRAME_TAG_ACK: 2611 ret = process_ack(con, p, end); 2612 break; 2613 default: 2614 pr_err("bad tag %d\n", tag); 2615 con->error_msg = "protocol error, bad tag"; 2616 return -EINVAL; 2617 } 2618 if (ret) { 2619 dout("%s con %p error %d\n", __func__, con, ret); 2620 return ret; 2621 } 2622 2623 prepare_read_preamble(con); 2624 return 0; 2625} 2626 2627/* 2628 * Return: 2629 * 1 - con->in_msg set, read message 2630 * 0 - skip message 2631 * <0 - error 2632 */ 2633static int process_message_header(struct ceph_connection *con, 2634 void *p, void *end) 2635{ 2636 struct ceph_frame_desc *desc = &con->v2.in_desc; 2637 struct ceph_msg_header2 *hdr2 = p; 2638 struct ceph_msg_header hdr; 2639 int skip; 2640 int ret; 2641 u64 seq; 2642 2643 /* verify seq# */ 2644 seq = le64_to_cpu(hdr2->seq); 2645 if ((s64)seq - (s64)con->in_seq < 1) { 2646 pr_info("%s%lld %s skipping old message: seq %llu, expected %llu\n", 2647 ENTITY_NAME(con->peer_name), 2648 ceph_pr_addr(&con->peer_addr), 2649 seq, con->in_seq + 1); 2650 return 0; 2651 } 2652 if ((s64)seq - (s64)con->in_seq > 1) { 2653 pr_err("bad seq %llu, expected %llu\n", seq, con->in_seq + 1); 2654 con->error_msg = "bad message sequence # for incoming message"; 2655 return -EBADE; 2656 } 2657 2658 ceph_con_discard_sent(con, le64_to_cpu(hdr2->ack_seq)); 2659 2660 fill_header(&hdr, hdr2, desc->fd_lens[1], desc->fd_lens[2], 2661 desc->fd_lens[3], &con->peer_name); 2662 ret = ceph_con_in_msg_alloc(con, &hdr, &skip); 2663 if (ret) 2664 return ret; 2665 2666 WARN_ON(!con->in_msg ^ skip); 2667 if (skip) 2668 return 0; 2669 2670 WARN_ON(!con->in_msg); 2671 WARN_ON(con->in_msg->con != con); 2672 return 1; 2673} 2674 2675static int process_message(struct ceph_connection *con) 2676{ 2677 ceph_con_process_message(con); 2678 2679 /* 2680 * We could have been closed by ceph_con_close() because 2681 * ceph_con_process_message() temporarily drops con->mutex. 2682 */ 2683 if (con->state != CEPH_CON_S_OPEN) { 2684 dout("%s con %p state changed to %d\n", __func__, con, 2685 con->state); 2686 return -EAGAIN; 2687 } 2688 2689 prepare_read_preamble(con); 2690 return 0; 2691} 2692 2693static int __handle_control(struct ceph_connection *con, void *p) 2694{ 2695 void *end = p + con->v2.in_desc.fd_lens[0]; 2696 struct ceph_msg *msg; 2697 int ret; 2698 2699 if (con->v2.in_desc.fd_tag != FRAME_TAG_MESSAGE) 2700 return process_control(con, p, end); 2701 2702 ret = process_message_header(con, p, end); 2703 if (ret < 0) 2704 return ret; 2705 if (ret == 0) { 2706 prepare_skip_message(con); 2707 return 0; 2708 } 2709 2710 msg = con->in_msg; /* set in process_message_header() */ 2711 if (front_len(msg)) { 2712 WARN_ON(front_len(msg) > msg->front_alloc_len); 2713 msg->front.iov_len = front_len(msg); 2714 } else { 2715 msg->front.iov_len = 0; 2716 } 2717 if (middle_len(msg)) { 2718 WARN_ON(middle_len(msg) > msg->middle->alloc_len); 2719 msg->middle->vec.iov_len = middle_len(msg); 2720 } else if (msg->middle) { 2721 msg->middle->vec.iov_len = 0; 2722 } 2723 2724 if (!front_len(msg) && !middle_len(msg) && !data_len(msg)) 2725 return process_message(con); 2726 2727 if (con_secure(con)) 2728 return prepare_read_tail_secure(con); 2729 2730 return prepare_read_tail_plain(con); 2731} 2732 2733static int handle_preamble(struct ceph_connection *con) 2734{ 2735 struct ceph_frame_desc *desc = &con->v2.in_desc; 2736 int ret; 2737 2738 if (con_secure(con)) { 2739 ret = decrypt_preamble(con); 2740 if (ret) { 2741 if (ret == -EBADMSG) 2742 con->error_msg = "integrity error, bad preamble auth tag"; 2743 return ret; 2744 } 2745 } 2746 2747 ret = decode_preamble(con->v2.in_buf, desc); 2748 if (ret) { 2749 if (ret == -EBADMSG) 2750 con->error_msg = "integrity error, bad crc"; 2751 else 2752 con->error_msg = "protocol error, bad preamble"; 2753 return ret; 2754 } 2755 2756 dout("%s con %p tag %d seg_cnt %d %d+%d+%d+%d\n", __func__, 2757 con, desc->fd_tag, desc->fd_seg_cnt, desc->fd_lens[0], 2758 desc->fd_lens[1], desc->fd_lens[2], desc->fd_lens[3]); 2759 2760 if (!con_secure(con)) 2761 return prepare_read_control(con); 2762 2763 if (desc->fd_lens[0] > CEPH_PREAMBLE_INLINE_LEN) 2764 return prepare_read_control_remainder(con); 2765 2766 return __handle_control(con, CTRL_BODY(con->v2.in_buf)); 2767} 2768 2769static int handle_control(struct ceph_connection *con) 2770{ 2771 int ctrl_len = con->v2.in_desc.fd_lens[0]; 2772 void *buf; 2773 int ret; 2774 2775 WARN_ON(con_secure(con)); 2776 2777 ret = verify_control_crc(con); 2778 if (ret) { 2779 con->error_msg = "integrity error, bad crc"; 2780 return ret; 2781 } 2782 2783 if (con->state == CEPH_CON_S_V2_AUTH) { 2784 buf = alloc_conn_buf(con, ctrl_len); 2785 if (!buf) 2786 return -ENOMEM; 2787 2788 memcpy(buf, con->v2.in_kvecs[0].iov_base, ctrl_len); 2789 return __handle_control(con, buf); 2790 } 2791 2792 return __handle_control(con, con->v2.in_kvecs[0].iov_base); 2793} 2794 2795static int handle_control_remainder(struct ceph_connection *con) 2796{ 2797 int ret; 2798 2799 WARN_ON(!con_secure(con)); 2800 2801 ret = decrypt_control_remainder(con); 2802 if (ret) { 2803 if (ret == -EBADMSG) 2804 con->error_msg = "integrity error, bad control remainder auth tag"; 2805 return ret; 2806 } 2807 2808 return __handle_control(con, con->v2.in_kvecs[0].iov_base - 2809 CEPH_PREAMBLE_INLINE_LEN); 2810} 2811 2812static int handle_epilogue(struct ceph_connection *con) 2813{ 2814 u32 front_crc, middle_crc, data_crc; 2815 int ret; 2816 2817 if (con_secure(con)) { 2818 ret = decrypt_tail(con); 2819 if (ret) { 2820 if (ret == -EBADMSG) 2821 con->error_msg = "integrity error, bad epilogue auth tag"; 2822 return ret; 2823 } 2824 2825 /* just late_status */ 2826 ret = decode_epilogue(con->v2.in_buf, NULL, NULL, NULL); 2827 if (ret) { 2828 con->error_msg = "protocol error, bad epilogue"; 2829 return ret; 2830 } 2831 } else { 2832 ret = decode_epilogue(con->v2.in_buf, &front_crc, 2833 &middle_crc, &data_crc); 2834 if (ret) { 2835 con->error_msg = "protocol error, bad epilogue"; 2836 return ret; 2837 } 2838 2839 ret = verify_epilogue_crcs(con, front_crc, middle_crc, 2840 data_crc); 2841 if (ret) { 2842 con->error_msg = "integrity error, bad crc"; 2843 return ret; 2844 } 2845 } 2846 2847 return process_message(con); 2848} 2849 2850static void finish_skip(struct ceph_connection *con) 2851{ 2852 dout("%s con %p\n", __func__, con); 2853 2854 if (con_secure(con)) 2855 gcm_inc_nonce(&con->v2.in_gcm_nonce); 2856 2857 __finish_skip(con); 2858} 2859 2860static int populate_in_iter(struct ceph_connection *con) 2861{ 2862 int ret; 2863 2864 dout("%s con %p state %d in_state %d\n", __func__, con, con->state, 2865 con->v2.in_state); 2866 WARN_ON(iov_iter_count(&con->v2.in_iter)); 2867 2868 if (con->state == CEPH_CON_S_V2_BANNER_PREFIX) { 2869 ret = process_banner_prefix(con); 2870 } else if (con->state == CEPH_CON_S_V2_BANNER_PAYLOAD) { 2871 ret = process_banner_payload(con); 2872 } else if ((con->state >= CEPH_CON_S_V2_HELLO && 2873 con->state <= CEPH_CON_S_V2_SESSION_RECONNECT) || 2874 con->state == CEPH_CON_S_OPEN) { 2875 switch (con->v2.in_state) { 2876 case IN_S_HANDLE_PREAMBLE: 2877 ret = handle_preamble(con); 2878 break; 2879 case IN_S_HANDLE_CONTROL: 2880 ret = handle_control(con); 2881 break; 2882 case IN_S_HANDLE_CONTROL_REMAINDER: 2883 ret = handle_control_remainder(con); 2884 break; 2885 case IN_S_PREPARE_READ_DATA: 2886 ret = prepare_read_data(con); 2887 break; 2888 case IN_S_PREPARE_READ_DATA_CONT: 2889 prepare_read_data_cont(con); 2890 ret = 0; 2891 break; 2892 case IN_S_PREPARE_READ_ENC_PAGE: 2893 prepare_read_enc_page(con); 2894 ret = 0; 2895 break; 2896 case IN_S_HANDLE_EPILOGUE: 2897 ret = handle_epilogue(con); 2898 break; 2899 case IN_S_FINISH_SKIP: 2900 finish_skip(con); 2901 ret = 0; 2902 break; 2903 default: 2904 WARN(1, "bad in_state %d", con->v2.in_state); 2905 return -EINVAL; 2906 } 2907 } else { 2908 WARN(1, "bad state %d", con->state); 2909 return -EINVAL; 2910 } 2911 if (ret) { 2912 dout("%s con %p error %d\n", __func__, con, ret); 2913 return ret; 2914 } 2915 2916 if (WARN_ON(!iov_iter_count(&con->v2.in_iter))) 2917 return -ENODATA; 2918 dout("%s con %p populated %zu\n", __func__, con, 2919 iov_iter_count(&con->v2.in_iter)); 2920 return 1; 2921} 2922 2923int ceph_con_v2_try_read(struct ceph_connection *con) 2924{ 2925 int ret; 2926 2927 dout("%s con %p state %d need %zu\n", __func__, con, con->state, 2928 iov_iter_count(&con->v2.in_iter)); 2929 2930 if (con->state == CEPH_CON_S_PREOPEN) 2931 return 0; 2932 2933 /* 2934 * We should always have something pending here. If not, 2935 * avoid calling populate_in_iter() as if we read something 2936 * (ceph_tcp_recv() would immediately return 1). 2937 */ 2938 if (WARN_ON(!iov_iter_count(&con->v2.in_iter))) 2939 return -ENODATA; 2940 2941 for (;;) { 2942 ret = ceph_tcp_recv(con); 2943 if (ret <= 0) 2944 return ret; 2945 2946 ret = populate_in_iter(con); 2947 if (ret <= 0) { 2948 if (ret && ret != -EAGAIN && !con->error_msg) 2949 con->error_msg = "read processing error"; 2950 return ret; 2951 } 2952 } 2953} 2954 2955static void queue_data(struct ceph_connection *con) 2956{ 2957 struct bio_vec bv; 2958 2959 con->v2.out_epil.data_crc = -1; 2960 ceph_msg_data_cursor_init(&con->v2.out_cursor, con->out_msg, 2961 data_len(con->out_msg)); 2962 2963 get_bvec_at(&con->v2.out_cursor, &bv); 2964 set_out_bvec(con, &bv, true); 2965 con->v2.out_state = OUT_S_QUEUE_DATA_CONT; 2966} 2967 2968static void queue_data_cont(struct ceph_connection *con) 2969{ 2970 struct bio_vec bv; 2971 2972 con->v2.out_epil.data_crc = ceph_crc32c_page( 2973 con->v2.out_epil.data_crc, con->v2.out_bvec.bv_page, 2974 con->v2.out_bvec.bv_offset, con->v2.out_bvec.bv_len); 2975 2976 ceph_msg_data_advance(&con->v2.out_cursor, con->v2.out_bvec.bv_len); 2977 if (con->v2.out_cursor.total_resid) { 2978 get_bvec_at(&con->v2.out_cursor, &bv); 2979 set_out_bvec(con, &bv, true); 2980 WARN_ON(con->v2.out_state != OUT_S_QUEUE_DATA_CONT); 2981 return; 2982 } 2983 2984 /* 2985 * We've written all data. Queue epilogue. Once it's written, 2986 * we are done. 2987 */ 2988 reset_out_kvecs(con); 2989 prepare_epilogue_plain(con, false); 2990 con->v2.out_state = OUT_S_FINISH_MESSAGE; 2991} 2992 2993static void queue_enc_page(struct ceph_connection *con) 2994{ 2995 struct bio_vec bv; 2996 2997 dout("%s con %p i %d resid %d\n", __func__, con, con->v2.out_enc_i, 2998 con->v2.out_enc_resid); 2999 WARN_ON(!con->v2.out_enc_resid); 3000 3001 bv.bv_page = con->v2.out_enc_pages[con->v2.out_enc_i]; 3002 bv.bv_offset = 0; 3003 bv.bv_len = min(con->v2.out_enc_resid, (int)PAGE_SIZE); 3004 3005 set_out_bvec(con, &bv, false); 3006 con->v2.out_enc_i++; 3007 con->v2.out_enc_resid -= bv.bv_len; 3008 3009 if (con->v2.out_enc_resid) { 3010 WARN_ON(con->v2.out_state != OUT_S_QUEUE_ENC_PAGE); 3011 return; 3012 } 3013 3014 /* 3015 * We've queued the last piece of ciphertext (ending with 3016 * epilogue) + auth tag. Once it's written, we are done. 3017 */ 3018 WARN_ON(con->v2.out_enc_i != con->v2.out_enc_page_cnt); 3019 con->v2.out_state = OUT_S_FINISH_MESSAGE; 3020} 3021 3022static void queue_zeros(struct ceph_connection *con) 3023{ 3024 dout("%s con %p out_zero %d\n", __func__, con, con->v2.out_zero); 3025 3026 if (con->v2.out_zero) { 3027 set_out_bvec_zero(con); 3028 con->v2.out_zero -= con->v2.out_bvec.bv_len; 3029 con->v2.out_state = OUT_S_QUEUE_ZEROS; 3030 return; 3031 } 3032 3033 /* 3034 * We've zero-filled everything up to epilogue. Queue epilogue 3035 * with late_status set to ABORTED and crcs adjusted for zeros. 3036 * Once it's written, we are done patching up for the revoke. 3037 */ 3038 reset_out_kvecs(con); 3039 prepare_epilogue_plain(con, true); 3040 con->v2.out_state = OUT_S_FINISH_MESSAGE; 3041} 3042 3043static void finish_message(struct ceph_connection *con) 3044{ 3045 dout("%s con %p msg %p\n", __func__, con, con->out_msg); 3046 3047 /* we end up here both plain and secure modes */ 3048 if (con->v2.out_enc_pages) { 3049 WARN_ON(!con->v2.out_enc_page_cnt); 3050 ceph_release_page_vector(con->v2.out_enc_pages, 3051 con->v2.out_enc_page_cnt); 3052 con->v2.out_enc_pages = NULL; 3053 con->v2.out_enc_page_cnt = 0; 3054 } 3055 /* message may have been revoked */ 3056 if (con->out_msg) { 3057 ceph_msg_put(con->out_msg); 3058 con->out_msg = NULL; 3059 } 3060 3061 con->v2.out_state = OUT_S_GET_NEXT; 3062} 3063 3064static int populate_out_iter(struct ceph_connection *con) 3065{ 3066 int ret; 3067 3068 dout("%s con %p state %d out_state %d\n", __func__, con, con->state, 3069 con->v2.out_state); 3070 WARN_ON(iov_iter_count(&con->v2.out_iter)); 3071 3072 if (con->state != CEPH_CON_S_OPEN) { 3073 WARN_ON(con->state < CEPH_CON_S_V2_BANNER_PREFIX || 3074 con->state > CEPH_CON_S_V2_SESSION_RECONNECT); 3075 goto nothing_pending; 3076 } 3077 3078 switch (con->v2.out_state) { 3079 case OUT_S_QUEUE_DATA: 3080 WARN_ON(!con->out_msg); 3081 queue_data(con); 3082 goto populated; 3083 case OUT_S_QUEUE_DATA_CONT: 3084 WARN_ON(!con->out_msg); 3085 queue_data_cont(con); 3086 goto populated; 3087 case OUT_S_QUEUE_ENC_PAGE: 3088 queue_enc_page(con); 3089 goto populated; 3090 case OUT_S_QUEUE_ZEROS: 3091 WARN_ON(con->out_msg); /* revoked */ 3092 queue_zeros(con); 3093 goto populated; 3094 case OUT_S_FINISH_MESSAGE: 3095 finish_message(con); 3096 break; 3097 case OUT_S_GET_NEXT: 3098 break; 3099 default: 3100 WARN(1, "bad out_state %d", con->v2.out_state); 3101 return -EINVAL; 3102 } 3103 3104 WARN_ON(con->v2.out_state != OUT_S_GET_NEXT); 3105 if (ceph_con_flag_test_and_clear(con, CEPH_CON_F_KEEPALIVE_PENDING)) { 3106 ret = prepare_keepalive2(con); 3107 if (ret) { 3108 pr_err("prepare_keepalive2 failed: %d\n", ret); 3109 return ret; 3110 } 3111 } else if (!list_empty(&con->out_queue)) { 3112 ceph_con_get_out_msg(con); 3113 ret = prepare_message(con); 3114 if (ret) { 3115 pr_err("prepare_message failed: %d\n", ret); 3116 return ret; 3117 } 3118 } else if (con->in_seq > con->in_seq_acked) { 3119 ret = prepare_ack(con); 3120 if (ret) { 3121 pr_err("prepare_ack failed: %d\n", ret); 3122 return ret; 3123 } 3124 } else { 3125 goto nothing_pending; 3126 } 3127 3128populated: 3129 if (WARN_ON(!iov_iter_count(&con->v2.out_iter))) 3130 return -ENODATA; 3131 dout("%s con %p populated %zu\n", __func__, con, 3132 iov_iter_count(&con->v2.out_iter)); 3133 return 1; 3134 3135nothing_pending: 3136 WARN_ON(iov_iter_count(&con->v2.out_iter)); 3137 dout("%s con %p nothing pending\n", __func__, con); 3138 ceph_con_flag_clear(con, CEPH_CON_F_WRITE_PENDING); 3139 return 0; 3140} 3141 3142int ceph_con_v2_try_write(struct ceph_connection *con) 3143{ 3144 int ret; 3145 3146 dout("%s con %p state %d have %zu\n", __func__, con, con->state, 3147 iov_iter_count(&con->v2.out_iter)); 3148 3149 /* open the socket first? */ 3150 if (con->state == CEPH_CON_S_PREOPEN) { 3151 WARN_ON(con->peer_addr.type != CEPH_ENTITY_ADDR_TYPE_MSGR2); 3152 3153 /* 3154 * Always bump global_seq. Bump connect_seq only if 3155 * there is a session (i.e. we are reconnecting and will 3156 * send session_reconnect instead of client_ident). 3157 */ 3158 con->v2.global_seq = ceph_get_global_seq(con->msgr, 0); 3159 if (con->v2.server_cookie) 3160 con->v2.connect_seq++; 3161 3162 ret = prepare_read_banner_prefix(con); 3163 if (ret) { 3164 pr_err("prepare_read_banner_prefix failed: %d\n", ret); 3165 con->error_msg = "connect error"; 3166 return ret; 3167 } 3168 3169 reset_out_kvecs(con); 3170 ret = prepare_banner(con); 3171 if (ret) { 3172 pr_err("prepare_banner failed: %d\n", ret); 3173 con->error_msg = "connect error"; 3174 return ret; 3175 } 3176 3177 ret = ceph_tcp_connect(con); 3178 if (ret) { 3179 pr_err("ceph_tcp_connect failed: %d\n", ret); 3180 con->error_msg = "connect error"; 3181 return ret; 3182 } 3183 } 3184 3185 if (!iov_iter_count(&con->v2.out_iter)) { 3186 ret = populate_out_iter(con); 3187 if (ret <= 0) { 3188 if (ret && ret != -EAGAIN && !con->error_msg) 3189 con->error_msg = "write processing error"; 3190 return ret; 3191 } 3192 } 3193 3194 tcp_sock_set_cork(con->sock->sk, true); 3195 for (;;) { 3196 ret = ceph_tcp_send(con); 3197 if (ret <= 0) 3198 break; 3199 3200 ret = populate_out_iter(con); 3201 if (ret <= 0) { 3202 if (ret && ret != -EAGAIN && !con->error_msg) 3203 con->error_msg = "write processing error"; 3204 break; 3205 } 3206 } 3207 3208 tcp_sock_set_cork(con->sock->sk, false); 3209 return ret; 3210} 3211 3212static u32 crc32c_zeros(u32 crc, int zero_len) 3213{ 3214 int len; 3215 3216 while (zero_len) { 3217 len = min(zero_len, (int)PAGE_SIZE); 3218 crc = crc32c(crc, page_address(ceph_zero_page), len); 3219 zero_len -= len; 3220 } 3221 3222 return crc; 3223} 3224 3225static void prepare_zero_front(struct ceph_connection *con, int resid) 3226{ 3227 int sent; 3228 3229 WARN_ON(!resid || resid > front_len(con->out_msg)); 3230 sent = front_len(con->out_msg) - resid; 3231 dout("%s con %p sent %d resid %d\n", __func__, con, sent, resid); 3232 3233 if (sent) { 3234 con->v2.out_epil.front_crc = 3235 crc32c(-1, con->out_msg->front.iov_base, sent); 3236 con->v2.out_epil.front_crc = 3237 crc32c_zeros(con->v2.out_epil.front_crc, resid); 3238 } else { 3239 con->v2.out_epil.front_crc = crc32c_zeros(-1, resid); 3240 } 3241 3242 con->v2.out_iter.count -= resid; 3243 out_zero_add(con, resid); 3244} 3245 3246static void prepare_zero_middle(struct ceph_connection *con, int resid) 3247{ 3248 int sent; 3249 3250 WARN_ON(!resid || resid > middle_len(con->out_msg)); 3251 sent = middle_len(con->out_msg) - resid; 3252 dout("%s con %p sent %d resid %d\n", __func__, con, sent, resid); 3253 3254 if (sent) { 3255 con->v2.out_epil.middle_crc = 3256 crc32c(-1, con->out_msg->middle->vec.iov_base, sent); 3257 con->v2.out_epil.middle_crc = 3258 crc32c_zeros(con->v2.out_epil.middle_crc, resid); 3259 } else { 3260 con->v2.out_epil.middle_crc = crc32c_zeros(-1, resid); 3261 } 3262 3263 con->v2.out_iter.count -= resid; 3264 out_zero_add(con, resid); 3265} 3266 3267static void prepare_zero_data(struct ceph_connection *con) 3268{ 3269 dout("%s con %p\n", __func__, con); 3270 con->v2.out_epil.data_crc = crc32c_zeros(-1, data_len(con->out_msg)); 3271 out_zero_add(con, data_len(con->out_msg)); 3272} 3273 3274static void revoke_at_queue_data(struct ceph_connection *con) 3275{ 3276 int boundary; 3277 int resid; 3278 3279 WARN_ON(!data_len(con->out_msg)); 3280 WARN_ON(!iov_iter_is_kvec(&con->v2.out_iter)); 3281 resid = iov_iter_count(&con->v2.out_iter); 3282 3283 boundary = front_len(con->out_msg) + middle_len(con->out_msg); 3284 if (resid > boundary) { 3285 resid -= boundary; 3286 WARN_ON(resid > MESSAGE_HEAD_PLAIN_LEN); 3287 dout("%s con %p was sending head\n", __func__, con); 3288 if (front_len(con->out_msg)) 3289 prepare_zero_front(con, front_len(con->out_msg)); 3290 if (middle_len(con->out_msg)) 3291 prepare_zero_middle(con, middle_len(con->out_msg)); 3292 prepare_zero_data(con); 3293 WARN_ON(iov_iter_count(&con->v2.out_iter) != resid); 3294 con->v2.out_state = OUT_S_QUEUE_ZEROS; 3295 return; 3296 } 3297 3298 boundary = middle_len(con->out_msg); 3299 if (resid > boundary) { 3300 resid -= boundary; 3301 dout("%s con %p was sending front\n", __func__, con); 3302 prepare_zero_front(con, resid); 3303 if (middle_len(con->out_msg)) 3304 prepare_zero_middle(con, middle_len(con->out_msg)); 3305 prepare_zero_data(con); 3306 queue_zeros(con); 3307 return; 3308 } 3309 3310 WARN_ON(!resid); 3311 dout("%s con %p was sending middle\n", __func__, con); 3312 prepare_zero_middle(con, resid); 3313 prepare_zero_data(con); 3314 queue_zeros(con); 3315} 3316 3317static void revoke_at_queue_data_cont(struct ceph_connection *con) 3318{ 3319 int sent, resid; /* current piece of data */ 3320 3321 WARN_ON(!data_len(con->out_msg)); 3322 WARN_ON(!iov_iter_is_bvec(&con->v2.out_iter)); 3323 resid = iov_iter_count(&con->v2.out_iter); 3324 WARN_ON(!resid || resid > con->v2.out_bvec.bv_len); 3325 sent = con->v2.out_bvec.bv_len - resid; 3326 dout("%s con %p sent %d resid %d\n", __func__, con, sent, resid); 3327 3328 if (sent) { 3329 con->v2.out_epil.data_crc = ceph_crc32c_page( 3330 con->v2.out_epil.data_crc, con->v2.out_bvec.bv_page, 3331 con->v2.out_bvec.bv_offset, sent); 3332 ceph_msg_data_advance(&con->v2.out_cursor, sent); 3333 } 3334 WARN_ON(resid > con->v2.out_cursor.total_resid); 3335 con->v2.out_epil.data_crc = crc32c_zeros(con->v2.out_epil.data_crc, 3336 con->v2.out_cursor.total_resid); 3337 3338 con->v2.out_iter.count -= resid; 3339 out_zero_add(con, con->v2.out_cursor.total_resid); 3340 queue_zeros(con); 3341} 3342 3343static void revoke_at_finish_message(struct ceph_connection *con) 3344{ 3345 int boundary; 3346 int resid; 3347 3348 WARN_ON(!iov_iter_is_kvec(&con->v2.out_iter)); 3349 resid = iov_iter_count(&con->v2.out_iter); 3350 3351 if (!front_len(con->out_msg) && !middle_len(con->out_msg) && 3352 !data_len(con->out_msg)) { 3353 WARN_ON(!resid || resid > MESSAGE_HEAD_PLAIN_LEN); 3354 dout("%s con %p was sending head (empty message) - noop\n", 3355 __func__, con); 3356 return; 3357 } 3358 3359 boundary = front_len(con->out_msg) + middle_len(con->out_msg) + 3360 CEPH_EPILOGUE_PLAIN_LEN; 3361 if (resid > boundary) { 3362 resid -= boundary; 3363 WARN_ON(resid > MESSAGE_HEAD_PLAIN_LEN); 3364 dout("%s con %p was sending head\n", __func__, con); 3365 if (front_len(con->out_msg)) 3366 prepare_zero_front(con, front_len(con->out_msg)); 3367 if (middle_len(con->out_msg)) 3368 prepare_zero_middle(con, middle_len(con->out_msg)); 3369 con->v2.out_iter.count -= CEPH_EPILOGUE_PLAIN_LEN; 3370 WARN_ON(iov_iter_count(&con->v2.out_iter) != resid); 3371 con->v2.out_state = OUT_S_QUEUE_ZEROS; 3372 return; 3373 } 3374 3375 boundary = middle_len(con->out_msg) + CEPH_EPILOGUE_PLAIN_LEN; 3376 if (resid > boundary) { 3377 resid -= boundary; 3378 dout("%s con %p was sending front\n", __func__, con); 3379 prepare_zero_front(con, resid); 3380 if (middle_len(con->out_msg)) 3381 prepare_zero_middle(con, middle_len(con->out_msg)); 3382 con->v2.out_iter.count -= CEPH_EPILOGUE_PLAIN_LEN; 3383 queue_zeros(con); 3384 return; 3385 } 3386 3387 boundary = CEPH_EPILOGUE_PLAIN_LEN; 3388 if (resid > boundary) { 3389 resid -= boundary; 3390 dout("%s con %p was sending middle\n", __func__, con); 3391 prepare_zero_middle(con, resid); 3392 con->v2.out_iter.count -= CEPH_EPILOGUE_PLAIN_LEN; 3393 queue_zeros(con); 3394 return; 3395 } 3396 3397 WARN_ON(!resid); 3398 dout("%s con %p was sending epilogue - noop\n", __func__, con); 3399} 3400 3401void ceph_con_v2_revoke(struct ceph_connection *con) 3402{ 3403 WARN_ON(con->v2.out_zero); 3404 3405 if (con_secure(con)) { 3406 WARN_ON(con->v2.out_state != OUT_S_QUEUE_ENC_PAGE && 3407 con->v2.out_state != OUT_S_FINISH_MESSAGE); 3408 dout("%s con %p secure - noop\n", __func__, con); 3409 return; 3410 } 3411 3412 switch (con->v2.out_state) { 3413 case OUT_S_QUEUE_DATA: 3414 revoke_at_queue_data(con); 3415 break; 3416 case OUT_S_QUEUE_DATA_CONT: 3417 revoke_at_queue_data_cont(con); 3418 break; 3419 case OUT_S_FINISH_MESSAGE: 3420 revoke_at_finish_message(con); 3421 break; 3422 default: 3423 WARN(1, "bad out_state %d", con->v2.out_state); 3424 break; 3425 } 3426} 3427 3428static void revoke_at_prepare_read_data(struct ceph_connection *con) 3429{ 3430 int remaining; 3431 int resid; 3432 3433 WARN_ON(con_secure(con)); 3434 WARN_ON(!data_len(con->in_msg)); 3435 WARN_ON(!iov_iter_is_kvec(&con->v2.in_iter)); 3436 resid = iov_iter_count(&con->v2.in_iter); 3437 WARN_ON(!resid); 3438 3439 remaining = data_len(con->in_msg) + CEPH_EPILOGUE_PLAIN_LEN; 3440 dout("%s con %p resid %d remaining %d\n", __func__, con, resid, 3441 remaining); 3442 con->v2.in_iter.count -= resid; 3443 set_in_skip(con, resid + remaining); 3444 con->v2.in_state = IN_S_FINISH_SKIP; 3445} 3446 3447static void revoke_at_prepare_read_data_cont(struct ceph_connection *con) 3448{ 3449 int recved, resid; /* current piece of data */ 3450 int remaining; 3451 3452 WARN_ON(con_secure(con)); 3453 WARN_ON(!data_len(con->in_msg)); 3454 WARN_ON(!iov_iter_is_bvec(&con->v2.in_iter)); 3455 resid = iov_iter_count(&con->v2.in_iter); 3456 WARN_ON(!resid || resid > con->v2.in_bvec.bv_len); 3457 recved = con->v2.in_bvec.bv_len - resid; 3458 dout("%s con %p recved %d resid %d\n", __func__, con, recved, resid); 3459 3460 if (recved) 3461 ceph_msg_data_advance(&con->v2.in_cursor, recved); 3462 WARN_ON(resid > con->v2.in_cursor.total_resid); 3463 3464 remaining = CEPH_EPILOGUE_PLAIN_LEN; 3465 dout("%s con %p total_resid %zu remaining %d\n", __func__, con, 3466 con->v2.in_cursor.total_resid, remaining); 3467 con->v2.in_iter.count -= resid; 3468 set_in_skip(con, con->v2.in_cursor.total_resid + remaining); 3469 con->v2.in_state = IN_S_FINISH_SKIP; 3470} 3471 3472static void revoke_at_prepare_read_enc_page(struct ceph_connection *con) 3473{ 3474 int resid; /* current enc page (not necessarily data) */ 3475 3476 WARN_ON(!con_secure(con)); 3477 WARN_ON(!iov_iter_is_bvec(&con->v2.in_iter)); 3478 resid = iov_iter_count(&con->v2.in_iter); 3479 WARN_ON(!resid || resid > con->v2.in_bvec.bv_len); 3480 3481 dout("%s con %p resid %d enc_resid %d\n", __func__, con, resid, 3482 con->v2.in_enc_resid); 3483 con->v2.in_iter.count -= resid; 3484 set_in_skip(con, resid + con->v2.in_enc_resid); 3485 con->v2.in_state = IN_S_FINISH_SKIP; 3486} 3487 3488static void revoke_at_handle_epilogue(struct ceph_connection *con) 3489{ 3490 int resid; 3491 3492 resid = iov_iter_count(&con->v2.in_iter); 3493 WARN_ON(!resid); 3494 3495 dout("%s con %p resid %d\n", __func__, con, resid); 3496 con->v2.in_iter.count -= resid; 3497 set_in_skip(con, resid); 3498 con->v2.in_state = IN_S_FINISH_SKIP; 3499} 3500 3501void ceph_con_v2_revoke_incoming(struct ceph_connection *con) 3502{ 3503 switch (con->v2.in_state) { 3504 case IN_S_PREPARE_READ_DATA: 3505 revoke_at_prepare_read_data(con); 3506 break; 3507 case IN_S_PREPARE_READ_DATA_CONT: 3508 revoke_at_prepare_read_data_cont(con); 3509 break; 3510 case IN_S_PREPARE_READ_ENC_PAGE: 3511 revoke_at_prepare_read_enc_page(con); 3512 break; 3513 case IN_S_HANDLE_EPILOGUE: 3514 revoke_at_handle_epilogue(con); 3515 break; 3516 default: 3517 WARN(1, "bad in_state %d", con->v2.in_state); 3518 break; 3519 } 3520} 3521 3522bool ceph_con_v2_opened(struct ceph_connection *con) 3523{ 3524 return con->v2.peer_global_seq; 3525} 3526 3527void ceph_con_v2_reset_session(struct ceph_connection *con) 3528{ 3529 con->v2.client_cookie = 0; 3530 con->v2.server_cookie = 0; 3531 con->v2.global_seq = 0; 3532 con->v2.connect_seq = 0; 3533 con->v2.peer_global_seq = 0; 3534} 3535 3536void ceph_con_v2_reset_protocol(struct ceph_connection *con) 3537{ 3538 iov_iter_truncate(&con->v2.in_iter, 0); 3539 iov_iter_truncate(&con->v2.out_iter, 0); 3540 con->v2.out_zero = 0; 3541 3542 clear_in_sign_kvecs(con); 3543 clear_out_sign_kvecs(con); 3544 free_conn_bufs(con); 3545 3546 if (con->v2.in_enc_pages) { 3547 WARN_ON(!con->v2.in_enc_page_cnt); 3548 ceph_release_page_vector(con->v2.in_enc_pages, 3549 con->v2.in_enc_page_cnt); 3550 con->v2.in_enc_pages = NULL; 3551 con->v2.in_enc_page_cnt = 0; 3552 } 3553 if (con->v2.out_enc_pages) { 3554 WARN_ON(!con->v2.out_enc_page_cnt); 3555 ceph_release_page_vector(con->v2.out_enc_pages, 3556 con->v2.out_enc_page_cnt); 3557 con->v2.out_enc_pages = NULL; 3558 con->v2.out_enc_page_cnt = 0; 3559 } 3560 3561 con->v2.con_mode = CEPH_CON_MODE_UNKNOWN; 3562 memzero_explicit(&con->v2.in_gcm_nonce, CEPH_GCM_IV_LEN); 3563 memzero_explicit(&con->v2.out_gcm_nonce, CEPH_GCM_IV_LEN); 3564 3565 if (con->v2.hmac_tfm) { 3566 crypto_free_shash(con->v2.hmac_tfm); 3567 con->v2.hmac_tfm = NULL; 3568 } 3569 if (con->v2.gcm_req) { 3570 aead_request_free(con->v2.gcm_req); 3571 con->v2.gcm_req = NULL; 3572 } 3573 if (con->v2.gcm_tfm) { 3574 crypto_free_aead(con->v2.gcm_tfm); 3575 con->v2.gcm_tfm = NULL; 3576 } 3577}