net/ceph/auth_x.c

   1 // SPDX-License-Identifier: GPL-2.0
   2
   3 #include <linux/ceph/ceph_debug.h>
   4
   5 #include <linux/err.h>
   6 #include <linux/module.h>
   7 #include <linux/random.h>
   8 #include <linux/slab.h>
   9
  10 #include <linux/ceph/decode.h>
  11 #include <linux/ceph/auth.h>
  12 #include <linux/ceph/ceph_features.h>
  13 #include <linux/ceph/libceph.h>
  14 #include <linux/ceph/messenger.h>
  15
  16 #include "crypto.h"
  17 #include "auth_x.h"
  18 #include "auth_x_protocol.h"
  19
  20 static void ceph_x_validate_tickets(struct ceph_auth_client *ac, int *pneed);
  21
  22 static int ceph_x_is_authenticated(struct ceph_auth_client *ac)
  23 {
  24         struct ceph_x_info *xi = ac->private;
  25         int missing;
  26         int need;  /* missing + need renewal */
  27
  28         ceph_x_validate_tickets(ac, &need);
  29         missing = ac->want_keys & ~xi->have_keys;
  30         WARN_ON((need & missing) != missing);
  31         dout("%s want 0x%x have 0x%x missing 0x%x -> %d\n", __func__,
  32              ac->want_keys, xi->have_keys, missing, !missing);
  33         return !missing;
  34 }
  35
  36 static int ceph_x_should_authenticate(struct ceph_auth_client *ac)
  37 {
  38         struct ceph_x_info *xi = ac->private;
  39         int need;
  40
  41         ceph_x_validate_tickets(ac, &need);
  42         dout("%s want 0x%x have 0x%x need 0x%x -> %d\n", __func__,
  43              ac->want_keys, xi->have_keys, need, !!need);
  44         return !!need;
  45 }
  46
  47 static int ceph_x_encrypt_offset(void)
  48 {
  49         return sizeof(u32) + sizeof(struct ceph_x_encrypt_header);
  50 }
  51
  52 static int ceph_x_encrypt_buflen(int ilen)
  53 {
  54         return ceph_x_encrypt_offset() + ilen + 16;
  55 }
  56
  57 static int ceph_x_encrypt(struct ceph_crypto_key *secret, void *buf,
  58                           int buf_len, int plaintext_len)
  59 {
  60         struct ceph_x_encrypt_header *hdr = buf + sizeof(u32);
  61         int ciphertext_len;
  62         int ret;
  63
  64         hdr->struct_v = 1;
  65         hdr->magic = cpu_to_le64(CEPHX_ENC_MAGIC);
  66
  67         ret = ceph_crypt(secret, true, buf + sizeof(u32), buf_len - sizeof(u32),
  68                          plaintext_len + sizeof(struct ceph_x_encrypt_header),
  69                          &ciphertext_len);
  70         if (ret)
  71                 return ret;
  72
  73         ceph_encode_32(&buf, ciphertext_len);
  74         return sizeof(u32) + ciphertext_len;
  75 }
  76
  77 static int __ceph_x_decrypt(struct ceph_crypto_key *secret, void *p,
  78                             int ciphertext_len)
  79 {
  80         struct ceph_x_encrypt_header *hdr = p;
  81         int plaintext_len;
  82         int ret;
  83
  84         ret = ceph_crypt(secret, false, p, ciphertext_len, ciphertext_len,
  85                          &plaintext_len);
  86         if (ret)
  87                 return ret;
  88
  89         if (le64_to_cpu(hdr->magic) != CEPHX_ENC_MAGIC) {
  90                 pr_err("%s bad magic\n", __func__);
  91                 return -EINVAL;
  92         }
  93
  94         return plaintext_len - sizeof(*hdr);
  95 }
  96
  97 static int ceph_x_decrypt(struct ceph_crypto_key *secret, void **p, void *end)
  98 {
  99         int ciphertext_len;
 100         int ret;
 101
 102         ceph_decode_32_safe(p, end, ciphertext_len, e_inval);
 103         ceph_decode_need(p, end, ciphertext_len, e_inval);
 104
 105         ret = __ceph_x_decrypt(secret, *p, ciphertext_len);
 106         if (ret < 0)
 107                 return ret;
 108
 109         *p += ciphertext_len;
 110         return ret;
 111
 112 e_inval:
 113         return -EINVAL;
 114 }
 115
 116 /*
 117  * get existing (or insert new) ticket handler
 118  */
 119 static struct ceph_x_ticket_handler *
 120 get_ticket_handler(struct ceph_auth_client *ac, int service)
 121 {
 122         struct ceph_x_ticket_handler *th;
 123         struct ceph_x_info *xi = ac->private;
 124         struct rb_node *parent = NULL, **p = &xi->ticket_handlers.rb_node;
 125
 126         while (*p) {
 127                 parent = *p;
 128                 th = rb_entry(parent, struct ceph_x_ticket_handler, node);
 129                 if (service < th->service)
 130                         p = &(*p)->rb_left;
 131                 else if (service > th->service)
 132                         p = &(*p)->rb_right;
 133                 else
 134                         return th;
 135         }
 136
 137         /* add it */
 138         th = kzalloc(sizeof(*th), GFP_NOFS);
 139         if (!th)
 140                 return ERR_PTR(-ENOMEM);
 141         th->service = service;
 142         rb_link_node(&th->node, parent, p);
 143         rb_insert_color(&th->node, &xi->ticket_handlers);
 144         return th;
 145 }
 146
 147 static void remove_ticket_handler(struct ceph_auth_client *ac,
 148                                   struct ceph_x_ticket_handler *th)
 149 {
 150         struct ceph_x_info *xi = ac->private;
 151
 152         dout("remove_ticket_handler %p %d\n", th, th->service);
 153         rb_erase(&th->node, &xi->ticket_handlers);
 154         ceph_crypto_key_destroy(&th->session_key);
 155         if (th->ticket_blob)
 156                 ceph_buffer_put(th->ticket_blob);
 157         kfree(th);
 158 }
 159
 160 static int process_one_ticket(struct ceph_auth_client *ac,
 161                               struct ceph_crypto_key *secret,
 162                               void **p, void *end)
 163 {
 164         struct ceph_x_info *xi = ac->private;
 165         int type;
 166         u8 tkt_struct_v, blob_struct_v;
 167         struct ceph_x_ticket_handler *th;
 168         void *dp, *dend;
 169         int dlen;
 170         char is_enc;
 171         struct timespec64 validity;
 172         void *tp, *tpend;
 173         void **ptp;
 174         struct ceph_crypto_key new_session_key = { 0 };
 175         struct ceph_buffer *new_ticket_blob;
 176         time64_t new_expires, new_renew_after;
 177         u64 new_secret_id;
 178         int ret;
 179
 180         ceph_decode_need(p, end, sizeof(u32) + 1, bad);
 181
 182         type = ceph_decode_32(p);
 183         dout(" ticket type %d %s\n", type, ceph_entity_type_name(type));
 184
 185         tkt_struct_v = ceph_decode_8(p);
 186         if (tkt_struct_v != 1)
 187                 goto bad;
 188
 189         th = get_ticket_handler(ac, type);
 190         if (IS_ERR(th)) {
 191                 ret = PTR_ERR(th);
 192                 goto out;
 193         }
 194
 195         /* blob for me */
 196         dp = *p + ceph_x_encrypt_offset();
 197         ret = ceph_x_decrypt(secret, p, end);
 198         if (ret < 0)
 199                 goto out;
 200         dout(" decrypted %d bytes\n", ret);
 201         dend = dp + ret;
 202
 203         ceph_decode_8_safe(&dp, dend, tkt_struct_v, bad);
 204         if (tkt_struct_v != 1)
 205                 goto bad;
 206
 207         ret = ceph_crypto_key_decode(&new_session_key, &dp, dend);
 208         if (ret)
 209                 goto out;
 210
 211         ceph_decode_need(&dp, dend, sizeof(struct ceph_timespec), bad);
 212         ceph_decode_timespec64(&validity, dp);
 213         dp += sizeof(struct ceph_timespec);
 214         new_expires = ktime_get_real_seconds() + validity.tv_sec;
 215         new_renew_after = new_expires - (validity.tv_sec / 4);
 216         dout(" expires=%llu renew_after=%llu\n", new_expires,
 217              new_renew_after);
 218
 219         /* ticket blob for service */
 220         ceph_decode_8_safe(p, end, is_enc, bad);
 221         if (is_enc) {
 222                 /* encrypted */
 223                 tp = *p + ceph_x_encrypt_offset();
 224                 ret = ceph_x_decrypt(&th->session_key, p, end);
 225                 if (ret < 0)
 226                         goto out;
 227                 dout(" encrypted ticket, decrypted %d bytes\n", ret);
 228                 ptp = &tp;
 229                 tpend = tp + ret;
 230         } else {
 231                 /* unencrypted */
 232                 ptp = p;
 233                 tpend = end;
 234         }
 235         ceph_decode_32_safe(ptp, tpend, dlen, bad);
 236         dout(" ticket blob is %d bytes\n", dlen);
 237         ceph_decode_need(ptp, tpend, 1 + sizeof(u64), bad);
 238         blob_struct_v = ceph_decode_8(ptp);
 239         if (blob_struct_v != 1)
 240                 goto bad;
 241
 242         new_secret_id = ceph_decode_64(ptp);
 243         ret = ceph_decode_buffer(&new_ticket_blob, ptp, tpend);
 244         if (ret)
 245                 goto out;
 246
 247         /* all is well, update our ticket */
 248         ceph_crypto_key_destroy(&th->session_key);
 249         if (th->ticket_blob)
 250                 ceph_buffer_put(th->ticket_blob);
 251         th->session_key = new_session_key;
 252         th->ticket_blob = new_ticket_blob;
 253         th->secret_id = new_secret_id;
 254         th->expires = new_expires;
 255         th->renew_after = new_renew_after;
 256         th->have_key = true;
 257         dout(" got ticket service %d (%s) secret_id %lld len %d\n",
 258              type, ceph_entity_type_name(type), th->secret_id,
 259              (int)th->ticket_blob->vec.iov_len);
 260         xi->have_keys |= th->service;
 261         return 0;
 262
 263 bad:
 264         ret = -EINVAL;
 265 out:
 266         ceph_crypto_key_destroy(&new_session_key);
 267         return ret;
 268 }
 269
 270 static int ceph_x_proc_ticket_reply(struct ceph_auth_client *ac,
 271                                     struct ceph_crypto_key *secret,
 272                                     void **p, void *end)
 273 {
 274         u8 reply_struct_v;
 275         u32 num;
 276         int ret;
 277
 278         ceph_decode_8_safe(p, end, reply_struct_v, bad);
 279         if (reply_struct_v != 1)
 280                 return -EINVAL;
 281
 282         ceph_decode_32_safe(p, end, num, bad);
 283         dout("%d tickets\n", num);
 284
 285         while (num--) {
 286                 ret = process_one_ticket(ac, secret, p, end);
 287                 if (ret)
 288                         return ret;
 289         }
 290
 291         return 0;
 292
 293 bad:
 294         return -EINVAL;
 295 }
 296
 297 /*
 298  * Encode and encrypt the second part (ceph_x_authorize_b) of the
 299  * authorizer.  The first part (ceph_x_authorize_a) should already be
 300  * encoded.
 301  */
 302 static int encrypt_authorizer(struct ceph_x_authorizer *au,
 303                               u64 *server_challenge)
 304 {
 305         struct ceph_x_authorize_a *msg_a;
 306         struct ceph_x_authorize_b *msg_b;
 307         void *p, *end;
 308         int ret;
 309
 310         msg_a = au->buf->vec.iov_base;
 311         WARN_ON(msg_a->ticket_blob.secret_id != cpu_to_le64(au->secret_id));
 312         p = (void *)(msg_a + 1) + le32_to_cpu(msg_a->ticket_blob.blob_len);
 313         end = au->buf->vec.iov_base + au->buf->vec.iov_len;
 314
 315         msg_b = p + ceph_x_encrypt_offset();
 316         msg_b->struct_v = 2;
 317         msg_b->nonce = cpu_to_le64(au->nonce);
 318         if (server_challenge) {
 319                 msg_b->have_challenge = 1;
 320                 msg_b->server_challenge_plus_one =
 321                     cpu_to_le64(*server_challenge + 1);
 322         } else {
 323                 msg_b->have_challenge = 0;
 324                 msg_b->server_challenge_plus_one = 0;
 325         }
 326
 327         ret = ceph_x_encrypt(&au->session_key, p, end - p, sizeof(*msg_b));
 328         if (ret < 0)
 329                 return ret;
 330
 331         p += ret;
 332         if (server_challenge) {
 333                 WARN_ON(p != end);
 334         } else {
 335                 WARN_ON(p > end);
 336                 au->buf->vec.iov_len = p - au->buf->vec.iov_base;
 337         }
 338
 339         return 0;
 340 }
 341
 342 static void ceph_x_authorizer_cleanup(struct ceph_x_authorizer *au)
 343 {
 344         ceph_crypto_key_destroy(&au->session_key);
 345         if (au->buf) {
 346                 ceph_buffer_put(au->buf);
 347                 au->buf = NULL;
 348         }
 349 }
 350
 351 static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
 352                                    struct ceph_x_ticket_handler *th,
 353                                    struct ceph_x_authorizer *au)
 354 {
 355         int maxlen;
 356         struct ceph_x_authorize_a *msg_a;
 357         struct ceph_x_authorize_b *msg_b;
 358         int ret;
 359         int ticket_blob_len =
 360                 (th->ticket_blob ? th->ticket_blob->vec.iov_len : 0);
 361
 362         dout("build_authorizer for %s %p\n",
 363              ceph_entity_type_name(th->service), au);
 364
 365         ceph_crypto_key_destroy(&au->session_key);
 366         ret = ceph_crypto_key_clone(&au->session_key, &th->session_key);
 367         if (ret)
 368                 goto out_au;
 369
 370         maxlen = sizeof(*msg_a) + ticket_blob_len +
 371                 ceph_x_encrypt_buflen(sizeof(*msg_b));
 372         dout("  need len %d\n", maxlen);
 373         if (au->buf && au->buf->alloc_len < maxlen) {
 374                 ceph_buffer_put(au->buf);
 375                 au->buf = NULL;
 376         }
 377         if (!au->buf) {
 378                 au->buf = ceph_buffer_new(maxlen, GFP_NOFS);
 379                 if (!au->buf) {
 380                         ret = -ENOMEM;
 381                         goto out_au;
 382                 }
 383         }
 384         au->service = th->service;
 385         WARN_ON(!th->secret_id);
 386         au->secret_id = th->secret_id;
 387
 388         msg_a = au->buf->vec.iov_base;
 389         msg_a->struct_v = 1;
 390         msg_a->global_id = cpu_to_le64(ac->global_id);
 391         msg_a->service_id = cpu_to_le32(th->service);
 392         msg_a->ticket_blob.struct_v = 1;
 393         msg_a->ticket_blob.secret_id = cpu_to_le64(th->secret_id);
 394         msg_a->ticket_blob.blob_len = cpu_to_le32(ticket_blob_len);
 395         if (ticket_blob_len) {
 396                 memcpy(msg_a->ticket_blob.blob, th->ticket_blob->vec.iov_base,
 397                        th->ticket_blob->vec.iov_len);
 398         }
 399         dout(" th %p secret_id %lld %lld\n", th, th->secret_id,
 400              le64_to_cpu(msg_a->ticket_blob.secret_id));
 401
 402         get_random_bytes(&au->nonce, sizeof(au->nonce));
 403         ret = encrypt_authorizer(au, NULL);
 404         if (ret) {
 405                 pr_err("failed to encrypt authorizer: %d", ret);
 406                 goto out_au;
 407         }
 408
 409         dout(" built authorizer nonce %llx len %d\n", au->nonce,
 410              (int)au->buf->vec.iov_len);
 411         return 0;
 412
 413 out_au:
 414         ceph_x_authorizer_cleanup(au);
 415         return ret;
 416 }
 417
 418 static int ceph_x_encode_ticket(struct ceph_x_ticket_handler *th,
 419                                 void **p, void *end)
 420 {
 421         ceph_decode_need(p, end, 1 + sizeof(u64), bad);
 422         ceph_encode_8(p, 1);
 423         ceph_encode_64(p, th->secret_id);
 424         if (th->ticket_blob) {
 425                 const char *buf = th->ticket_blob->vec.iov_base;
 426                 u32 len = th->ticket_blob->vec.iov_len;
 427
 428                 ceph_encode_32_safe(p, end, len, bad);
 429                 ceph_encode_copy_safe(p, end, buf, len, bad);
 430         } else {
 431                 ceph_encode_32_safe(p, end, 0, bad);
 432         }
 433
 434         return 0;
 435 bad:
 436         return -ERANGE;
 437 }
 438
 439 static bool need_key(struct ceph_x_ticket_handler *th)
 440 {
 441         if (!th->have_key)
 442                 return true;
 443
 444         return ktime_get_real_seconds() >= th->renew_after;
 445 }
 446
 447 static bool have_key(struct ceph_x_ticket_handler *th)
 448 {
 449         if (th->have_key && ktime_get_real_seconds() >= th->expires) {
 450                 dout("ticket %d (%s) secret_id %llu expired\n", th->service,
 451                      ceph_entity_type_name(th->service), th->secret_id);
 452                 th->have_key = false;
 453         }
 454
 455         return th->have_key;
 456 }
 457
 458 static void ceph_x_validate_tickets(struct ceph_auth_client *ac, int *pneed)
 459 {
 460         int want = ac->want_keys;
 461         struct ceph_x_info *xi = ac->private;
 462         int service;
 463
 464         *pneed = ac->want_keys & ~(xi->have_keys);
 465
 466         for (service = 1; service <= want; service <<= 1) {
 467                 struct ceph_x_ticket_handler *th;
 468
 469                 if (!(ac->want_keys & service))
 470                         continue;
 471
 472                 if (*pneed & service)
 473                         continue;
 474
 475                 th = get_ticket_handler(ac, service);
 476                 if (IS_ERR(th)) {
 477                         *pneed |= service;
 478                         continue;
 479                 }
 480
 481                 if (need_key(th))
 482                         *pneed |= service;
 483                 if (!have_key(th))
 484                         xi->have_keys &= ~service;
 485         }
 486 }
 487
 488 static int ceph_x_build_request(struct ceph_auth_client *ac,
 489                                 void *buf, void *end)
 490 {
 491         struct ceph_x_info *xi = ac->private;
 492         int need;
 493         struct ceph_x_request_header *head = buf;
 494         void *p;
 495         int ret;
 496         struct ceph_x_ticket_handler *th =
 497                 get_ticket_handler(ac, CEPH_ENTITY_TYPE_AUTH);
 498
 499         if (IS_ERR(th))
 500                 return PTR_ERR(th);
 501
 502         ceph_x_validate_tickets(ac, &need);
 503         dout("%s want 0x%x have 0x%x need 0x%x\n", __func__, ac->want_keys,
 504              xi->have_keys, need);
 505
 506         if (need & CEPH_ENTITY_TYPE_AUTH) {
 507                 struct ceph_x_authenticate *auth = (void *)(head + 1);
 508                 void *enc_buf = xi->auth_authorizer.enc_buf;
 509                 struct ceph_x_challenge_blob *blob = enc_buf +
 510                                                         ceph_x_encrypt_offset();
 511                 u64 *u;
 512
 513                 p = auth + 1;
 514                 if (p > end)
 515                         return -ERANGE;
 516
 517                 dout(" get_auth_session_key\n");
 518                 head->op = cpu_to_le16(CEPHX_GET_AUTH_SESSION_KEY);
 519
 520                 /* encrypt and hash */
 521                 get_random_bytes(&auth->client_challenge, sizeof(u64));
 522                 blob->client_challenge = auth->client_challenge;
 523                 blob->server_challenge = cpu_to_le64(xi->server_challenge);
 524                 ret = ceph_x_encrypt(&xi->secret, enc_buf, CEPHX_AU_ENC_BUF_LEN,
 525                                      sizeof(*blob));
 526                 if (ret < 0)
 527                         return ret;
 528
 529                 auth->struct_v = 2;  /* nautilus+ */
 530                 auth->key = 0;
 531                 for (u = (u64 *)enc_buf; u + 1 <= (u64 *)(enc_buf + ret); u++)
 532                         auth->key ^= *(__le64 *)u;
 533                 dout(" server_challenge %llx client_challenge %llx key %llx\n",
 534                      xi->server_challenge, le64_to_cpu(auth->client_challenge),
 535                      le64_to_cpu(auth->key));
 536
 537                 /* now encode the old ticket if exists */
 538                 ret = ceph_x_encode_ticket(th, &p, end);
 539                 if (ret < 0)
 540                         return ret;
 541
 542                 /* nautilus+: request service tickets at the same time */
 543                 need = ac->want_keys & ~CEPH_ENTITY_TYPE_AUTH;
 544                 WARN_ON(!need);
 545                 ceph_encode_32_safe(&p, end, need, e_range);
 546                 return p - buf;
 547         }
 548
 549         if (need) {
 550                 dout(" get_principal_session_key\n");
 551                 ret = ceph_x_build_authorizer(ac, th, &xi->auth_authorizer);
 552                 if (ret)
 553                         return ret;
 554
 555                 p = buf;
 556                 ceph_encode_16_safe(&p, end, CEPHX_GET_PRINCIPAL_SESSION_KEY,
 557                                     e_range);
 558                 ceph_encode_copy_safe(&p, end,
 559                         xi->auth_authorizer.buf->vec.iov_base,
 560                         xi->auth_authorizer.buf->vec.iov_len, e_range);
 561                 ceph_encode_8_safe(&p, end, 1, e_range);
 562                 ceph_encode_32_safe(&p, end, need, e_range);
 563                 return p - buf;
 564         }
 565
 566         return 0;
 567
 568 e_range:
 569         return -ERANGE;
 570 }
 571
 572 static int handle_auth_session_key(struct ceph_auth_client *ac,
 573                                    void **p, void *end,
 574                                    u8 *session_key, int *session_key_len,
 575                                    u8 *con_secret, int *con_secret_len)
 576 {
 577         struct ceph_x_info *xi = ac->private;
 578         struct ceph_x_ticket_handler *th;
 579         void *dp, *dend;
 580         int len;
 581         int ret;
 582
 583         /* AUTH ticket */
 584         ret = ceph_x_proc_ticket_reply(ac, &xi->secret, p, end);
 585         if (ret)
 586                 return ret;
 587
 588         if (*p == end) {
 589                 /* pre-nautilus (or didn't request service tickets!) */
 590                 WARN_ON(session_key || con_secret);
 591                 return 0;
 592         }
 593
 594         th = get_ticket_handler(ac, CEPH_ENTITY_TYPE_AUTH);
 595         if (IS_ERR(th))
 596                 return PTR_ERR(th);
 597
 598         if (session_key) {
 599                 memcpy(session_key, th->session_key.key, th->session_key.len);
 600                 *session_key_len = th->session_key.len;
 601         }
 602
 603         /* connection secret */
 604         ceph_decode_32_safe(p, end, len, e_inval);
 605         dout("%s connection secret blob len %d\n", __func__, len);
 606         if (len > 0) {
 607                 dp = *p + ceph_x_encrypt_offset();
 608                 ret = ceph_x_decrypt(&th->session_key, p, *p + len);
 609                 if (ret < 0)
 610                         return ret;
 611
 612                 dout("%s decrypted %d bytes\n", __func__, ret);
 613                 dend = dp + ret;
 614
 615                 ceph_decode_32_safe(&dp, dend, len, e_inval);
 616                 if (len > CEPH_MAX_CON_SECRET_LEN) {
 617                         pr_err("connection secret too big %d\n", len);
 618                         return -EINVAL;
 619                 }
 620
 621                 dout("%s connection secret len %d\n", __func__, len);
 622                 if (con_secret) {
 623                         memcpy(con_secret, dp, len);
 624                         *con_secret_len = len;
 625                 }
 626         }
 627
 628         /* service tickets */
 629         ceph_decode_32_safe(p, end, len, e_inval);
 630         dout("%s service tickets blob len %d\n", __func__, len);
 631         if (len > 0) {
 632                 ret = ceph_x_proc_ticket_reply(ac, &th->session_key,
 633                                                p, *p + len);
 634                 if (ret)
 635                         return ret;
 636         }
 637
 638         return 0;
 639
 640 e_inval:
 641         return -EINVAL;
 642 }
 643
 644 static int ceph_x_handle_reply(struct ceph_auth_client *ac, int result,
 645                                void *buf, void *end,
 646                                u8 *session_key, int *session_key_len,
 647                                u8 *con_secret, int *con_secret_len)
 648 {
 649         struct ceph_x_info *xi = ac->private;
 650         struct ceph_x_ticket_handler *th;
 651         int len = end - buf;
 652         void *p;
 653         int op;
 654         int ret;
 655
 656         if (result)
 657                 return result;  /* XXX hmm? */
 658
 659         if (xi->starting) {
 660                 /* it's a hello */
 661                 struct ceph_x_server_challenge *sc = buf;
 662
 663                 if (len != sizeof(*sc))
 664                         return -EINVAL;
 665                 xi->server_challenge = le64_to_cpu(sc->server_challenge);
 666                 dout("handle_reply got server challenge %llx\n",
 667                      xi->server_challenge);
 668                 xi->starting = false;
 669                 xi->have_keys &= ~CEPH_ENTITY_TYPE_AUTH;
 670                 return -EAGAIN;
 671         }
 672
 673         p = buf;
 674         ceph_decode_16_safe(&p, end, op, e_inval);
 675         ceph_decode_32_safe(&p, end, result, e_inval);
 676         dout("handle_reply op %d result %d\n", op, result);
 677         switch (op) {
 678         case CEPHX_GET_AUTH_SESSION_KEY:
 679                 /* AUTH ticket + [connection secret] + service tickets */
 680                 ret = handle_auth_session_key(ac, &p, end, session_key,
 681                                               session_key_len, con_secret,
 682                                               con_secret_len);
 683                 break;
 684
 685         case CEPHX_GET_PRINCIPAL_SESSION_KEY:
 686                 th = get_ticket_handler(ac, CEPH_ENTITY_TYPE_AUTH);
 687                 if (IS_ERR(th))
 688                         return PTR_ERR(th);
 689
 690                 /* service tickets */
 691                 ret = ceph_x_proc_ticket_reply(ac, &th->session_key, &p, end);
 692                 break;
 693
 694         default:
 695                 return -EINVAL;
 696         }
 697         if (ret)
 698                 return ret;
 699         if (ac->want_keys == xi->have_keys)
 700                 return 0;
 701         return -EAGAIN;
 702
 703 e_inval:
 704         return -EINVAL;
 705 }
 706
 707 static void ceph_x_destroy_authorizer(struct ceph_authorizer *a)
 708 {
 709         struct ceph_x_authorizer *au = (void *)a;
 710
 711         ceph_x_authorizer_cleanup(au);
 712         kfree(au);
 713 }
 714
 715 static int ceph_x_create_authorizer(
 716         struct ceph_auth_client *ac, int peer_type,
 717         struct ceph_auth_handshake *auth)
 718 {
 719         struct ceph_x_authorizer *au;
 720         struct ceph_x_ticket_handler *th;
 721         int ret;
 722
 723         th = get_ticket_handler(ac, peer_type);
 724         if (IS_ERR(th))
 725                 return PTR_ERR(th);
 726
 727         au = kzalloc(sizeof(*au), GFP_NOFS);
 728         if (!au)
 729                 return -ENOMEM;
 730
 731         au->base.destroy = ceph_x_destroy_authorizer;
 732
 733         ret = ceph_x_build_authorizer(ac, th, au);
 734         if (ret) {
 735                 kfree(au);
 736                 return ret;
 737         }
 738
 739         auth->authorizer = (struct ceph_authorizer *) au;
 740         auth->authorizer_buf = au->buf->vec.iov_base;
 741         auth->authorizer_buf_len = au->buf->vec.iov_len;
 742         auth->authorizer_reply_buf = au->enc_buf;
 743         auth->authorizer_reply_buf_len = CEPHX_AU_ENC_BUF_LEN;
 744         auth->sign_message = ac->ops->sign_message;
 745         auth->check_message_signature = ac->ops->check_message_signature;
 746
 747         return 0;
 748 }
 749
 750 static int ceph_x_update_authorizer(
 751         struct ceph_auth_client *ac, int peer_type,
 752         struct ceph_auth_handshake *auth)
 753 {
 754         struct ceph_x_authorizer *au;
 755         struct ceph_x_ticket_handler *th;
 756
 757         th = get_ticket_handler(ac, peer_type);
 758         if (IS_ERR(th))
 759                 return PTR_ERR(th);
 760
 761         au = (struct ceph_x_authorizer *)auth->authorizer;
 762         if (au->secret_id < th->secret_id) {
 763                 dout("ceph_x_update_authorizer service %u secret %llu < %llu\n",
 764                      au->service, au->secret_id, th->secret_id);
 765                 return ceph_x_build_authorizer(ac, th, au);
 766         }
 767         return 0;
 768 }
 769
 770 /*
 771  * CephXAuthorizeChallenge
 772  */
 773 static int decrypt_authorizer_challenge(struct ceph_crypto_key *secret,
 774                                         void *challenge, int challenge_len,
 775                                         u64 *server_challenge)
 776 {
 777         void *dp, *dend;
 778         int ret;
 779
 780         /* no leading len */
 781         ret = __ceph_x_decrypt(secret, challenge, challenge_len);
 782         if (ret < 0)
 783                 return ret;
 784
 785         dout("%s decrypted %d bytes\n", __func__, ret);
 786         dp = challenge + sizeof(struct ceph_x_encrypt_header);
 787         dend = dp + ret;
 788
 789         ceph_decode_skip_8(&dp, dend, e_inval);  /* struct_v */
 790         ceph_decode_64_safe(&dp, dend, *server_challenge, e_inval);
 791         dout("%s server_challenge %llu\n", __func__, *server_challenge);
 792         return 0;
 793
 794 e_inval:
 795         return -EINVAL;
 796 }
 797
 798 static int ceph_x_add_authorizer_challenge(struct ceph_auth_client *ac,
 799                                            struct ceph_authorizer *a,
 800                                            void *challenge, int challenge_len)
 801 {
 802         struct ceph_x_authorizer *au = (void *)a;
 803         u64 server_challenge;
 804         int ret;
 805
 806         ret = decrypt_authorizer_challenge(&au->session_key, challenge,
 807                                            challenge_len, &server_challenge);
 808         if (ret) {
 809                 pr_err("failed to decrypt authorize challenge: %d", ret);
 810                 return ret;
 811         }
 812
 813         ret = encrypt_authorizer(au, &server_challenge);
 814         if (ret) {
 815                 pr_err("failed to encrypt authorizer w/ challenge: %d", ret);
 816                 return ret;
 817         }
 818
 819         return 0;
 820 }
 821
 822 /*
 823  * CephXAuthorizeReply
 824  */
 825 static int decrypt_authorizer_reply(struct ceph_crypto_key *secret,
 826                                     void **p, void *end, u64 *nonce_plus_one,
 827                                     u8 *con_secret, int *con_secret_len)
 828 {
 829         void *dp, *dend;
 830         u8 struct_v;
 831         int len;
 832         int ret;
 833
 834         dp = *p + ceph_x_encrypt_offset();
 835         ret = ceph_x_decrypt(secret, p, end);
 836         if (ret < 0)
 837                 return ret;
 838
 839         dout("%s decrypted %d bytes\n", __func__, ret);
 840         dend = dp + ret;
 841
 842         ceph_decode_8_safe(&dp, dend, struct_v, e_inval);
 843         ceph_decode_64_safe(&dp, dend, *nonce_plus_one, e_inval);
 844         dout("%s nonce_plus_one %llu\n", __func__, *nonce_plus_one);
 845         if (struct_v >= 2) {
 846                 ceph_decode_32_safe(&dp, dend, len, e_inval);
 847                 if (len > CEPH_MAX_CON_SECRET_LEN) {
 848                         pr_err("connection secret too big %d\n", len);
 849                         return -EINVAL;
 850                 }
 851
 852                 dout("%s connection secret len %d\n", __func__, len);
 853                 if (con_secret) {
 854                         memcpy(con_secret, dp, len);
 855                         *con_secret_len = len;
 856                 }
 857         }
 858
 859         return 0;
 860
 861 e_inval:
 862         return -EINVAL;
 863 }
 864
 865 static int ceph_x_verify_authorizer_reply(struct ceph_auth_client *ac,
 866                                           struct ceph_authorizer *a,
 867                                           void *reply, int reply_len,
 868                                           u8 *session_key, int *session_key_len,
 869                                           u8 *con_secret, int *con_secret_len)
 870 {
 871         struct ceph_x_authorizer *au = (void *)a;
 872         u64 nonce_plus_one;
 873         int ret;
 874
 875         if (session_key) {
 876                 memcpy(session_key, au->session_key.key, au->session_key.len);
 877                 *session_key_len = au->session_key.len;
 878         }
 879
 880         ret = decrypt_authorizer_reply(&au->session_key, &reply,
 881                                        reply + reply_len, &nonce_plus_one,
 882                                        con_secret, con_secret_len);
 883         if (ret)
 884                 return ret;
 885
 886         if (nonce_plus_one != au->nonce + 1) {
 887                 pr_err("failed to authenticate server\n");
 888                 return -EPERM;
 889         }
 890
 891         return 0;
 892 }
 893
 894 static void ceph_x_reset(struct ceph_auth_client *ac)
 895 {
 896         struct ceph_x_info *xi = ac->private;
 897
 898         dout("reset\n");
 899         xi->starting = true;
 900         xi->server_challenge = 0;
 901 }
 902
 903 static void ceph_x_destroy(struct ceph_auth_client *ac)
 904 {
 905         struct ceph_x_info *xi = ac->private;
 906         struct rb_node *p;
 907
 908         dout("ceph_x_destroy %p\n", ac);
 909         ceph_crypto_key_destroy(&xi->secret);
 910
 911         while ((p = rb_first(&xi->ticket_handlers)) != NULL) {
 912                 struct ceph_x_ticket_handler *th =
 913                         rb_entry(p, struct ceph_x_ticket_handler, node);
 914                 remove_ticket_handler(ac, th);
 915         }
 916
 917         ceph_x_authorizer_cleanup(&xi->auth_authorizer);
 918
 919         kfree(ac->private);
 920         ac->private = NULL;
 921 }
 922
 923 static void invalidate_ticket(struct ceph_auth_client *ac, int peer_type)
 924 {
 925         struct ceph_x_ticket_handler *th;
 926
 927         th = get_ticket_handler(ac, peer_type);
 928         if (IS_ERR(th))
 929                 return;
 930
 931         if (th->have_key) {
 932                 dout("ticket %d (%s) secret_id %llu invalidated\n",
 933                      th->service, ceph_entity_type_name(th->service),
 934                      th->secret_id);
 935                 th->have_key = false;
 936         }
 937 }
 938
 939 static void ceph_x_invalidate_authorizer(struct ceph_auth_client *ac,
 940                                          int peer_type)
 941 {
 942         /*
 943          * We are to invalidate a service ticket in the hopes of
 944          * getting a new, hopefully more valid, one.  But, we won't get
 945          * it unless our AUTH ticket is good, so invalidate AUTH ticket
 946          * as well, just in case.
 947          */
 948         invalidate_ticket(ac, peer_type);
 949         invalidate_ticket(ac, CEPH_ENTITY_TYPE_AUTH);
 950 }
 951
 952 static int calc_signature(struct ceph_x_authorizer *au, struct ceph_msg *msg,
 953                           __le64 *psig)
 954 {
 955         void *enc_buf = au->enc_buf;
 956         int ret;
 957
 958         if (!CEPH_HAVE_FEATURE(msg->con->peer_features, CEPHX_V2)) {
 959                 struct {
 960                         __le32 len;
 961                         __le32 header_crc;
 962                         __le32 front_crc;
 963                         __le32 middle_crc;
 964                         __le32 data_crc;
 965                 } __packed *sigblock = enc_buf + ceph_x_encrypt_offset();
 966
 967                 sigblock->len = cpu_to_le32(4*sizeof(u32));
 968                 sigblock->header_crc = msg->hdr.crc;
 969                 sigblock->front_crc = msg->footer.front_crc;
 970                 sigblock->middle_crc = msg->footer.middle_crc;
 971                 sigblock->data_crc =  msg->footer.data_crc;
 972
 973                 ret = ceph_x_encrypt(&au->session_key, enc_buf,
 974                                      CEPHX_AU_ENC_BUF_LEN, sizeof(*sigblock));
 975                 if (ret < 0)
 976                         return ret;
 977
 978                 *psig = *(__le64 *)(enc_buf + sizeof(u32));
 979         } else {
 980                 struct {
 981                         __le32 header_crc;
 982                         __le32 front_crc;
 983                         __le32 front_len;
 984                         __le32 middle_crc;
 985                         __le32 middle_len;
 986                         __le32 data_crc;
 987                         __le32 data_len;
 988                         __le32 seq_lower_word;
 989                 } __packed *sigblock = enc_buf;
 990                 struct {
 991                         __le64 a, b, c, d;
 992                 } __packed *penc = enc_buf;
 993                 int ciphertext_len;
 994
 995                 sigblock->header_crc = msg->hdr.crc;
 996                 sigblock->front_crc = msg->footer.front_crc;
 997                 sigblock->front_len = msg->hdr.front_len;
 998                 sigblock->middle_crc = msg->footer.middle_crc;
 999                 sigblock->middle_len = msg->hdr.middle_len;
1000                 sigblock->data_crc =  msg->footer.data_crc;
1001                 sigblock->data_len = msg->hdr.data_len;
1002                 sigblock->seq_lower_word = *(__le32 *)&msg->hdr.seq;
1003
1004                 /* no leading len, no ceph_x_encrypt_header */
1005                 ret = ceph_crypt(&au->session_key, true, enc_buf,
1006                                  CEPHX_AU_ENC_BUF_LEN, sizeof(*sigblock),
1007                                  &ciphertext_len);
1008                 if (ret)
1009                         return ret;
1010
1011                 *psig = penc->a ^ penc->b ^ penc->c ^ penc->d;
1012         }
1013
1014         return 0;
1015 }
1016
1017 static int ceph_x_sign_message(struct ceph_auth_handshake *auth,
1018                                struct ceph_msg *msg)
1019 {
1020         __le64 sig;
1021         int ret;
1022
1023         if (ceph_test_opt(from_msgr(msg->con->msgr), NOMSGSIGN))
1024                 return 0;
1025
1026         ret = calc_signature((struct ceph_x_authorizer *)auth->authorizer,
1027                              msg, &sig);
1028         if (ret)
1029                 return ret;
1030
1031         msg->footer.sig = sig;
1032         msg->footer.flags |= CEPH_MSG_FOOTER_SIGNED;
1033         return 0;
1034 }
1035
1036 static int ceph_x_check_message_signature(struct ceph_auth_handshake *auth,
1037                                           struct ceph_msg *msg)
1038 {
1039         __le64 sig_check;
1040         int ret;
1041
1042         if (ceph_test_opt(from_msgr(msg->con->msgr), NOMSGSIGN))
1043                 return 0;
1044
1045         ret = calc_signature((struct ceph_x_authorizer *)auth->authorizer,
1046                              msg, &sig_check);
1047         if (ret)
1048                 return ret;
1049         if (sig_check == msg->footer.sig)
1050                 return 0;
1051         if (msg->footer.flags & CEPH_MSG_FOOTER_SIGNED)
1052                 dout("ceph_x_check_message_signature %p has signature %llx "
1053                      "expect %llx\n", msg, msg->footer.sig, sig_check);
1054         else
1055                 dout("ceph_x_check_message_signature %p sender did not set "
1056                      "CEPH_MSG_FOOTER_SIGNED\n", msg);
1057         return -EBADMSG;
1058 }
1059
1060 static const struct ceph_auth_client_ops ceph_x_ops = {
1061         .is_authenticated = ceph_x_is_authenticated,
1062         .should_authenticate = ceph_x_should_authenticate,
1063         .build_request = ceph_x_build_request,
1064         .handle_reply = ceph_x_handle_reply,
1065         .create_authorizer = ceph_x_create_authorizer,
1066         .update_authorizer = ceph_x_update_authorizer,
1067         .add_authorizer_challenge = ceph_x_add_authorizer_challenge,
1068         .verify_authorizer_reply = ceph_x_verify_authorizer_reply,
1069         .invalidate_authorizer = ceph_x_invalidate_authorizer,
1070         .reset =  ceph_x_reset,
1071         .destroy = ceph_x_destroy,
1072         .sign_message = ceph_x_sign_message,
1073         .check_message_signature = ceph_x_check_message_signature,
1074 };
1075
1076
1077 int ceph_x_init(struct ceph_auth_client *ac)
1078 {
1079         struct ceph_x_info *xi;
1080         int ret;
1081
1082         dout("ceph_x_init %p\n", ac);
1083         ret = -ENOMEM;
1084         xi = kzalloc(sizeof(*xi), GFP_NOFS);
1085         if (!xi)
1086                 goto out;
1087
1088         ret = -EINVAL;
1089         if (!ac->key) {
1090                 pr_err("no secret set (for auth_x protocol)\n");
1091                 goto out_nomem;
1092         }
1093
1094         ret = ceph_crypto_key_clone(&xi->secret, ac->key);
1095         if (ret < 0) {
1096                 pr_err("cannot clone key: %d\n", ret);
1097                 goto out_nomem;
1098         }
1099
1100         xi->starting = true;
1101         xi->ticket_handlers = RB_ROOT;
1102
1103         ac->protocol = CEPH_AUTH_CEPHX;
1104         ac->private = xi;
1105         ac->ops = &ceph_x_ops;
1106         return 0;
1107
1108 out_nomem:
1109         kfree(xi);
1110 out:
1111         return ret;
1112 }