Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / 06f2cb14aecf9d8a606db271d1723ee49b050c99 / . / include / linux / ceph / auth.h
blob: 6728c2ee0205d3770286400839f22c7bfeccdfc1 [file] [log] [blame]
Greg Kroah-Hartmanb2441312017-11-01 15:07:57 +0100[diff] [blame]1/* SPDX-License-Identifier: GPL-2.0 */
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]2#ifndef _FS_CEPH_AUTH_H
3#define _FS_CEPH_AUTH_H
4
Yehuda Sadeh3d14c5d2010-04-06 15:14:15 -0700[diff] [blame]5#include <linux/ceph/types.h>
6#include <linux/ceph/buffer.h>
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]7
8/*
9 * Abstract interface for communicating with the authenticate module.
10 * There is some handshake that takes place between us and the monitor
11 * to acquire the necessary keys. These are used to generate an
12 * 'authorizer' that we use when connecting to a service (mds, osd).
13 */
14
15struct ceph_auth_client;
Yan, Zheng33d07332014-11-04 16:33:37 +0800[diff] [blame]16struct ceph_msg;
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]17
Ilya Dryomov6c1ea262016-04-11 19:34:49 +0200[diff] [blame]18struct ceph_authorizer {
19 void (*destroy)(struct ceph_authorizer *);
20};
21
Alex Elder6c4a1912012-05-16 15:16:38 -0500[diff] [blame]22struct ceph_auth_handshake {
23 struct ceph_authorizer *authorizer;
24 void *authorizer_buf;
25 size_t authorizer_buf_len;
26 void *authorizer_reply_buf;
27 size_t authorizer_reply_buf_len;
Yan, Zheng33d07332014-11-04 16:33:37 +0800[diff] [blame]28 int (*sign_message)(struct ceph_auth_handshake *auth,
29 struct ceph_msg *msg);
30 int (*check_message_signature)(struct ceph_auth_handshake *auth,
31 struct ceph_msg *msg);
Alex Elder6c4a1912012-05-16 15:16:38 -0500[diff] [blame]32};
33
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]34struct ceph_auth_client_ops {
Sage Weil559c1e02010-05-14 09:55:18 -0700[diff] [blame]35 const char *name;
36
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]37 /*
38 * true if we are authenticated and can connect to
39 * services.
40 */
41 int (*is_authenticated)(struct ceph_auth_client *ac);
42
43 /*
Sage Weila41359f2010-05-25 15:39:06 -0700[diff] [blame]44 * true if we should (re)authenticate, e.g., when our tickets
45 * are getting old and crusty.
46 */
47 int (*should_authenticate)(struct ceph_auth_client *ac);
48
49 /*
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]50 * build requests and process replies during monitor
51 * handshake. if handle_reply returns -EAGAIN, we build
52 * another request.
53 */
54 int (*build_request)(struct ceph_auth_client *ac, void *buf, void *end);
55 int (*handle_reply)(struct ceph_auth_client *ac, int result,
56 void *buf, void *end);
57
58 /*
59 * Create authorizer for connecting to a service, and verify
60 * the response to authenticate the service.
61 */
62 int (*create_authorizer)(struct ceph_auth_client *ac, int peer_type,
Alex Elder74f18692012-05-16 15:16:39 -0500[diff] [blame]63 struct ceph_auth_handshake *auth);
Sage Weil0bed9b52013-03-25 10:26:01 -0700[diff] [blame]64 /* ensure that an existing authorizer is up to date */
65 int (*update_authorizer)(struct ceph_auth_client *ac, int peer_type,
66 struct ceph_auth_handshake *auth);
Ilya Dryomov6daca132018-07-27 19:18:34 +0200[diff] [blame]67 int (*add_authorizer_challenge)(struct ceph_auth_client *ac,
68 struct ceph_authorizer *a,
69 void *challenge_buf,
70 int challenge_buf_len);
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]71 int (*verify_authorizer_reply)(struct ceph_auth_client *ac,
Ilya Dryomov0dde5842016-12-02 16:35:09 +0100[diff] [blame]72 struct ceph_authorizer *a);
Sage Weil9bd2e6f2010-02-02 16:21:06 -0800[diff] [blame]73 void (*invalidate_authorizer)(struct ceph_auth_client *ac,
74 int peer_type);
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]75
76 /* reset when we (re)connect to a monitor */
77 void (*reset)(struct ceph_auth_client *ac);
78
79 void (*destroy)(struct ceph_auth_client *ac);
Yan, Zheng33d07332014-11-04 16:33:37 +0800[diff] [blame]80
81 int (*sign_message)(struct ceph_auth_handshake *auth,
82 struct ceph_msg *msg);
83 int (*check_message_signature)(struct ceph_auth_handshake *auth,
84 struct ceph_msg *msg);
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]85};
86
87struct ceph_auth_client {
88 u32 protocol; /* CEPH_AUTH_* */
89 void *private; /* for use by protocol implementation */
90 const struct ceph_auth_client_ops *ops; /* null iff protocol==0 */
91
92 bool negotiating; /* true if negotiating protocol */
93 const char *name; /* entity name */
94 u64 global_id; /* our unique id in system */
Tommi Virtanen8323c3a2011-03-25 16:32:57 -0700[diff] [blame]95 const struct ceph_crypto_key *key; /* our secret key */
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]96 unsigned want_keys; /* which services we want */
Sage Weile9966072013-03-25 10:26:30 -0700[diff] [blame]97
98 struct mutex mutex;
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]99};
100
101extern struct ceph_auth_client *ceph_auth_init(const char *name,
Tommi Virtanen8323c3a2011-03-25 16:32:57 -0700[diff] [blame]102 const struct ceph_crypto_key *key);
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]103extern void ceph_auth_destroy(struct ceph_auth_client *ac);
104
105extern void ceph_auth_reset(struct ceph_auth_client *ac);
106
107extern int ceph_auth_build_hello(struct ceph_auth_client *ac,
108 void *buf, size_t len);
109extern int ceph_handle_auth_reply(struct ceph_auth_client *ac,
110 void *buf, size_t len,
111 void *reply_buf, size_t reply_len);
Ilya Dryomovf01d5cb2016-06-02 16:45:08 +0200[diff] [blame]112int ceph_auth_entity_name_encode(const char *name, void **p, void *end);
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]113
Sage Weil9bd2e6f2010-02-02 16:21:06 -0800[diff] [blame]114extern int ceph_build_auth(struct ceph_auth_client *ac,
115 void *msg_buf, size_t msg_len);
116
117extern int ceph_auth_is_authenticated(struct ceph_auth_client *ac);
Sage Weil27859f92013-03-25 10:26:14 -0700[diff] [blame]118extern int ceph_auth_create_authorizer(struct ceph_auth_client *ac,
119 int peer_type,
120 struct ceph_auth_handshake *auth);
Ilya Dryomov6c1ea262016-04-11 19:34:49 +0200[diff] [blame]121void ceph_auth_destroy_authorizer(struct ceph_authorizer *a);
Sage Weil27859f92013-03-25 10:26:14 -0700[diff] [blame]122extern int ceph_auth_update_authorizer(struct ceph_auth_client *ac,
123 int peer_type,
124 struct ceph_auth_handshake *a);
Ilya Dryomov6daca132018-07-27 19:18:34 +0200[diff] [blame]125int ceph_auth_add_authorizer_challenge(struct ceph_auth_client *ac,
126 struct ceph_authorizer *a,
127 void *challenge_buf,
128 int challenge_buf_len);
Sage Weil27859f92013-03-25 10:26:14 -0700[diff] [blame]129extern int ceph_auth_verify_authorizer_reply(struct ceph_auth_client *ac,
Ilya Dryomov0dde5842016-12-02 16:35:09 +0100[diff] [blame]130 struct ceph_authorizer *a);
Sage Weil27859f92013-03-25 10:26:14 -0700[diff] [blame]131extern void ceph_auth_invalidate_authorizer(struct ceph_auth_client *ac,
132 int peer_type);
Sage Weil9bd2e6f2010-02-02 16:21:06 -0800[diff] [blame]133
Yan, Zheng33d07332014-11-04 16:33:37 +0800[diff] [blame]134static inline int ceph_auth_sign_message(struct ceph_auth_handshake *auth,
135 struct ceph_msg *msg)
136{
137 if (auth->sign_message)
138 return auth->sign_message(auth, msg);
139 return 0;
140}
141
142static inline
143int ceph_auth_check_message_signature(struct ceph_auth_handshake *auth,
144 struct ceph_msg *msg)
145{
146 if (auth->check_message_signature)
147 return auth->check_message_signature(auth, msg);
148 return 0;
149}
Sage Weil4e7a5dc2009-11-18 16:19:57 -0800[diff] [blame]150#endif