libceph: Create a new key type "ceph". · tjh.dev/kernel@4b2a58a

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

libceph: Create a new key type "ceph".

This allows us to use existence of the key type as a feature test,
from userspace.

Signed-off-by: Tommi Virtanen <tommi.virtanen@dreamhost.com>
Signed-off-by: Sage Weil <sage@newdream.net>

authored by

Tommi Virtanen and committed by

Sage Weil 15 years ago 4b2a58ab e2c3d29b

+85 -8

4 changed files

expand all

include

keys

ceph-type.h

net

ceph

ceph_common.c

crypto.c

crypto.h

include/keys/ceph-type.h

··· 1 + #ifndef _KEYS_CEPH_TYPE_H 2 + #define _KEYS_CEPH_TYPE_H 3 + 4 + #include <linux/key.h> 5 + 6 + extern struct key_type key_type_ceph; 7 + 8 + #endif

+13 -8

net/ceph/ceph_common.c

··· 6 6 #include <linux/inet.h> 7 7 #include <linux/in6.h> 8 8 #include <linux/key.h> 9 - #include <keys/user-type.h> 9 + #include <keys/ceph-type.h> 10 10 #include <linux/module.h> 11 11 #include <linux/mount.h> 12 12 #include <linux/parser.h> ··· 241 241 struct key *ukey; 242 242 int key_err; 243 243 int err = 0; 244 - struct user_key_payload *payload; 245 - void *p; 244 + struct ceph_crypto_key *ckey; 246 245 247 - ukey = request_key(&key_type_user, name, NULL); 246 + ukey = request_key(&key_type_ceph, name, NULL); 248 247 if (!ukey || IS_ERR(ukey)) { 249 248 /* request_key errors don't map nicely to mount(2) 250 249 errors; don't even try, but still printk */ ··· 266 267 goto out; 267 268 } 268 269 269 - payload = ukey->payload.data; 270 - p = payload->data; 271 - err = ceph_crypto_key_decode(dst, &p, p + payload->datalen); 270 + ckey = ukey->payload.data; 271 + err = ceph_crypto_key_clone(dst, ckey); 272 272 if (err) 273 273 goto out_key; 274 274 /* pass through, err is 0 */ ··· 581 583 if (ret < 0) 582 584 goto out; 583 585 584 - ret = ceph_msgr_init(); 586 + ret = ceph_crypto_init(); 585 587 if (ret < 0) 586 588 goto out_debugfs; 589 + 590 + ret = ceph_msgr_init(); 591 + if (ret < 0) 592 + goto out_crypto; 587 593 588 594 pr_info("loaded (mon/osd proto %d/%d, osdmap %d/%d %d/%d)\n", 589 595 CEPH_MONC_PROTOCOL, CEPH_OSDC_PROTOCOL, ··· 596 594 597 595 return 0; 598 596 597 + out_crypto: 598 + ceph_crypto_shutdown(); 599 599 out_debugfs: 600 600 ceph_debugfs_cleanup(); 601 601 out: ··· 608 604 { 609 605 dout("exit_ceph_lib\n"); 610 606 ceph_msgr_exit(); 607 + ceph_crypto_shutdown(); 611 608 ceph_debugfs_cleanup(); 612 609 } 613 610

+62

net/ceph/crypto.c

··· 5 5 #include <linux/scatterlist.h> 6 6 #include <linux/slab.h> 7 7 #include <crypto/hash.h> 8 + #include <linux/key-type.h> 8 9 10 + #include <keys/ceph-type.h> 9 11 #include <linux/ceph/decode.h> 10 12 #include "crypto.h" 11 13 ··· 422 420 default: 423 421 return -EINVAL; 424 422 } 423 + } 424 + 425 + int ceph_key_instantiate(struct key *key, const void *data, size_t datalen) 426 + { 427 + struct ceph_crypto_key *ckey; 428 + int ret; 429 + void *p; 430 + 431 + ret = -EINVAL; 432 + if (datalen <= 0 || datalen > 32767 || !data) 433 + goto err; 434 + 435 + ret = key_payload_reserve(key, datalen); 436 + if (ret < 0) 437 + goto err; 438 + 439 + ret = -ENOMEM; 440 + ckey = kmalloc(sizeof(*ckey), GFP_KERNEL); 441 + if (!ckey) 442 + goto err; 443 + 444 + /* TODO ceph_crypto_key_decode should really take const input */ 445 + p = (void*)data; 446 + ret = ceph_crypto_key_decode(ckey, &p, (char*)data+datalen); 447 + if (ret < 0) 448 + goto err_ckey; 449 + 450 + key->payload.data = ckey; 451 + return 0; 452 + 453 + err_ckey: 454 + kfree(ckey); 455 + err: 456 + return ret; 457 + } 458 + 459 + int ceph_key_match(const struct key *key, const void *description) 460 + { 461 + return strcmp(key->description, description) == 0; 462 + } 463 + 464 + void ceph_key_destroy(struct key *key) { 465 + struct ceph_crypto_key *ckey = key->payload.data; 466 + 467 + ceph_crypto_key_destroy(ckey); 468 + } 469 + 470 + struct key_type key_type_ceph = { 471 + .name = "ceph", 472 + .instantiate = ceph_key_instantiate, 473 + .match = ceph_key_match, 474 + .destroy = ceph_key_destroy, 475 + }; 476 + 477 + int ceph_crypto_init(void) { 478 + return register_key_type(&key_type_ceph); 479 + } 480 + 481 + void ceph_crypto_shutdown(void) { 482 + unregister_key_type(&key_type_ceph); 425 483 }

net/ceph/crypto.h

··· 42 42 void *dst, size_t *dst_len, 43 43 const void *src1, size_t src1_len, 44 44 const void *src2, size_t src2_len); 45 + extern int ceph_crypto_init(void); 46 + extern void ceph_crypto_shutdown(void); 45 47 46 48 /* armor.c */ 47 49 extern int ceph_armor(char *dst, const char *src, const char *end);