diff options
Diffstat (limited to 'drivers/staging/lustre/lustre/ptlrpc/gss/sec_gss.c')
-rw-r--r-- | drivers/staging/lustre/lustre/ptlrpc/gss/sec_gss.c | 219 |
1 files changed, 95 insertions, 124 deletions
diff --git a/drivers/staging/lustre/lustre/ptlrpc/gss/sec_gss.c b/drivers/staging/lustre/lustre/ptlrpc/gss/sec_gss.c index ebca858ca183..b42ddda9ee25 100644 --- a/drivers/staging/lustre/lustre/ptlrpc/gss/sec_gss.c +++ b/drivers/staging/lustre/lustre/ptlrpc/gss/sec_gss.c @@ -280,11 +280,10 @@ __u32 gss_unseal_msg(struct gss_ctx *mechctx, __u8 *clear_buf; int clear_buflen; __u32 major; - ENTRY; if (msgbuf->lm_bufcount != 2) { CERROR("invalid bufcount %d\n", msgbuf->lm_bufcount); - RETURN(GSS_S_FAILURE); + return GSS_S_FAILURE; } /* allocate a temporary clear text buffer, same sized as token, @@ -292,7 +291,7 @@ __u32 gss_unseal_msg(struct gss_ctx *mechctx, clear_buflen = lustre_msg_buflen(msgbuf, 1); OBD_ALLOC_LARGE(clear_buf, clear_buflen); if (!clear_buf) - RETURN(GSS_S_FAILURE); + return GSS_S_FAILURE; /* buffer objects */ hdrobj.len = lustre_msg_buflen(msgbuf, 0); @@ -317,7 +316,7 @@ __u32 gss_unseal_msg(struct gss_ctx *mechctx, major = GSS_S_COMPLETE; out_free: OBD_FREE_LARGE(clear_buf, clear_buflen); - RETURN(major); + return major; } /******************************************** @@ -646,7 +645,6 @@ int gss_cli_ctx_sign(struct ptlrpc_cli_ctx *ctx, struct gss_cli_ctx *gctx = ctx2gctx(ctx); __u32 flags = 0, seq, svc; int rc; - ENTRY; LASSERT(req->rq_reqbuf); LASSERT(req->rq_reqbuf->lm_bufcount >= 2); @@ -654,7 +652,7 @@ int gss_cli_ctx_sign(struct ptlrpc_cli_ctx *ctx, /* nothing to do for context negotiation RPCs */ if (req->rq_ctx_init) - RETURN(0); + return 0; svc = SPTLRPC_FLVR_SVC(req->rq_flvr.sf_rpc); if (req->rq_pack_bulk) @@ -670,7 +668,7 @@ redo: flags, gctx->gc_proc, seq, svc, &gctx->gc_handle); if (rc < 0) - RETURN(rc); + return rc; /* gss_sign_msg() msg might take long time to finish, in which period * more rpcs could be wrapped up and sent out. if we found too many @@ -689,7 +687,7 @@ redo: } req->rq_reqdata_len = rc; - RETURN(0); + return 0; } static @@ -765,7 +763,6 @@ int gss_cli_ctx_verify(struct ptlrpc_cli_ctx *ctx, struct lustre_msg *msg = req->rq_repdata; __u32 major; int pack_bulk, swabbed, rc = 0; - ENTRY; LASSERT(req->rq_cli_ctx == ctx); LASSERT(msg); @@ -777,12 +774,12 @@ int gss_cli_ctx_verify(struct ptlrpc_cli_ctx *ctx, if (req->rq_ctx_init && !req->rq_early) { req->rq_repmsg = lustre_msg_buf(msg, 1, 0); req->rq_replen = msg->lm_buflens[1]; - RETURN(0); + return 0; } if (msg->lm_bufcount < 2 || msg->lm_bufcount > 4) { CERROR("unexpected bufcount %u\n", msg->lm_bufcount); - RETURN(-EPROTO); + return -EPROTO; } swabbed = ptlrpc_rep_need_swab(req); @@ -790,7 +787,7 @@ int gss_cli_ctx_verify(struct ptlrpc_cli_ctx *ctx, ghdr = gss_swab_header(msg, 0, swabbed); if (ghdr == NULL) { CERROR("can't decode gss header\n"); - RETURN(-EPROTO); + return -EPROTO; } /* sanity checks */ @@ -800,7 +797,7 @@ int gss_cli_ctx_verify(struct ptlrpc_cli_ctx *ctx, if (ghdr->gh_version != reqhdr->gh_version) { CERROR("gss version %u mismatch, expect %u\n", ghdr->gh_version, reqhdr->gh_version); - RETURN(-EPROTO); + return -EPROTO; } switch (ghdr->gh_proc) { @@ -810,19 +807,19 @@ int gss_cli_ctx_verify(struct ptlrpc_cli_ctx *ctx, if (!req->rq_early && !equi(req->rq_pack_bulk == 1, pack_bulk)){ CERROR("%s bulk flag in reply\n", req->rq_pack_bulk ? "missing" : "unexpected"); - RETURN(-EPROTO); + return -EPROTO; } if (ghdr->gh_seq != reqhdr->gh_seq) { CERROR("seqnum %u mismatch, expect %u\n", ghdr->gh_seq, reqhdr->gh_seq); - RETURN(-EPROTO); + return -EPROTO; } if (ghdr->gh_svc != reqhdr->gh_svc) { CERROR("svc %u mismatch, expect %u\n", ghdr->gh_svc, reqhdr->gh_svc); - RETURN(-EPROTO); + return -EPROTO; } if (swabbed) @@ -831,7 +828,7 @@ int gss_cli_ctx_verify(struct ptlrpc_cli_ctx *ctx, major = gss_verify_msg(msg, gctx->gc_mechctx, reqhdr->gh_svc); if (major != GSS_S_COMPLETE) { CERROR("failed to verify reply: %x\n", major); - RETURN(-EPERM); + return -EPERM; } if (req->rq_early && reqhdr->gh_svc == SPTLRPC_SVC_NULL) { @@ -843,7 +840,7 @@ int gss_cli_ctx_verify(struct ptlrpc_cli_ctx *ctx, if (cksum != msg->lm_cksum) { CWARN("early reply checksum mismatch: " "%08x != %08x\n", cksum, msg->lm_cksum); - RETURN(-EPROTO); + return -EPROTO; } } @@ -852,13 +849,13 @@ int gss_cli_ctx_verify(struct ptlrpc_cli_ctx *ctx, if (msg->lm_bufcount < 3) { CERROR("Invalid reply bufcount %u\n", msg->lm_bufcount); - RETURN(-EPROTO); + return -EPROTO; } rc = bulk_sec_desc_unpack(msg, 2, swabbed); if (rc) { CERROR("unpack bulk desc: %d\n", rc); - RETURN(rc); + return rc; } } @@ -878,7 +875,7 @@ int gss_cli_ctx_verify(struct ptlrpc_cli_ctx *ctx, rc = -EPROTO; } - RETURN(rc); + return rc; } int gss_cli_ctx_seal(struct ptlrpc_cli_ctx *ctx, @@ -889,7 +886,6 @@ int gss_cli_ctx_seal(struct ptlrpc_cli_ctx *ctx, struct gss_header *ghdr; __u32 buflens[2], major; int wiresize, rc; - ENTRY; LASSERT(req->rq_clrbuf); LASSERT(req->rq_cli_ctx == ctx); @@ -915,7 +911,7 @@ int gss_cli_ctx_seal(struct ptlrpc_cli_ctx *ctx, } else { OBD_ALLOC_LARGE(req->rq_reqbuf, wiresize); if (!req->rq_reqbuf) - RETURN(-ENOMEM); + return -ENOMEM; req->rq_reqbuf_len = wiresize; } @@ -969,7 +965,7 @@ redo: /* now set the final wire data length */ req->rq_reqdata_len = lustre_shrink_msg(req->rq_reqbuf, 1, token.len,0); - RETURN(0); + return 0; err_free: if (!req->rq_pool) { @@ -977,7 +973,7 @@ err_free: req->rq_reqbuf = NULL; req->rq_reqbuf_len = 0; } - RETURN(rc); + return rc; } int gss_cli_ctx_unseal(struct ptlrpc_cli_ctx *ctx, @@ -988,7 +984,6 @@ int gss_cli_ctx_unseal(struct ptlrpc_cli_ctx *ctx, struct lustre_msg *msg = req->rq_repdata; int msglen, pack_bulk, swabbed, rc; __u32 major; - ENTRY; LASSERT(req->rq_cli_ctx == ctx); LASSERT(req->rq_ctx_init == 0); @@ -1000,14 +995,14 @@ int gss_cli_ctx_unseal(struct ptlrpc_cli_ctx *ctx, ghdr = gss_swab_header(msg, 0, swabbed); if (ghdr == NULL) { CERROR("can't decode gss header\n"); - RETURN(-EPROTO); + return -EPROTO; } /* sanity checks */ if (ghdr->gh_version != PTLRPC_GSS_VERSION) { CERROR("gss version %u mismatch, expect %u\n", ghdr->gh_version, PTLRPC_GSS_VERSION); - RETURN(-EPROTO); + return -EPROTO; } switch (ghdr->gh_proc) { @@ -1017,7 +1012,7 @@ int gss_cli_ctx_unseal(struct ptlrpc_cli_ctx *ctx, if (!req->rq_early && !equi(req->rq_pack_bulk == 1, pack_bulk)){ CERROR("%s bulk flag in reply\n", req->rq_pack_bulk ? "missing" : "unexpected"); - RETURN(-EPROTO); + return -EPROTO; } if (swabbed) @@ -1038,25 +1033,25 @@ int gss_cli_ctx_unseal(struct ptlrpc_cli_ctx *ctx, swabbed = __lustre_unpack_msg(msg, msglen); if (swabbed < 0) { CERROR("Failed to unpack after decryption\n"); - RETURN(-EPROTO); + return -EPROTO; } if (msg->lm_bufcount < 1) { CERROR("Invalid reply buffer: empty\n"); - RETURN(-EPROTO); + return -EPROTO; } if (pack_bulk) { if (msg->lm_bufcount < 2) { CERROR("bufcount %u: missing bulk sec desc\n", msg->lm_bufcount); - RETURN(-EPROTO); + return -EPROTO; } /* bulk checksum is the last segment */ if (bulk_sec_desc_unpack(msg, msg->lm_bufcount - 1, swabbed)) - RETURN(-EPROTO); + return -EPROTO; } req->rq_repmsg = lustre_msg_buf(msg, 0, 0); @@ -1077,7 +1072,7 @@ int gss_cli_ctx_unseal(struct ptlrpc_cli_ctx *ctx, rc = -EPERM; } - RETURN(rc); + return rc; } /********************************************* @@ -1148,7 +1143,6 @@ int gss_sec_create_common(struct gss_sec *gsec, void gss_sec_destroy_common(struct gss_sec *gsec) { struct ptlrpc_sec *sec = &gsec->gs_base; - ENTRY; LASSERT(sec->ps_import); LASSERT(atomic_read(&sec->ps_refcount) == 0); @@ -1163,8 +1157,6 @@ void gss_sec_destroy_common(struct gss_sec *gsec) if (SPTLRPC_FLVR_BULK_SVC(sec->ps_flvr.sf_rpc) == SPTLRPC_BULK_SVC_PRIV) sptlrpc_enc_pool_del_user(); - - EXIT; } void gss_sec_kill(struct ptlrpc_sec *sec) @@ -1260,7 +1252,6 @@ int gss_alloc_reqbuf_intg(struct ptlrpc_sec *sec, int bufsize, txtsize; int bufcnt = 2; __u32 buflens[5]; - ENTRY; /* * on-wire data layout: @@ -1312,7 +1303,7 @@ int gss_alloc_reqbuf_intg(struct ptlrpc_sec *sec, OBD_ALLOC_LARGE(req->rq_reqbuf, bufsize); if (!req->rq_reqbuf) - RETURN(-ENOMEM); + return -ENOMEM; req->rq_reqbuf_len = bufsize; } else { @@ -1331,7 +1322,7 @@ int gss_alloc_reqbuf_intg(struct ptlrpc_sec *sec, if (req->rq_pack_udesc) sptlrpc_pack_user_desc(req->rq_reqbuf, 2); - RETURN(0); + return 0; } static @@ -1342,7 +1333,6 @@ int gss_alloc_reqbuf_priv(struct ptlrpc_sec *sec, __u32 ibuflens[3], wbuflens[2]; int ibufcnt; int clearsize, wiresize; - ENTRY; LASSERT(req->rq_clrbuf == NULL); LASSERT(req->rq_clrbuf_len == 0); @@ -1399,7 +1389,7 @@ int gss_alloc_reqbuf_priv(struct ptlrpc_sec *sec, OBD_ALLOC_LARGE(req->rq_clrbuf, clearsize); if (!req->rq_clrbuf) - RETURN(-ENOMEM); + return -ENOMEM; } req->rq_clrbuf_len = clearsize; @@ -1409,7 +1399,7 @@ int gss_alloc_reqbuf_priv(struct ptlrpc_sec *sec, if (req->rq_pack_udesc) sptlrpc_pack_user_desc(req->rq_clrbuf, 1); - RETURN(0); + return 0; } /* @@ -1442,7 +1432,6 @@ void gss_free_reqbuf(struct ptlrpc_sec *sec, struct ptlrpc_request *req) { int privacy; - ENTRY; LASSERT(!req->rq_pool || req->rq_reqbuf); privacy = SPTLRPC_FLVR_SVC(req->rq_flvr.sf_rpc) == SPTLRPC_SVC_PRIV; @@ -1471,8 +1460,6 @@ release_reqbuf: req->rq_reqbuf = NULL; req->rq_reqbuf_len = 0; } - - EXIT; } static int do_alloc_repbuf(struct ptlrpc_request *req, int bufsize) @@ -1578,7 +1565,6 @@ int gss_alloc_repbuf(struct ptlrpc_sec *sec, int msgsize) { int svc = SPTLRPC_FLVR_SVC(req->rq_flvr.sf_rpc); - ENTRY; LASSERT(!req->rq_pack_bulk || (req->rq_bulk_read || req->rq_bulk_write)); @@ -1697,7 +1683,7 @@ int gss_enlarge_reqbuf_intg(struct ptlrpc_sec *sec, OBD_ALLOC_LARGE(newbuf, newbuf_size); if (newbuf == NULL) - RETURN(-ENOMEM); + return -ENOMEM; memcpy(newbuf, req->rq_reqbuf, req->rq_reqbuf_len); @@ -1717,7 +1703,7 @@ int gss_enlarge_reqbuf_intg(struct ptlrpc_sec *sec, _sptlrpc_enlarge_msg_inplace(req->rq_reqmsg, segment, newsize); req->rq_reqlen = newmsg_size; - RETURN(0); + return 0; } static @@ -1786,7 +1772,7 @@ int gss_enlarge_reqbuf_priv(struct ptlrpc_sec *sec, OBD_ALLOC_LARGE(newclrbuf, newclrbuf_size); if (newclrbuf == NULL) - RETURN(-ENOMEM); + return -ENOMEM; memcpy(newclrbuf, req->rq_clrbuf, req->rq_clrbuf_len); @@ -1806,7 +1792,7 @@ int gss_enlarge_reqbuf_priv(struct ptlrpc_sec *sec, _sptlrpc_enlarge_msg_inplace(req->rq_reqmsg, segment, newsize); req->rq_reqlen = newmsg_size; - RETURN(0); + return 0; } int gss_enlarge_reqbuf(struct ptlrpc_sec *sec, @@ -1891,7 +1877,6 @@ int gss_svc_sign(struct ptlrpc_request *req, { __u32 flags = 0; int rc; - ENTRY; LASSERT(rs->rs_msg == lustre_msg_buf(rs->rs_repbuf, 1, 0)); @@ -1906,7 +1891,7 @@ int gss_svc_sign(struct ptlrpc_request *req, LUSTRE_SP_ANY, flags, PTLRPC_GSS_PROC_DATA, grctx->src_wirectx.gw_seq, svc, NULL); if (rc < 0) - RETURN(rc); + return rc; rs->rs_repdata_len = rc; @@ -1923,7 +1908,7 @@ int gss_svc_sign(struct ptlrpc_request *req, req->rq_reply_off = 0; } - RETURN(0); + return 0; } int gss_pack_err_notify(struct ptlrpc_request *req, __u32 major, __u32 minor) @@ -1933,10 +1918,9 @@ int gss_pack_err_notify(struct ptlrpc_request *req, __u32 major, __u32 minor) struct gss_err_header *ghdr; int replen = sizeof(struct ptlrpc_body); int rc; - ENTRY; //if (OBD_FAIL_CHECK_ORSET(OBD_FAIL_SVCGSS_ERR_NOTIFY, OBD_FAIL_ONCE)) - // RETURN(-EINVAL); + // return -EINVAL; grctx->src_err_notify = 1; grctx->src_reserve_len = 0; @@ -1944,7 +1928,7 @@ int gss_pack_err_notify(struct ptlrpc_request *req, __u32 major, __u32 minor) rc = lustre_pack_reply_v2(req, 1, &replen, NULL, 0); if (rc) { CERROR("could not pack reply, err %d\n", rc); - RETURN(rc); + return rc; } /* gss hdr */ @@ -1963,7 +1947,7 @@ int gss_pack_err_notify(struct ptlrpc_request *req, __u32 major, __u32 minor) CDEBUG(D_SEC, "prepare gss error notify(0x%x/0x%x) to %s\n", major, minor, libcfs_nid2str(req->rq_peer.nid)); - RETURN(0); + return 0; } static @@ -1978,7 +1962,6 @@ int gss_svc_handle_init(struct ptlrpc_request *req, __u32 lustre_svc; __u32 *secdata, seclen; int swabbed, rc; - ENTRY; CDEBUG(D_SEC, "processing gss init(%d) request from %s\n", gw->gw_proc, libcfs_nid2str(req->rq_peer.nid)); @@ -1987,18 +1970,18 @@ int gss_svc_handle_init(struct ptlrpc_request *req, if (gw->gw_flags & LUSTRE_GSS_PACK_BULK) { CERROR("unexpected bulk flag\n"); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } if (gw->gw_proc == PTLRPC_GSS_PROC_INIT && gw->gw_handle.len != 0) { CERROR("proc %u: invalid handle length %u\n", gw->gw_proc, gw->gw_handle.len); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } if (reqbuf->lm_bufcount < 3 || reqbuf->lm_bufcount > 4){ CERROR("Invalid bufcount %d\n", reqbuf->lm_bufcount); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } swabbed = ptlrpc_req_need_swab(req); @@ -2009,7 +1992,7 @@ int gss_svc_handle_init(struct ptlrpc_request *req, if (seclen < 4 + 4) { CERROR("sec size %d too small\n", seclen); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } /* lustre svc type */ @@ -2020,7 +2003,7 @@ int gss_svc_handle_init(struct ptlrpc_request *req, * because touched internal structure of obd_uuid */ if (rawobj_extract(&uuid_obj, &secdata, &seclen)) { CERROR("failed to extract target uuid\n"); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } uuid_obj.data[uuid_obj.len - 1] = '\0'; @@ -2030,25 +2013,25 @@ int gss_svc_handle_init(struct ptlrpc_request *req, CERROR("target '%s' is not available for context init (%s)\n", uuid->uuid, target == NULL ? "no target" : (target->obd_stopping ? "stopping" : "not set up")); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } /* extract reverse handle */ if (rawobj_extract(&rvs_hdl, &secdata, &seclen)) { CERROR("failed extract reverse handle\n"); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } /* extract token */ if (rawobj_extract(&in_token, &secdata, &seclen)) { CERROR("can't extract token\n"); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } rc = gss_svc_upcall_handle_init(req, grctx, gw, target, lustre_svc, &rvs_hdl, &in_token); if (rc != SECSVC_OK) - RETURN(rc); + return rc; if (grctx->src_ctx->gsc_usr_mds || grctx->src_ctx->gsc_usr_oss || grctx->src_ctx->gsc_usr_root) @@ -2064,11 +2047,11 @@ int gss_svc_handle_init(struct ptlrpc_request *req, if (gw->gw_flags & LUSTRE_GSS_PACK_USER) { if (reqbuf->lm_bufcount < 4) { CERROR("missing user descriptor\n"); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } if (sptlrpc_unpack_user_desc(reqbuf, 2, swabbed)) { CERROR("Mal-formed user descriptor\n"); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } req->rq_pack_udesc = 1; @@ -2078,7 +2061,7 @@ int gss_svc_handle_init(struct ptlrpc_request *req, req->rq_reqmsg = lustre_msg_buf(reqbuf, 1, 0); req->rq_reqlen = lustre_msg_buflen(reqbuf, 1); - RETURN(rc); + return rc; } /* @@ -2094,13 +2077,12 @@ int gss_svc_verify_request(struct ptlrpc_request *req, struct lustre_msg *msg = req->rq_reqbuf; int offset = 2; int swabbed; - ENTRY; *major = GSS_S_COMPLETE; if (msg->lm_bufcount < 2) { CERROR("Too few segments (%u) in request\n", msg->lm_bufcount); - RETURN(-EINVAL); + return -EINVAL; } if (gw->gw_svc == SPTLRPC_SVC_NULL) @@ -2109,20 +2091,20 @@ int gss_svc_verify_request(struct ptlrpc_request *req, if (gss_check_seq_num(&gctx->gsc_seqdata, gw->gw_seq, 0)) { CERROR("phase 0: discard replayed req: seq %u\n", gw->gw_seq); *major = GSS_S_DUPLICATE_TOKEN; - RETURN(-EACCES); + return -EACCES; } *major = gss_verify_msg(msg, gctx->gsc_mechctx, gw->gw_svc); if (*major != GSS_S_COMPLETE) { CERROR("failed to verify request: %x\n", *major); - RETURN(-EACCES); + return -EACCES; } if (gctx->gsc_reverse == 0 && gss_check_seq_num(&gctx->gsc_seqdata, gw->gw_seq, 1)) { CERROR("phase 1+: discard replayed req: seq %u\n", gw->gw_seq); *major = GSS_S_DUPLICATE_TOKEN; - RETURN(-EACCES); + return -EACCES; } verified: @@ -2132,12 +2114,12 @@ verified: if (gw->gw_flags & LUSTRE_GSS_PACK_USER) { if (msg->lm_bufcount < (offset + 1)) { CERROR("no user desc included\n"); - RETURN(-EINVAL); + return -EINVAL; } if (sptlrpc_unpack_user_desc(msg, offset, swabbed)) { CERROR("Mal-formed user descriptor\n"); - RETURN(-EINVAL); + return -EINVAL; } req->rq_pack_udesc = 1; @@ -2149,11 +2131,11 @@ verified: if (gw->gw_flags & LUSTRE_GSS_PACK_BULK) { if (msg->lm_bufcount < (offset + 1)) { CERROR("missing bulk sec descriptor\n"); - RETURN(-EINVAL); + return -EINVAL; } if (bulk_sec_desc_unpack(msg, offset, swabbed)) - RETURN(-EINVAL); + return -EINVAL; req->rq_pack_bulk = 1; grctx->src_reqbsd = lustre_msg_buf(msg, offset, 0); @@ -2162,7 +2144,7 @@ verified: req->rq_reqmsg = lustre_msg_buf(msg, 1, 0); req->rq_reqlen = msg->lm_buflens[1]; - RETURN(0); + return 0; } static @@ -2174,48 +2156,47 @@ int gss_svc_unseal_request(struct ptlrpc_request *req, struct gss_svc_ctx *gctx = grctx->src_ctx; struct lustre_msg *msg = req->rq_reqbuf; int swabbed, msglen, offset = 1; - ENTRY; if (gss_check_seq_num(&gctx->gsc_seqdata, gw->gw_seq, 0)) { CERROR("phase 0: discard replayed req: seq %u\n", gw->gw_seq); *major = GSS_S_DUPLICATE_TOKEN; - RETURN(-EACCES); + return -EACCES; } *major = gss_unseal_msg(gctx->gsc_mechctx, msg, &msglen, req->rq_reqdata_len); if (*major != GSS_S_COMPLETE) { CERROR("failed to unwrap request: %x\n", *major); - RETURN(-EACCES); + return -EACCES; } if (gss_check_seq_num(&gctx->gsc_seqdata, gw->gw_seq, 1)) { CERROR("phase 1+: discard replayed req: seq %u\n", gw->gw_seq); *major = GSS_S_DUPLICATE_TOKEN; - RETURN(-EACCES); + return -EACCES; } swabbed = __lustre_unpack_msg(msg, msglen); if (swabbed < 0) { CERROR("Failed to unpack after decryption\n"); - RETURN(-EINVAL); + return -EINVAL; } req->rq_reqdata_len = msglen; if (msg->lm_bufcount < 1) { CERROR("Invalid buffer: is empty\n"); - RETURN(-EINVAL); + return -EINVAL; } if (gw->gw_flags & LUSTRE_GSS_PACK_USER) { if (msg->lm_bufcount < offset + 1) { CERROR("no user descriptor included\n"); - RETURN(-EINVAL); + return -EINVAL; } if (sptlrpc_unpack_user_desc(msg, offset, swabbed)) { CERROR("Mal-formed user descriptor\n"); - RETURN(-EINVAL); + return -EINVAL; } req->rq_pack_udesc = 1; @@ -2226,11 +2207,11 @@ int gss_svc_unseal_request(struct ptlrpc_request *req, if (gw->gw_flags & LUSTRE_GSS_PACK_BULK) { if (msg->lm_bufcount < offset + 1) { CERROR("no bulk checksum included\n"); - RETURN(-EINVAL); + return -EINVAL; } if (bulk_sec_desc_unpack(msg, offset, swabbed)) - RETURN(-EINVAL); + return -EINVAL; req->rq_pack_bulk = 1; grctx->src_reqbsd = lustre_msg_buf(msg, offset, 0); @@ -2239,7 +2220,7 @@ int gss_svc_unseal_request(struct ptlrpc_request *req, req->rq_reqmsg = lustre_msg_buf(req->rq_reqbuf, 0, 0); req->rq_reqlen = req->rq_reqbuf->lm_buflens[0]; - RETURN(0); + return 0; } static @@ -2249,7 +2230,6 @@ int gss_svc_handle_data(struct ptlrpc_request *req, struct gss_svc_reqctx *grctx = gss_svc_ctx2reqctx(req->rq_svc_ctx); __u32 major = 0; int rc = 0; - ENTRY; grctx->src_ctx = gss_svc_upcall_get_ctx(req, gw); if (!grctx->src_ctx) { @@ -2272,7 +2252,7 @@ int gss_svc_handle_data(struct ptlrpc_request *req, } if (rc == 0) - RETURN(SECSVC_OK); + return SECSVC_OK; CERROR("svc %u failed: major 0x%08x: req xid "LPU64" ctx %p idx " LPX64"(%u->%s)\n", gw->gw_svc, major, req->rq_xid, @@ -2283,9 +2263,9 @@ error: * might happen after server reboot, to allow recovery. */ if ((major == GSS_S_NO_CONTEXT || major == GSS_S_BAD_SIG) && gss_pack_err_notify(req, major, 0) == 0) - RETURN(SECSVC_COMPLETE); + return SECSVC_COMPLETE; - RETURN(SECSVC_DROP); + return SECSVC_DROP; } static @@ -2294,7 +2274,6 @@ int gss_svc_handle_destroy(struct ptlrpc_request *req, { struct gss_svc_reqctx *grctx = gss_svc_ctx2reqctx(req->rq_svc_ctx); __u32 major; - ENTRY; req->rq_ctx_fini = 1; req->rq_no_reply = 1; @@ -2302,16 +2281,16 @@ int gss_svc_handle_destroy(struct ptlrpc_request *req, grctx->src_ctx = gss_svc_upcall_get_ctx(req, gw); if (!grctx->src_ctx) { CDEBUG(D_SEC, "invalid gss context handle for destroy.\n"); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } if (gw->gw_svc != SPTLRPC_SVC_INTG) { CERROR("svc %u is not supported in destroy.\n", gw->gw_svc); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } if (gss_svc_verify_request(req, grctx, gw, &major)) - RETURN(SECSVC_DROP); + return SECSVC_DROP; CWARN("destroy svc ctx %p idx "LPX64" (%u->%s)\n", grctx->src_ctx, gss_handle_to_u64(&gw->gw_handle), @@ -2322,19 +2301,19 @@ int gss_svc_handle_destroy(struct ptlrpc_request *req, if (gw->gw_flags & LUSTRE_GSS_PACK_USER) { if (req->rq_reqbuf->lm_bufcount < 4) { CERROR("missing user descriptor, ignore it\n"); - RETURN(SECSVC_OK); + return SECSVC_OK; } if (sptlrpc_unpack_user_desc(req->rq_reqbuf, 2, ptlrpc_req_need_swab(req))) { CERROR("Mal-formed user descriptor, ignore it\n"); - RETURN(SECSVC_OK); + return SECSVC_OK; } req->rq_pack_udesc = 1; req->rq_user_desc = lustre_msg_buf(req->rq_reqbuf, 2, 0); } - RETURN(SECSVC_OK); + return SECSVC_OK; } int gss_svc_accept(struct ptlrpc_sec_policy *policy, struct ptlrpc_request *req) @@ -2343,14 +2322,13 @@ int gss_svc_accept(struct ptlrpc_sec_policy *policy, struct ptlrpc_request *req) struct gss_svc_reqctx *grctx; struct gss_wire_ctx *gw; int swabbed, rc; - ENTRY; LASSERT(req->rq_reqbuf); LASSERT(req->rq_svc_ctx == NULL); if (req->rq_reqbuf->lm_bufcount < 2) { CERROR("buf count only %d\n", req->rq_reqbuf->lm_bufcount); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } swabbed = ptlrpc_req_need_swab(req); @@ -2358,14 +2336,14 @@ int gss_svc_accept(struct ptlrpc_sec_policy *policy, struct ptlrpc_request *req) ghdr = gss_swab_header(req->rq_reqbuf, 0, swabbed); if (ghdr == NULL) { CERROR("can't decode gss header\n"); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } /* sanity checks */ if (ghdr->gh_version != PTLRPC_GSS_VERSION) { CERROR("gss version %u, expect %u\n", ghdr->gh_version, PTLRPC_GSS_VERSION); - RETURN(SECSVC_DROP); + return SECSVC_DROP; } req->rq_sp_from = ghdr->gh_sp; @@ -2373,7 +2351,7 @@ int gss_svc_accept(struct ptlrpc_sec_policy *policy, struct ptlrpc_request *req) /* alloc grctx data */ OBD_ALLOC_PTR(grctx); if (!grctx) - RETURN(SECSVC_DROP); + return SECSVC_DROP; grctx->src_base.sc_policy = sptlrpc_policy_get(policy); atomic_set(&grctx->src_base.sc_refcount, 1); @@ -2428,16 +2406,14 @@ int gss_svc_accept(struct ptlrpc_sec_policy *policy, struct ptlrpc_request *req) break; } - RETURN(rc); + return rc; } void gss_svc_invalidate_ctx(struct ptlrpc_svc_ctx *svc_ctx) { struct gss_svc_reqctx *grctx; - ENTRY; if (svc_ctx == NULL) { - EXIT; return; } @@ -2446,8 +2422,6 @@ void gss_svc_invalidate_ctx(struct ptlrpc_svc_ctx *svc_ctx) CWARN("gss svc invalidate ctx %p(%u)\n", grctx->src_ctx, grctx->src_ctx->gsc_uid); gss_svc_upcall_destroy_ctx(grctx->src_ctx); - - EXIT; } static inline @@ -2496,13 +2470,12 @@ int gss_svc_alloc_rs(struct ptlrpc_request *req, int msglen) __u32 ibuflens[2], buflens[4]; int ibufcnt = 0, bufcnt; int txtsize, wmsg_size, rs_size; - ENTRY; LASSERT(msglen % 8 == 0); if (req->rq_pack_bulk && !req->rq_bulk_read && !req->rq_bulk_write) { CERROR("client request bulk sec on non-bulk rpc\n"); - RETURN(-EPROTO); + return -EPROTO; } svc = SPTLRPC_FLVR_SVC(req->rq_flvr.sf_rpc); @@ -2575,7 +2548,7 @@ int gss_svc_alloc_rs(struct ptlrpc_request *req, int msglen) } else { OBD_ALLOC_LARGE(rs, rs_size); if (rs == NULL) - RETURN(-ENOMEM); + return -ENOMEM; rs->rs_size = rs_size; } @@ -2605,7 +2578,7 @@ int gss_svc_alloc_rs(struct ptlrpc_request *req, int msglen) LASSERT(rs->rs_msg); req->rq_reply_state = rs; - RETURN(0); + return 0; } static int gss_svc_seal(struct ptlrpc_request *req, @@ -2619,7 +2592,6 @@ static int gss_svc_seal(struct ptlrpc_request *req, int token_buflen; __u32 buflens[2], major; int msglen, rc; - ENTRY; /* get clear data length. note embedded lustre_msg might * have been shrinked */ @@ -2647,7 +2619,7 @@ static int gss_svc_seal(struct ptlrpc_request *req, token_buflen = gss_mech_payload(gctx->gsc_mechctx, msglen, 1); OBD_ALLOC_LARGE(token_buf, token_buflen); if (token_buf == NULL) - RETURN(-ENOMEM); + return -ENOMEM; hdrobj.len = PTLRPC_GSS_HEADER_SIZE; hdrobj.data = (__u8 *) ghdr; @@ -2703,7 +2675,7 @@ static int gss_svc_seal(struct ptlrpc_request *req, rc = 0; out_free: OBD_FREE_LARGE(token_buf, token_buflen); - RETURN(rc); + return rc; } int gss_svc_authorize(struct ptlrpc_request *req) @@ -2712,7 +2684,6 @@ int gss_svc_authorize(struct ptlrpc_request *req) struct gss_svc_reqctx *grctx = gss_svc_ctx2reqctx(req->rq_svc_ctx); struct gss_wire_ctx *gw = &grctx->src_wirectx; int early, rc; - ENTRY; early = (req->rq_packed_final == 0); @@ -2720,7 +2691,7 @@ int gss_svc_authorize(struct ptlrpc_request *req) LASSERT(rs->rs_repdata_len != 0); req->rq_reply_off = gss_at_reply_off_integ; - RETURN(0); + return 0; } /* early reply could happen in many cases */ @@ -2728,7 +2699,7 @@ int gss_svc_authorize(struct ptlrpc_request *req) gw->gw_proc != PTLRPC_GSS_PROC_DATA && gw->gw_proc != PTLRPC_GSS_PROC_DESTROY) { CERROR("proc %d not support\n", gw->gw_proc); - RETURN(-EINVAL); + return -EINVAL; } LASSERT(grctx->src_ctx); @@ -2749,7 +2720,7 @@ int gss_svc_authorize(struct ptlrpc_request *req) rc = 0; out: - RETURN(rc); + return rc; } void gss_svc_free_rs(struct ptlrpc_reply_state *rs) |