LU-12401 gss: fix checksum for Kerberos and SSK

When computing checksum for Kerberos, krb5 wire token header is
appended to the plain text. Make sure the actual header is appended
in gss_digest_hash().
For interop with older clients, introduce new server side tunable
'sptlrpc.gss.krb5_allow_old_client_csum'. When not set, servers refuse
Kerberos connection from older clients.

In gss_crypt_generic(), protect against an undefined behavior by
switching from memcpy to memmove.

When computing checksum for SSK, make sure the actual token is used
to store the checksum.

Fixes: a21c13d ("LU-8602 gss: Properly port gss to newer crypto api.")
Test-Parameters: envdefinitions=SHARED_KEY=true testlist=sanity,recovery-small,sanity-sec
Test-Parameters: envdefinitions=SHARED_KEY=true clientbuildno=6308 clientjob=lustre-reviews-patchless testlist=sanity,recovery-small,sanity-sec
Signed-off-by: Sebastien Buisson <[email protected]>
Change-Id: I0233ada481f132af112bf88c065f5421902c942e
Reviewed-on: https://review.whamcloud.com/35099
Reviewed-by: Andreas Dilger <[email protected]>
Reviewed-by: Jeremy Filizetti <[email protected]>
Tested-by: jenkins <[email protected]>
Tested-by: Maloo <[email protected]>
Reviewed-by: Oleg Drokin <[email protected]>

Author: sbuisson-ddn

lustre/include/lustre_sec.h

@@ -966,6 +966,7 @@ struct ptlrpc_bulk_sec_desc {
 };
 
 extern struct dentry *sptlrpc_debugfs_dir;
+extern struct proc_dir_entry *sptlrpc_lprocfs_dir;
 
 /*
  * round size up to next power of 2, for slab allocation.

lustre/ptlrpc/gss/gss_api.h

@@ -21,10 +21,16 @@
 
 struct gss_api_mech;
 
+typedef int (*digest_hash)(
+	struct ahash_request *req, rawobj_t *hdr,
+	int msgcnt, rawobj_t *msgs,
+	int iovcnt, lnet_kiov_t *iovs);
+
 /* The mechanism-independent gss-api context: */
 struct gss_ctx {
-        struct gss_api_mech    *mech_type;
-        void                   *internal_ctx_id;
+	struct gss_api_mech *mech_type;
+	void *internal_ctx_id;
+	digest_hash hash_func;
 };
 
 #define GSS_C_NO_BUFFER         ((rawobj_t) 0)

lustre/ptlrpc/gss/gss_cli_upcall.c

@@ -59,82 +59,85 @@
 
 static
 int ctx_init_pack_request(struct obd_import *imp,
-                          struct ptlrpc_request *req,
-                          int lustre_srv,
-                          uid_t uid, gid_t gid,
-                          long token_size,
-                          char __user *token)
+			  struct ptlrpc_request *req,
+			  int lustre_srv,
+			  uid_t uid, gid_t gid,
+			  long token_size,
+			  char __user *token)
 {
-        struct lustre_msg       *msg = req->rq_reqbuf;
-        struct gss_sec          *gsec;
-        struct gss_header       *ghdr;
-        struct ptlrpc_user_desc *pud;
-        __u32                   *p, size, offset = 2;
-        rawobj_t                 obj;
-
-        LASSERT(msg->lm_bufcount <= 4);
-        LASSERT(req->rq_cli_ctx);
-        LASSERT(req->rq_cli_ctx->cc_sec);
-
-        /* gss hdr */
-        ghdr = lustre_msg_buf(msg, 0, sizeof(*ghdr));
-        ghdr->gh_version = PTLRPC_GSS_VERSION;
-        ghdr->gh_sp = (__u8) imp->imp_sec->ps_part;
-        ghdr->gh_flags = 0;
-        ghdr->gh_proc = PTLRPC_GSS_PROC_INIT;
-        ghdr->gh_seq = 0;
-        ghdr->gh_svc = SPTLRPC_SVC_NULL;
-        ghdr->gh_handle.len = 0;
-
-        /* fix the user desc */
-        if (req->rq_pack_udesc) {
-                ghdr->gh_flags |= LUSTRE_GSS_PACK_USER;
-
-                pud = lustre_msg_buf(msg, offset, sizeof(*pud));
-                LASSERT(pud);
-                pud->pud_uid = pud->pud_fsuid = uid;
-                pud->pud_gid = pud->pud_fsgid = gid;
-                pud->pud_cap = 0;
-                pud->pud_ngroups = 0;
-                offset++;
-        }
+	struct lustre_msg       *msg = req->rq_reqbuf;
+	struct gss_sec          *gsec;
+	struct gss_header       *ghdr;
+	struct ptlrpc_user_desc *pud;
+	__u32                   *p, size, offset = 2;
+	rawobj_t                 obj;
+
+	LASSERT(msg->lm_bufcount <= 4);
+	LASSERT(req->rq_cli_ctx);
+	LASSERT(req->rq_cli_ctx->cc_sec);
+
+	/* gss hdr */
+	ghdr = lustre_msg_buf(msg, 0, sizeof(*ghdr));
+	ghdr->gh_version = PTLRPC_GSS_VERSION;
+	ghdr->gh_sp = (__u8) imp->imp_sec->ps_part;
+	ghdr->gh_flags = 0;
+	ghdr->gh_proc = PTLRPC_GSS_PROC_INIT;
+	ghdr->gh_seq = 0;
+	ghdr->gh_svc = SPTLRPC_SVC_NULL;
+	ghdr->gh_handle.len = 0;
+
+	/* fix the user desc */
+	if (req->rq_pack_udesc) {
+		ghdr->gh_flags |= LUSTRE_GSS_PACK_USER;
+
+		pud = lustre_msg_buf(msg, offset, sizeof(*pud));
+		LASSERT(pud);
+		pud->pud_uid = pud->pud_fsuid = uid;
+		pud->pud_gid = pud->pud_fsgid = gid;
+		pud->pud_cap = 0;
+		pud->pud_ngroups = 0;
+		offset++;
+	}
 
-        /* security payload */
-        p = lustre_msg_buf(msg, offset, 0);
-        size = msg->lm_buflens[offset];
-        LASSERT(p);
-
-        /* 1. lustre svc type */
-        LASSERT(size > 4);
-        *p++ = cpu_to_le32(lustre_srv);
-        size -= 4;
-
-        /* 2. target uuid */
-        obj.len = strlen(imp->imp_obd->u.cli.cl_target_uuid.uuid) + 1;
-        obj.data = imp->imp_obd->u.cli.cl_target_uuid.uuid;
-        if (rawobj_serialize(&obj, &p, &size))
-                LBUG();
-
-        /* 3. reverse context handle. actually only needed by root user,
-         *    but we send it anyway. */
-        gsec = sec2gsec(req->rq_cli_ctx->cc_sec);
-        obj.len = sizeof(gsec->gs_rvs_hdl);
-        obj.data = (__u8 *) &gsec->gs_rvs_hdl;
-        if (rawobj_serialize(&obj, &p, &size))
-                LBUG();
-
-        /* 4. now the token */
-        LASSERT(size >= (sizeof(__u32) + token_size));
-        *p++ = cpu_to_le32(((__u32) token_size));
+	/* new clients are expected to set KCSUM flag */
+	ghdr->gh_flags |= LUSTRE_GSS_PACK_KCSUM;
+
+	/* security payload */
+	p = lustre_msg_buf(msg, offset, 0);
+	size = msg->lm_buflens[offset];
+	LASSERT(p);
+
+	/* 1. lustre svc type */
+	LASSERT(size > 4);
+	*p++ = cpu_to_le32(lustre_srv);
+	size -= 4;
+
+	/* 2. target uuid */
+	obj.len = strlen(imp->imp_obd->u.cli.cl_target_uuid.uuid) + 1;
+	obj.data = imp->imp_obd->u.cli.cl_target_uuid.uuid;
+	if (rawobj_serialize(&obj, &p, &size))
+		LBUG();
+
+	/* 3. reverse context handle. actually only needed by root user,
+	 *    but we send it anyway. */
+	gsec = sec2gsec(req->rq_cli_ctx->cc_sec);
+	obj.len = sizeof(gsec->gs_rvs_hdl);
+	obj.data = (__u8 *) &gsec->gs_rvs_hdl;
+	if (rawobj_serialize(&obj, &p, &size))
+		LBUG();
+
+	/* 4. now the token */
+	LASSERT(size >= (sizeof(__u32) + token_size));
+	*p++ = cpu_to_le32(((__u32) token_size));
 	if (copy_from_user(p, token, token_size)) {
-                CERROR("can't copy token\n");
-                return -EFAULT;
-        }
-        size -= sizeof(__u32) + cfs_size_round4(token_size);
+		CERROR("can't copy token\n");
+		return -EFAULT;
+	}
+	size -= sizeof(__u32) + cfs_size_round4(token_size);
 
-        req->rq_reqdata_len = lustre_shrink_msg(req->rq_reqbuf, offset,
-                                                msg->lm_buflens[offset] - size, 0);
-        return 0;
+	req->rq_reqdata_len = lustre_shrink_msg(req->rq_reqbuf, offset,
+					     msg->lm_buflens[offset] - size, 0);
+	return 0;
 }
 
 static

lustre/ptlrpc/gss/gss_crypto.c

@@ -254,7 +254,8 @@ int gss_crypt_generic(struct crypto_blkcipher *tfm, int decrypt, const void *iv,
 	if (iv)
 		memcpy(local_iv, iv, crypto_blkcipher_ivsize(tfm));
 
-	memcpy(out, in, length);
+	if (in != out)
+		memmove(out, in, length);
 
 	ret = gss_setup_sgtable(&sg_out, &sg, out, length);
 	if (ret != 0)
@@ -272,8 +273,7 @@ int gss_crypt_generic(struct crypto_blkcipher *tfm, int decrypt, const void *iv,
 
 int gss_digest_hash(struct ahash_request *req,
 		    rawobj_t *hdr, int msgcnt, rawobj_t *msgs,
-		    int iovcnt, lnet_kiov_t *iovs,
-		    rawobj_t *cksum)
+		    int iovcnt, lnet_kiov_t *iovs)
 {
 	struct scatterlist sg[1];
 	struct sg_table sgt;
@@ -310,7 +310,7 @@ int gss_digest_hash(struct ahash_request *req,
 	}
 
 	if (hdr) {
-		rc = gss_setup_sgtable(&sgt, sg, hdr, sizeof(*hdr));
+		rc = gss_setup_sgtable(&sgt, sg, hdr->data, hdr->len);
 		if (rc)
 			return rc;
 
@@ -324,6 +324,59 @@ int gss_digest_hash(struct ahash_request *req,
 	return rc;
 }
 
+int gss_digest_hash_compat(struct ahash_request *req,
+			   rawobj_t *hdr, int msgcnt, rawobj_t *msgs,
+			   int iovcnt, lnet_kiov_t *iovs)
+{
+	struct scatterlist sg[1];
+	struct sg_table sgt;
+	int rc = 0;
+	int i;
+
+	for (i = 0; i < msgcnt; i++) {
+		if (msgs[i].len == 0)
+			continue;
+
+		rc = gss_setup_sgtable(&sgt, sg, msgs[i].data, msgs[i].len);
+		if (rc)
+			return rc;
+
+		ahash_request_set_crypt(req, sg, NULL, msgs[i].len);
+		rc = crypto_ahash_update(req);
+		gss_teardown_sgtable(&sgt);
+		if (rc)
+			return rc;
+	}
+
+	for (i = 0; i < iovcnt; i++) {
+		if (iovs[i].kiov_len == 0)
+			continue;
+
+		sg_init_table(sg, 1);
+		sg_set_page(&sg[0], iovs[i].kiov_page, iovs[i].kiov_len,
+			    iovs[i].kiov_offset);
+
+		ahash_request_set_crypt(req, sg, NULL, iovs[i].kiov_len);
+		rc = crypto_ahash_update(req);
+		if (rc)
+			return rc;
+	}
+
+	if (hdr) {
+		rc = gss_setup_sgtable(&sgt, sg, &(hdr->len), sizeof(hdr->len));
+		if (rc)
+			return rc;
+
+		ahash_request_set_crypt(req, sg, NULL, sizeof(hdr->len));
+		rc = crypto_ahash_update(req);
+		gss_teardown_sgtable(&sgt);
+		if (rc)
+			return rc;
+	}
+
+	return rc;
+}
+
 int gss_add_padding(rawobj_t *msg, int msg_buflen, int blocksize)
 {
 	int padding;

lustre/ptlrpc/gss/gss_crypto.h

@@ -24,8 +24,10 @@ void gss_teardown_sgtable(struct sg_table *sgt);
 int gss_crypt_generic(struct crypto_blkcipher *tfm, int decrypt, const void *iv,
 		      const void *in, void *out, size_t length);
 int gss_digest_hash(struct ahash_request *req, rawobj_t *hdr,
-		    int msgcnt, rawobj_t *msgs, int iovcnt, lnet_kiov_t *iovs,
-		    rawobj_t *cksum);
+		    int msgcnt, rawobj_t *msgs, int iovcnt, lnet_kiov_t *iovs);
+int gss_digest_hash_compat(struct ahash_request *req,
+			   rawobj_t *hdr, int msgcnt, rawobj_t *msgs,
+			   int iovcnt, lnet_kiov_t *iovs);
 int gss_add_padding(rawobj_t *msg, int msg_buflen, int blocksize);
 int gss_crypt_rawobjs(struct crypto_blkcipher *tfm, __u8 *iv,
 		      int inobj_cnt, rawobj_t *inobjs, rawobj_t *outobj,

lustre/ptlrpc/gss/gss_internal.h

@@ -117,8 +117,9 @@ enum ptlrpc_gss_tgt {
 };
 
 enum ptlrpc_gss_header_flags {
-        LUSTRE_GSS_PACK_BULK            = 1,
-        LUSTRE_GSS_PACK_USER            = 2,
+	LUSTRE_GSS_PACK_BULK            = 1,
+	LUSTRE_GSS_PACK_USER            = 2,
+	LUSTRE_GSS_PACK_KCSUM           = 4,
 };
 
 static inline
@@ -509,6 +510,7 @@ void gss_svc_upcall_destroy_ctx(struct gss_svc_ctx *ctx);
 
 int  __init gss_init_svc_upcall(void);
 void gss_exit_svc_upcall(void);
+extern unsigned int krb5_allow_old_client_csum;
 
 /* lproc_gss.c */
 void gss_stat_oos_record_cli(int behind);