/* * GPL HEADER START * * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 2 only, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, but * WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License version 2 for more details (a copy is included * in the LICENSE file that accompanied this code). * * You should have received a copy of the GNU General Public License * version 2 along with this program; If not, see * http://www.sun.com/software/products/lustre/docs/GPLv2.pdf * * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, * CA 95054 USA or visit www.sun.com if you need additional information or * have any questions. * * GPL HEADER END */ /* * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. * Use is subject to license terms. * * Copyright (c) 2011, 2015, Intel Corporation. */ /* * This file is part of Lustre, http://www.lustre.org/ * Lustre is a trademark of Sun Microsystems, Inc. * * lustre/ptlrpc/sec_bulk.c * * Author: Eric Mei */ #define DEBUG_SUBSYSTEM S_SEC #include "../../include/linux/libcfs/libcfs.h" #include #include "../include/obd.h" #include "../include/obd_cksum.h" #include "../include/obd_class.h" #include "../include/obd_support.h" #include "../include/lustre_net.h" #include "../include/lustre_import.h" #include "../include/lustre_dlm.h" #include "../include/lustre_sec.h" #include "ptlrpc_internal.h" /**************************************** * bulk encryption page pools * ****************************************/ #define POINTERS_PER_PAGE (PAGE_SIZE / sizeof(void *)) #define PAGES_PER_POOL (POINTERS_PER_PAGE) #define IDLE_IDX_MAX (100) #define IDLE_IDX_WEIGHT (3) #define CACHE_QUIESCENT_PERIOD (20) static struct ptlrpc_enc_page_pool { /* * constants */ unsigned long epp_max_pages; /* maximum pages can hold, const */ unsigned int epp_max_pools; /* number of pools, const */ /* * wait queue in case of not enough free pages. */ wait_queue_head_t epp_waitq; /* waiting threads */ unsigned int epp_waitqlen; /* wait queue length */ unsigned long epp_pages_short; /* # of pages wanted of in-q users */ unsigned int epp_growing:1; /* during adding pages */ /* * indicating how idle the pools are, from 0 to MAX_IDLE_IDX * this is counted based on each time when getting pages from * the pools, not based on time. which means in case that system * is idled for a while but the idle_idx might still be low if no * activities happened in the pools. */ unsigned long epp_idle_idx; /* last shrink time due to mem tight */ time64_t epp_last_shrink; time64_t epp_last_access; /* * in-pool pages bookkeeping */ spinlock_t epp_lock; /* protect following fields */ unsigned long epp_total_pages; /* total pages in pools */ unsigned long epp_free_pages; /* current pages available */ /* * statistics */ unsigned long epp_st_max_pages; /* # of pages ever reached */ unsigned int epp_st_grows; /* # of grows */ unsigned int epp_st_grow_fails; /* # of add pages failures */ unsigned int epp_st_shrinks; /* # of shrinks */ unsigned long epp_st_access; /* # of access */ unsigned long epp_st_missings; /* # of cache missing */ unsigned long epp_st_lowfree; /* lowest free pages reached */ unsigned int epp_st_max_wqlen; /* highest waitqueue length */ unsigned long epp_st_max_wait; /* in jiffies */ /* * pointers to pools */ struct page ***epp_pools; } page_pools; /* * /sys/kernel/debug/lustre/sptlrpc/encrypt_page_pools */ int sptlrpc_proc_enc_pool_seq_show(struct seq_file *m, void *v) { spin_lock(&page_pools.epp_lock); seq_printf(m, "physical pages: %lu\n" "pages per pool: %lu\n" "max pages: %lu\n" "max pools: %u\n" "total pages: %lu\n" "total free: %lu\n" "idle index: %lu/100\n" "last shrink: %lds\n" "last access: %lds\n" "max pages reached: %lu\n" "grows: %u\n" "grows failure: %u\n" "shrinks: %u\n" "cache access: %lu\n" "cache missing: %lu\n" "low free mark: %lu\n" "max waitqueue depth: %u\n" "max wait time: %ld/%u\n", totalram_pages, PAGES_PER_POOL, page_pools.epp_max_pages, page_pools.epp_max_pools, page_pools.epp_total_pages, page_pools.epp_free_pages, page_pools.epp_idle_idx, (long)(ktime_get_seconds() - page_pools.epp_last_shrink), (long)(ktime_get_seconds() - page_pools.epp_last_access), page_pools.epp_st_max_pages, page_pools.epp_st_grows, page_pools.epp_st_grow_fails, page_pools.epp_st_shrinks, page_pools.epp_st_access, page_pools.epp_st_missings, page_pools.epp_st_lowfree, page_pools.epp_st_max_wqlen, page_pools.epp_st_max_wait, HZ); spin_unlock(&page_pools.epp_lock); return 0; } static void enc_pools_release_free_pages(long npages) { int p_idx, g_idx; int p_idx_max1, p_idx_max2; LASSERT(npages > 0); LASSERT(npages <= page_pools.epp_free_pages); LASSERT(page_pools.epp_free_pages <= page_pools.epp_total_pages); /* max pool index before the release */ p_idx_max2 = (page_pools.epp_total_pages - 1) / PAGES_PER_POOL; page_pools.epp_free_pages -= npages; page_pools.epp_total_pages -= npages; /* max pool index after the release */ p_idx_max1 = page_pools.epp_total_pages == 0 ? -1 : ((page_pools.epp_total_pages - 1) / PAGES_PER_POOL); p_idx = page_pools.epp_free_pages / PAGES_PER_POOL; g_idx = page_pools.epp_free_pages % PAGES_PER_POOL; LASSERT(page_pools.epp_pools[p_idx]); while (npages--) { LASSERT(page_pools.epp_pools[p_idx]); LASSERT(page_pools.epp_pools[p_idx][g_idx]); __free_page(page_pools.epp_pools[p_idx][g_idx]); page_pools.epp_pools[p_idx][g_idx] = NULL; if (++g_idx == PAGES_PER_POOL) { p_idx++; g_idx = 0; } } /* free unused pools */ while (p_idx_max1 < p_idx_max2) { LASSERT(page_pools.epp_pools[p_idx_max2]); kfree(page_pools.epp_pools[p_idx_max2]); page_pools.epp_pools[p_idx_max2] = NULL; p_idx_max2--; } } /* * we try to keep at least PTLRPC_MAX_BRW_PAGES pages in the pool. */ static unsigned long enc_pools_shrink_count(struct shrinker *s, struct shrink_control *sc) { /* * if no pool access for a long time, we consider it's fully idle. * a little race here is fine. */ if (unlikely(ktime_get_seconds() - page_pools.epp_last_access > CACHE_QUIESCENT_PERIOD)) { spin_lock(&page_pools.epp_lock); page_pools.epp_idle_idx = IDLE_IDX_MAX; spin_unlock(&page_pools.epp_lock); } LASSERT(page_pools.epp_idle_idx <= IDLE_IDX_MAX); return max((int)page_pools.epp_free_pages - PTLRPC_MAX_BRW_PAGES, 0) * (IDLE_IDX_MAX - page_pools.epp_idle_idx) / IDLE_IDX_MAX; } /* * we try to keep at least PTLRPC_MAX_BRW_PAGES pages in the pool. */ static unsigned long enc_pools_shrink_scan(struct shrinker *s, struct shrink_control *sc) { spin_lock(&page_pools.epp_lock); sc->nr_to_scan = min_t(unsigned long, sc->nr_to_scan, page_pools.epp_free_pages - PTLRPC_MAX_BRW_PAGES); if (sc->nr_to_scan > 0) { enc_pools_release_free_pages(sc->nr_to_scan); CDEBUG(D_SEC, "released %ld pages, %ld left\n", (long)sc->nr_to_scan, page_pools.epp_free_pages); page_pools.epp_st_shrinks++; page_pools.epp_last_shrink = ktime_get_seconds(); } spin_unlock(&page_pools.epp_lock); /* * if no pool access for a long time, we consider it's fully idle. * a little race here is fine. */ if (unlikely(ktime_get_seconds() - page_pools.epp_last_access > CACHE_QUIESCENT_PERIOD)) { spin_lock(&page_pools.epp_lock); page_pools.epp_idle_idx = IDLE_IDX_MAX; spin_unlock(&page_pools.epp_lock); } LASSERT(page_pools.epp_idle_idx <= IDLE_IDX_MAX); return sc->nr_to_scan; } static inline int npages_to_npools(unsigned long npages) { return (int) ((npages + PAGES_PER_POOL - 1) / PAGES_PER_POOL); } /* * return how many pages cleaned up. */ static unsigned long enc_pools_cleanup(struct page ***pools, int npools) { unsigned long cleaned = 0; int i, j; for (i = 0; i < npools; i++) { if (pools[i]) { for (j = 0; j < PAGES_PER_POOL; j++) { if (pools[i][j]) { __free_page(pools[i][j]); cleaned++; } } kfree(pools[i]); pools[i] = NULL; } } return cleaned; } static inline void enc_pools_wakeup(void) { assert_spin_locked(&page_pools.epp_lock); if (unlikely(page_pools.epp_waitqlen)) { LASSERT(waitqueue_active(&page_pools.epp_waitq)); wake_up_all(&page_pools.epp_waitq); } } void sptlrpc_enc_pool_put_pages(struct ptlrpc_bulk_desc *desc) { int p_idx, g_idx; int i; if (!desc->bd_enc_iov) return; LASSERT(desc->bd_iov_count > 0); spin_lock(&page_pools.epp_lock); p_idx = page_pools.epp_free_pages / PAGES_PER_POOL; g_idx = page_pools.epp_free_pages % PAGES_PER_POOL; LASSERT(page_pools.epp_free_pages + desc->bd_iov_count <= page_pools.epp_total_pages); LASSERT(page_pools.epp_pools[p_idx]); for (i = 0; i < desc->bd_iov_count; i++) { LASSERT(desc->bd_enc_iov[i].kiov_page); LASSERT(g_idx != 0 || page_pools.epp_pools[p_idx]); LASSERT(!page_pools.epp_pools[p_idx][g_idx]); page_pools.epp_pools[p_idx][g_idx] = desc->bd_enc_iov[i].kiov_page; if (++g_idx == PAGES_PER_POOL) { p_idx++; g_idx = 0; } } page_pools.epp_free_pages += desc->bd_iov_count; enc_pools_wakeup(); spin_unlock(&page_pools.epp_lock); kfree(desc->bd_enc_iov); desc->bd_enc_iov = NULL; } EXPORT_SYMBOL(sptlrpc_enc_pool_put_pages); static inline void enc_pools_alloc(void) { LASSERT(page_pools.epp_max_pools); page_pools.epp_pools = libcfs_kvzalloc(page_pools.epp_max_pools * sizeof(*page_pools.epp_pools), GFP_NOFS); } static inline void enc_pools_free(void) { LASSERT(page_pools.epp_max_pools); LASSERT(page_pools.epp_pools); kvfree(page_pools.epp_pools); } static struct shrinker pools_shrinker = { .count_objects = enc_pools_shrink_count, .scan_objects = enc_pools_shrink_scan, .seeks = DEFAULT_SEEKS, }; int sptlrpc_enc_pool_init(void) { /* * maximum capacity is 1/8 of total physical memory. * is the 1/8 a good number? */ page_pools.epp_max_pages = totalram_pages / 8; page_pools.epp_max_pools = npages_to_npools(page_pools.epp_max_pages); init_waitqueue_head(&page_pools.epp_waitq); page_pools.epp_waitqlen = 0; page_pools.epp_pages_short = 0; page_pools.epp_growing = 0; page_pools.epp_idle_idx = 0; page_pools.epp_last_shrink = ktime_get_seconds(); page_pools.epp_last_access = ktime_get_seconds(); spin_lock_init(&page_pools.epp_lock); page_pools.epp_total_pages = 0; page_pools.epp_free_pages = 0; page_pools.epp_st_max_pages = 0; page_pools.epp_st_grows = 0; page_pools.epp_st_grow_fails = 0; page_pools.epp_st_shrinks = 0; page_pools.epp_st_access = 0; page_pools.epp_st_missings = 0; page_pools.epp_st_lowfree = 0; page_pools.epp_st_max_wqlen = 0; page_pools.epp_st_max_wait = 0; enc_pools_alloc(); if (!page_pools.epp_pools) return -ENOMEM; register_shrinker(&pools_shrinker); return 0; } void sptlrpc_enc_pool_fini(void) { unsigned long cleaned, npools; LASSERT(page_pools.epp_pools); LASSERT(page_pools.epp_total_pages == page_pools.epp_free_pages); unregister_shrinker(&pools_shrinker); npools = npages_to_npools(page_pools.epp_total_pages); cleaned = enc_pools_cleanup(page_pools.epp_pools, npools); LASSERT(cleaned == page_pools.epp_total_pages); enc_pools_free(); if (page_pools.epp_st_access > 0) { CDEBUG(D_SEC, "max pages %lu, grows %u, grow fails %u, shrinks %u, access %lu, missing %lu, max qlen %u, max wait %ld/%d\n", page_pools.epp_st_max_pages, page_pools.epp_st_grows, page_pools.epp_st_grow_fails, page_pools.epp_st_shrinks, page_pools.epp_st_access, page_pools.epp_st_missings, page_pools.epp_st_max_wqlen, page_pools.epp_st_max_wait, HZ); } } static int cfs_hash_alg_id[] = { [BULK_HASH_ALG_NULL] = CFS_HASH_ALG_NULL, [BULK_HASH_ALG_ADLER32] = CFS_HASH_ALG_ADLER32, [BULK_HASH_ALG_CRC32] = CFS_HASH_ALG_CRC32, [BULK_HASH_ALG_MD5] = CFS_HASH_ALG_MD5, [BULK_HASH_ALG_SHA1] = CFS_HASH_ALG_SHA1, [BULK_HASH_ALG_SHA256] = CFS_HASH_ALG_SHA256, [BULK_HASH_ALG_SHA384] = CFS_HASH_ALG_SHA384, [BULK_HASH_ALG_SHA512] = CFS_HASH_ALG_SHA512, }; const char *sptlrpc_get_hash_name(__u8 hash_alg) { return cfs_crypto_hash_name(cfs_hash_alg_id[hash_alg]); } EXPORT_SYMBOL(sptlrpc_get_hash_name); __u8 sptlrpc_get_hash_alg(const char *algname) { return cfs_crypto_hash_alg(algname); } EXPORT_SYMBOL(sptlrpc_get_hash_alg); int bulk_sec_desc_unpack(struct lustre_msg *msg, int offset, int swabbed) { struct ptlrpc_bulk_sec_desc *bsd; int size = msg->lm_buflens[offset]; bsd = lustre_msg_buf(msg, offset, sizeof(*bsd)); if (!bsd) { CERROR("Invalid bulk sec desc: size %d\n", size); return -EINVAL; } if (swabbed) __swab32s(&bsd->bsd_nob); if (unlikely(bsd->bsd_version != 0)) { CERROR("Unexpected version %u\n", bsd->bsd_version); return -EPROTO; } if (unlikely(bsd->bsd_type >= SPTLRPC_BULK_MAX)) { CERROR("Invalid type %u\n", bsd->bsd_type); return -EPROTO; } /* FIXME more sanity check here */ if (unlikely(bsd->bsd_svc != SPTLRPC_BULK_SVC_NULL && bsd->bsd_svc != SPTLRPC_BULK_SVC_INTG && bsd->bsd_svc != SPTLRPC_BULK_SVC_PRIV)) { CERROR("Invalid svc %u\n", bsd->bsd_svc); return -EPROTO; } return 0; } EXPORT_SYMBOL(bulk_sec_desc_unpack); int sptlrpc_get_bulk_checksum(struct ptlrpc_bulk_desc *desc, __u8 alg, void *buf, int buflen) { struct cfs_crypto_hash_desc *hdesc; int hashsize; char hashbuf[64]; unsigned int bufsize; int i, err; LASSERT(alg > BULK_HASH_ALG_NULL && alg < BULK_HASH_ALG_MAX); LASSERT(buflen >= 4); hdesc = cfs_crypto_hash_init(cfs_hash_alg_id[alg], NULL, 0); if (IS_ERR(hdesc)) { CERROR("Unable to initialize checksum hash %s\n", cfs_crypto_hash_name(cfs_hash_alg_id[alg])); return PTR_ERR(hdesc); } hashsize = cfs_crypto_hash_digestsize(cfs_hash_alg_id[alg]); for (i = 0; i < desc->bd_iov_count; i++) { cfs_crypto_hash_update_page(hdesc, desc->bd_iov[i].kiov_page, desc->bd_iov[i].kiov_offset & ~CFS_PAGE_MASK, desc->bd_iov[i].kiov_len); } if (hashsize > buflen) { bufsize = sizeof(hashbuf); err = cfs_crypto_hash_final(hdesc, (unsigned char *)hashbuf, &bufsize); memcpy(buf, hashbuf, buflen); } else { bufsize = buflen; err = cfs_crypto_hash_final(hdesc, buf, &bufsize); } if (err) cfs_crypto_hash_final(hdesc, NULL, NULL); return err; } EXPORT_SYMBOL(sptlrpc_get_bulk_checksum);