Commit 2d6e6e14 authored by Trond Myklebust's avatar Trond Myklebust

RPCSEC_GSS: this adds some new trace messages and

     makes existing ones consistent with other
     trace messages in the RPC client.
                                                                                
Patch by Chuck Lever
parent 376282cd
No related merge requests found
......@@ -280,7 +280,7 @@ gss_parse_init_downcall(struct gss_api_mech *gm, struct xdr_netobj *buf,
kfree(ctx);
err:
*gc = NULL;
dprintk("RPC: gss_parse_init_downcall returning %d\n", err);
dprintk("RPC: gss_parse_init_downcall returning %d\n", err);
return err;
}
......@@ -311,8 +311,10 @@ __gss_find_upcall(struct gss_auth *gss_auth, uid_t uid)
if (pos->uid != uid)
continue;
atomic_inc(&pos->count);
dprintk("RPC: gss_find_upcall found msg %p\n", pos);
return pos;
}
dprintk("RPC: gss_find_upcall found nothing\n");
return NULL;
}
......@@ -350,6 +352,8 @@ gss_upcall(struct rpc_clnt *clnt, struct rpc_task *task, struct rpc_cred *cred)
uid_t uid = cred->cr_uid;
int res = 0;
dprintk("RPC: %4u gss_upcall for uid %u\n", task->tk_pid, uid);
retry:
spin_lock(&gss_auth->lock);
gss_msg = __gss_find_upcall(gss_auth, uid);
......@@ -358,8 +362,10 @@ gss_upcall(struct rpc_clnt *clnt, struct rpc_task *task, struct rpc_cred *cred)
if (gss_new == NULL) {
spin_unlock(&gss_auth->lock);
gss_new = kmalloc(sizeof(*gss_new), GFP_KERNEL);
if (!gss_new)
if (!gss_new) {
dprintk("RPC: %4u gss_upcall -ENOMEM\n", task->tk_pid);
return -ENOMEM;
}
goto retry;
}
gss_msg = gss_new;
......@@ -389,12 +395,14 @@ gss_upcall(struct rpc_clnt *clnt, struct rpc_task *task, struct rpc_cred *cred)
spin_unlock(&gss_auth->lock);
}
gss_release_msg(gss_msg);
dprintk("RPC: %4u gss_upcall for uid %u result %d", task->tk_pid,
uid, res);
return res;
out_sleep:
/* Sleep forever */
task->tk_timeout = 0;
rpc_sleep_on(&gss_msg->waitq, task, NULL, NULL);
spin_unlock(&gss_auth->lock);
dprintk("RPC: %4u gss_upcall sleeping\n", task->tk_pid);
if (gss_new)
kfree(gss_new);
/* Note: we drop the reference here: we are automatically removed
......@@ -477,12 +485,13 @@ gss_pipe_downcall(struct file *filp, const char *src, size_t mlen)
} else
spin_unlock(&gss_auth->lock);
rpc_release_client(clnt);
dprintk("RPC: gss_pipe_downcall returning length %u\n", mlen);
return mlen;
err:
if (ctx)
gss_destroy_ctx(ctx);
rpc_release_client(clnt);
dprintk("RPC: gss_pipe_downcall returning %d\n", err);
dprintk("RPC: gss_pipe_downcall returning %d\n", err);
return err;
}
......@@ -520,6 +529,8 @@ gss_pipe_destroy_msg(struct rpc_pipe_msg *msg)
static unsigned long ratelimit;
if (msg->errno < 0) {
dprintk("RPC: gss_pipe_destroy_msg releasing msg %p\n",
gss_msg);
atomic_inc(&gss_msg->count);
gss_unhash_msg(gss_msg);
if (msg->errno == -ETIMEDOUT || msg->errno == -EPIPE) {
......@@ -544,7 +555,8 @@ gss_create(struct rpc_clnt *clnt, rpc_authflavor_t flavor)
struct gss_auth *gss_auth;
struct rpc_auth * auth;
dprintk("RPC: creating GSS authenticator for client %p\n",clnt);
dprintk("RPC: creating GSS authenticator for client %p\n",clnt);
if (!(gss_auth = kmalloc(sizeof(*gss_auth), GFP_KERNEL)))
goto out_dec;
gss_auth->mech = gss_pseudoflavor_to_mech(flavor);
......@@ -582,7 +594,8 @@ static void
gss_destroy(struct rpc_auth *auth)
{
struct gss_auth *gss_auth;
dprintk("RPC: destroying GSS authenticator %p flavor %d\n",
dprintk("RPC: destroying GSS authenticator %p flavor %d\n",
auth, auth->au_flavor);
gss_auth = container_of(auth, struct gss_auth, rpc_auth);
......@@ -597,8 +610,7 @@ gss_destroy(struct rpc_auth *auth)
static void
gss_destroy_ctx(struct gss_cl_ctx *ctx)
{
dprintk("RPC: gss_destroy_ctx\n");
dprintk("RPC: gss_destroy_ctx\n");
if (ctx->gc_gss_ctx)
gss_delete_sec_context(&ctx->gc_gss_ctx);
......@@ -617,7 +629,7 @@ gss_destroy_cred(struct rpc_cred *rc)
{
struct gss_cred *cred = (struct gss_cred *)rc;
dprintk("RPC: gss_destroy_cred \n");
dprintk("RPC: gss_destroy_cred \n");
if (cred->gc_ctx)
gss_put_ctx(cred->gc_ctx);
......@@ -629,7 +641,7 @@ gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int taskflags)
{
struct gss_cred *cred = NULL;
dprintk("RPC: gss_create_cred for uid %d, flavor %d\n",
dprintk("RPC: gss_create_cred for uid %d, flavor %d\n",
acred->uid, auth->au_flavor);
if (!(cred = kmalloc(sizeof(*cred), GFP_KERNEL)))
......@@ -649,7 +661,7 @@ gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int taskflags)
return (struct rpc_cred *) cred;
out_err:
dprintk("RPC: gss_create_cred failed\n");
dprintk("RPC: gss_create_cred failed\n");
if (cred) gss_destroy_cred((struct rpc_cred *)cred);
return NULL;
}
......@@ -679,15 +691,15 @@ gss_marshal(struct rpc_task *task, u32 *p, int ruid)
struct xdr_buf verf_buf;
u32 service;
dprintk("RPC: gss_marshal\n");
dprintk("RPC: %4u gss_marshal\n", task->tk_pid);
*p++ = htonl(RPC_AUTH_GSS);
cred_len = p++;
service = gss_pseudoflavor_to_service(gss_cred->gc_flavor);
if (service == 0) {
dprintk("Bad pseudoflavor %d in gss_marshal\n",
gss_cred->gc_flavor);
dprintk("RPC: %4u Bad pseudoflavor %d in gss_marshal\n",
task->tk_pid, gss_cred->gc_flavor);
goto out_put_ctx;
}
spin_lock(&ctx->gc_seq_lock);
......@@ -757,7 +769,7 @@ gss_validate(struct rpc_task *task, u32 *p)
u32 flav,len;
u32 service;
dprintk("RPC: gss_validate\n");
dprintk("RPC: %4u gss_validate\n", task->tk_pid);
flav = ntohl(*p++);
if ((len = ntohl(*p++)) > RPC_MAX_AUTH_SIZE)
......@@ -787,9 +799,12 @@ gss_validate(struct rpc_task *task, u32 *p)
goto out_bad;
}
gss_put_ctx(ctx);
dprintk("RPC: %4u GSS gss_validate: gss_verify_mic succeeded.\n",
task->tk_pid);
return p + XDR_QUADLEN(len);
out_bad:
gss_put_ctx(ctx);
dprintk("RPC: %4u gss_validate failed.\n", task->tk_pid);
return NULL;
}
......@@ -812,7 +827,7 @@ gss_wrap_req(struct rpc_task *task,
u32 offset, *q;
struct iovec *iov;
dprintk("RPC: gss_wrap_body\n");
dprintk("RPC: %4u gss_wrap_req\n", task->tk_pid);
BUG_ON(!ctx);
if (ctx->gc_proc != RPC_GSS_PROC_DATA) {
/* The spec seems a little ambiguous here, but I think that not
......@@ -867,7 +882,7 @@ gss_wrap_req(struct rpc_task *task,
status = 0;
out:
gss_put_ctx(ctx);
dprintk("RPC: gss_wrap_req returning %d\n", status);
dprintk("RPC: %4u gss_wrap_req returning %d\n", task->tk_pid, status);
return status;
}
......@@ -928,7 +943,8 @@ gss_unwrap_resp(struct rpc_task *task,
status = decode(rqstp, p, obj);
out:
gss_put_ctx(ctx);
dprintk("RPC: gss_unwrap_resp returning %d\n", status);
dprintk("RPC: %4u gss_unwrap_resp returning %d\n", task->tk_pid,
status);
return status;
}
......
......@@ -59,14 +59,14 @@ krb5_encrypt(
struct scatterlist sg[1];
u8 local_iv[16] = {0};
dprintk("RPC: krb5_encrypt: input data:\n");
dprintk("RPC: krb5_encrypt: input data:\n");
print_hexl((u32 *)in, length, 0);
if (length % crypto_tfm_alg_blocksize(tfm) != 0)
goto out;
if (crypto_tfm_alg_ivsize(tfm) > 16) {
dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n",
dprintk("RPC: gss_k5encrypt: tfm iv size to large %d\n",
crypto_tfm_alg_ivsize(tfm));
goto out;
}
......@@ -81,10 +81,10 @@ krb5_encrypt(
ret = crypto_cipher_encrypt_iv(tfm, sg, sg, length, local_iv);
dprintk("RPC: krb5_encrypt: output data:\n");
dprintk("RPC: krb5_encrypt: output data:\n");
print_hexl((u32 *)out, length, 0);
out:
dprintk("krb5_encrypt returns %d\n",ret);
dprintk("RPC: krb5_encrypt returns %d\n",ret);
return(ret);
}
......@@ -100,14 +100,14 @@ krb5_decrypt(
struct scatterlist sg[1];
u8 local_iv[16] = {0};
dprintk("RPC: krb5_decrypt: input data:\n");
dprintk("RPC: krb5_decrypt: input data:\n");
print_hexl((u32 *)in, length, 0);
if (length % crypto_tfm_alg_blocksize(tfm) != 0)
goto out;
if (crypto_tfm_alg_ivsize(tfm) > 16) {
dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n",
dprintk("RPC: gss_k5decrypt: tfm iv size to large %d\n",
crypto_tfm_alg_ivsize(tfm));
goto out;
}
......@@ -121,10 +121,10 @@ krb5_decrypt(
ret = crypto_cipher_decrypt_iv(tfm, sg, sg, length, local_iv);
dprintk("RPC: krb5_decrypt: output_data:\n");
dprintk("RPC: krb5_decrypt: output_data:\n");
print_hexl((u32 *)out, length, 0);
out:
dprintk("gss_k5decrypt returns %d\n",ret);
dprintk("RPC: gss_k5decrypt returns %d\n",ret);
return(ret);
}
......@@ -153,7 +153,7 @@ krb5_make_checksum(s32 cksumtype, char *header, struct xdr_buf *body,
cksumname = "md5";
break;
default:
dprintk("RPC: krb5_make_checksum:"
dprintk("RPC: krb5_make_checksum:"
" unsupported checksum %d", cksumtype);
goto out;
}
......
......@@ -100,7 +100,7 @@ get_key(char **p, char *end, struct crypto_tfm **res)
alg_mode = CRYPTO_TFM_MODE_CBC;
break;
default:
dprintk("RPC: get_key: unsupported algorithm %d\n", alg);
dprintk("RPC: get_key: unsupported algorithm %d\n", alg);
goto out_err_free_key;
}
if (!(*res = crypto_alloc_tfm(alg_name, alg_mode)))
......@@ -155,7 +155,7 @@ gss_import_sec_context_kerberos(struct xdr_netobj *inbuf,
goto out_err_free_key2;
ctx_id->internal_ctx_id = ctx;
dprintk("Succesfully imported new context.\n");
dprintk("RPC: Succesfully imported new context.\n");
return 0;
out_err_free_key2:
......@@ -197,7 +197,7 @@ gss_verify_mic_kerberos(struct gss_ctx *ctx,
if (!maj_stat && qop_state)
*qstate = qop_state;
dprintk("RPC: gss_verify_mic_kerberos returning %d\n", maj_stat);
dprintk("RPC: gss_verify_mic_kerberos returning %d\n", maj_stat);
return maj_stat;
}
......@@ -211,7 +211,7 @@ gss_get_mic_kerberos(struct gss_ctx *ctx,
err = krb5_make_token(kctx, qop, message, mic_token, KG_TOK_MIC_MSG);
dprintk("RPC: gss_get_mic_kerberos returning %d\n",err);
dprintk("RPC: gss_get_mic_kerberos returning %d\n",err);
return err;
}
......
......@@ -101,12 +101,12 @@ krb5_make_token(struct krb5_ctx *ctx, int qop_req,
checksum_type = CKSUMTYPE_RSA_MD5;
break;
default:
dprintk("RPC: gss_krb5_seal: ctx->signalg %d not"
dprintk("RPC: gss_krb5_seal: ctx->signalg %d not"
" supported\n", ctx->signalg);
goto out_err;
}
if (ctx->sealalg != SEAL_ALG_NONE && ctx->sealalg != SEAL_ALG_DES) {
dprintk("RPC: gss_krb5_seal: ctx->sealalg %d not supported\n",
dprintk("RPC: gss_krb5_seal: ctx->sealalg %d not supported\n",
ctx->sealalg);
goto out_err;
}
......@@ -151,7 +151,7 @@ krb5_make_token(struct krb5_ctx *ctx, int qop_req,
md5cksum.data + md5cksum.len - KRB5_CKSUM_LENGTH,
KRB5_CKSUM_LENGTH);
dprintk("make_seal_token: cksum data: \n");
dprintk("RPC: make_seal_token: cksum data: \n");
print_hexl((u32 *) (krb5_hdr + 16), KRB5_CKSUM_LENGTH, 0);
break;
default:
......
......@@ -70,7 +70,7 @@ krb5_get_seq_num(struct crypto_tfm *key,
s32 code;
unsigned char plain[8];
dprintk("krb5_get_seq_num: \n");
dprintk("RPC: krb5_get_seq_num:\n");
if ((code = krb5_decrypt(key, cksum, buf, plain, 8)))
return code;
......
......@@ -81,7 +81,7 @@ gss_mech_register(struct xdr_netobj * mech_type, struct gss_api_ops * ops)
spin_lock(&registered_mechs_lock);
list_add(&gm->gm_list, &registered_mechs);
spin_unlock(&registered_mechs_lock);
dprintk("RPC: gss_mech_register: registered mechanism with oid:\n");
dprintk("RPC: gss_mech_register: registered mechanism with oid:\n");
print_hexl((u32 *)mech_type->data, mech_type->len, 0);
return 0;
}
......@@ -93,11 +93,10 @@ do_gss_mech_unregister(struct gss_api_mech *gm)
list_del(&gm->gm_list);
dprintk("RPC: unregistered mechanism with oid:\n");
dprintk("RPC: unregistered mechanism with oid:\n");
print_hexl((u32 *)gm->gm_oid.data, gm->gm_oid.len, 0);
if (!gss_mech_put(gm)) {
dprintk("RPC: We just unregistered a gss_mechanism which"
" someone is still using.\n");
dprintk("RPC: We just unregistered a gss_mechanism which someone is still using.\n");
return -1;
} else {
return 0;
......@@ -145,7 +144,7 @@ gss_mech_get_by_OID(struct xdr_netobj *mech_type)
{
struct gss_api_mech *pos, *gm = NULL;
dprintk("RPC: gss_mech_get_by_OID searching for mechanism with OID:\n");
dprintk("RPC: gss_mech_get_by_OID searching for mechanism with OID:\n");
print_hexl((u32 *)mech_type->data, mech_type->len, 0);
spin_lock(&registered_mechs_lock);
list_for_each_entry(pos, &registered_mechs, gm_list) {
......@@ -157,7 +156,7 @@ gss_mech_get_by_OID(struct xdr_netobj *mech_type)
}
}
spin_unlock(&registered_mechs_lock);
dprintk("RPC: gss_mech_get_by_OID %s it\n", gm ? "found" : "didn't find");
dprintk("RPC: gss_mech_get_by_OID %s it\n", gm ? "found" : "didn't find");
return gm;
}
......@@ -244,7 +243,8 @@ gss_verify_mic(struct gss_ctx *context_handle,
u32
gss_delete_sec_context(struct gss_ctx **context_handle)
{
dprintk("gss_delete_sec_context deleting %p\n",*context_handle);
dprintk("RPC: gss_delete_sec_context deleting %p\n",
*context_handle);
if (!*context_handle)
return(GSS_S_NO_CONTEXT);
......
......@@ -82,12 +82,13 @@ gss_register_triple(u32 pseudoflavor, struct gss_api_mech *mech,
spin_lock(&registered_triples_lock);
if (do_lookup_triple_by_pseudoflavor(pseudoflavor)) {
printk("Registered pseudoflavor %d again\n", pseudoflavor);
printk(KERN_WARNING "RPC: Registered pseudoflavor %d again\n",
pseudoflavor);
goto err_unlock;
}
list_add(&triple->triples, &registered_triples);
spin_unlock(&registered_triples_lock);
dprintk("RPC: registered pseudoflavor %d\n", pseudoflavor);
dprintk("RPC: registered pseudoflavor %d\n", pseudoflavor);
return 0;
......@@ -145,7 +146,7 @@ gss_cmp_triples(u32 oid_len, char *oid_data, u32 qop, u32 service)
oid.len = oid_len;
oid.data = oid_data;
dprintk("RPC: gss_cmp_triples \n");
dprintk("RPC: gss_cmp_triples\n");
print_sec_triple(&oid,qop,service);
spin_lock(&registered_triples_lock);
......@@ -158,7 +159,7 @@ gss_cmp_triples(u32 oid_len, char *oid_data, u32 qop, u32 service)
}
}
spin_unlock(&registered_triples_lock);
dprintk("RPC: gss_cmp_triples return %d\n", pseudoflavor);
dprintk("RPC: gss_cmp_triples return %d\n", pseudoflavor);
return pseudoflavor;
}
......@@ -193,8 +194,8 @@ gss_pseudoflavor_to_service(u32 pseudoflavor)
triple = do_lookup_triple_by_pseudoflavor(pseudoflavor);
spin_unlock(&registered_triples_lock);
if (!triple) {
dprintk("RPC: gss_pseudoflavor_to_service called with"
" unsupported pseudoflavor %d\n", pseudoflavor);
dprintk("RPC: gss_pseudoflavor_to_service called with unsupported pseudoflavor %d\n",
pseudoflavor);
return 0;
}
return triple->service;
......@@ -211,8 +212,8 @@ gss_pseudoflavor_to_mech(u32 pseudoflavor) {
if (triple)
mech = gss_mech_get(triple->mech);
else
dprintk("RPC: gss_pseudoflavor_to_mech called with"
" unsupported pseudoflavor %d\n", pseudoflavor);
dprintk("RPC: gss_pseudoflavor_to_mech called with unsupported pseudoflavor %d\n",
pseudoflavor);
return mech;
}
......@@ -223,8 +224,8 @@ gss_pseudoflavor_to_mechOID(u32 pseudoflavor, struct xdr_netobj * oid)
mech = gss_pseudoflavor_to_mech(pseudoflavor);
if (!mech) {
dprintk("RPC: gss_pseudoflavor_to_mechOID called with"
" unsupported pseudoflavor %d\n", pseudoflavor);
dprintk("RPC: gss_pseudoflavor_to_mechOID called with unsupported pseudoflavor %d\n",
pseudoflavor);
return -1;
}
oid->len = mech->gm_oid.len;
......
......@@ -570,14 +570,14 @@ gss_verify_header(struct svc_rqst *rqstp, struct rsc *rsci,
}
if (gc->gc_seq > MAXSEQ) {
dprintk("svcauth_gss: discarding request with large"
" sequence number %d\n", gc->gc_seq);
dprintk("RPC: svcauth_gss: discarding request with large sequence number %d\n",
gc->gc_seq);
*authp = rpcsec_gsserr_ctxproblem;
return SVC_DENIED;
}
if (!gss_check_seq_num(rsci, gc->gc_seq)) {
dprintk("svcauth_gss: discarding request with old"
" sequence number %d\n", gc->gc_seq);
dprintk("RPC: svcauth_gss: discarding request with old sequence number %d\n",
gc->gc_seq);
return SVC_DROP;
}
return SVC_OK;
......@@ -755,7 +755,7 @@ svcauth_gss_accept(struct svc_rqst *rqstp, u32 *authp)
u32 *reject_stat = resv->iov_base + resv->iov_len;
int ret;
dprintk("RPC: svcauth_gss: argv->iov_len = %zd\n",argv->iov_len);
dprintk("RPC: svcauth_gss: argv->iov_len = %zd\n",argv->iov_len);
*authp = rpc_autherr_badcred;
if (!svcdata)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment