libceph: add update_authorizer auth method

Currently the messenger calls out to a get_authorizer con op, which will
create a new authorizer if it doesn't yet have one.  In the meantime, when
we rotate our service keys, the authorizer doesn't get updated.  Eventually
it will be rejected by the server on a new connection attempt and get
invalidated, and we will then rebuild a new authorizer, but this is not
ideal.

Instead, if we do have an authorizer, call a new update_authorizer op that
will verify that the current authorizer is using the latest secret.  If it
is not, we will build a new one that does.  This avoids the transient
failure.

This fixes one of the sorry sequence of events for bug

	http://tracker.ceph.com/issues/4282

Signed-off-by: Sage Weil <sage@inktank.com>
Reviewed-by: Alex Elder <elder@inktank.com>

diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
index 0db6f5206d11416b7874cf7f2243d7b42cf71c8c..010ff83d640bddc12f03f04b427d0a511fd7f4fe 100644 (file)
--- a/fs/ceph/mds_client.c
+++ b/fs/ceph/mds_client.c
@@ -3445,7 +3445,12 @@ static struct ceph_auth_handshake *get_authorizer(struct ceph_connection *con,
        }
        if (!auth->authorizer && ac->ops && ac->ops->create_authorizer) {
                int ret = ac->ops->create_authorizer(ac, CEPH_ENTITY_TYPE_MDS,
-                                                       auth);
+                                                    auth);
+               if (ret)
+                       return ERR_PTR(ret);
+       } else if (ac->ops && ac->ops_update_authorizer) {
+               int ret = ac->ops->update_authorizer(ac, CEPH_ENTITY_TYPE_MDS,
+                                                    auth);
                if (ret)
                        return ERR_PTR(ret);
        }

diff --git a/include/linux/ceph/auth.h b/include/linux/ceph/auth.h
index d4080f309b5699d5fbaa5dbe96d38a1977be7693..73e973e7002664c0bbe87d77322f08018f6f6d2a 100644 (file)
--- a/include/linux/ceph/auth.h
+++ b/include/linux/ceph/auth.h
@@ -52,6 +52,9 @@ struct ceph_auth_client_ops {
         */
        int (*create_authorizer)(struct ceph_auth_client *ac, int peer_type,
                                 struct ceph_auth_handshake *auth);
+       /* ensure that an existing authorizer is up to date */
+       int (*update_authorizer)(struct ceph_auth_client *ac, int peer_type,
+                                struct ceph_auth_handshake *auth);
        int (*verify_authorizer_reply)(struct ceph_auth_client *ac,
                                       struct ceph_authorizer *a, size_t len);
        void (*destroy_authorizer)(struct ceph_auth_client *ac,

diff --git a/net/ceph/auth_x.c b/net/ceph/auth_x.c
index bd8758dbfded1d2d8db1feb0fee68127f0d30146..2d5981555cd6dcb9e5ae2485cc56462ccf46a32f 100644 (file)
--- a/net/ceph/auth_x.c
+++ b/net/ceph/auth_x.c
@@ -298,6 +298,7 @@ static int ceph_x_build_authorizer(struct ceph_auth_client *ac,
                        return -ENOMEM;
        }
        au->service = th->service;
+       au->secret_id = th->secret_id;
 
        msg_a = au->buf->vec.iov_base;
        msg_a->struct_v = 1;
@@ -555,6 +556,27 @@ static int ceph_x_create_authorizer(
        return 0;
 }
 
+static int ceph_x_update_authorizer(
+       struct ceph_auth_client *ac, int peer_type,
+       struct ceph_auth_handshake *auth)
+{
+       struct ceph_x_authorizer *au;
+       struct ceph_x_ticket_handler *th;
+       int ret;
+
+       th = get_ticket_handler(ac, peer_type);
+       if (IS_ERR(th))
+               return PTR_ERR(th);
+
+       au = (struct ceph_x_authorizer *)auth->authorizer;
+       if (au->secret_id < th->secret_id) {
+               dout("ceph_x_update_authorizer service %u secret %llu < %llu\n",
+                    au->service, au->secret_id, th->secret_id);
+               return ceph_x_build_authorizer(ac, th, au);
+       }
+       return 0;
+}
+
 static int ceph_x_verify_authorizer_reply(struct ceph_auth_client *ac,
                                          struct ceph_authorizer *a, size_t len)
 {
@@ -641,6 +663,7 @@ static const struct ceph_auth_client_ops ceph_x_ops = {
        .build_request = ceph_x_build_request,
        .handle_reply = ceph_x_handle_reply,
        .create_authorizer = ceph_x_create_authorizer,
+       .update_authorizer = ceph_x_update_authorizer,
        .verify_authorizer_reply = ceph_x_verify_authorizer_reply,
        .destroy_authorizer = ceph_x_destroy_authorizer,
        .invalidate_authorizer = ceph_x_invalidate_authorizer,

diff --git a/net/ceph/auth_x.h b/net/ceph/auth_x.h
index f459e93b774feeafc967d0332fa132e3dd58dc92..c5a058da7ac8e7ae6a51f695b2a9d1b9362cdab3 100644 (file)
--- a/net/ceph/auth_x.h
+++ b/net/ceph/auth_x.h
@@ -29,6 +29,7 @@ struct ceph_x_authorizer {
        struct ceph_buffer *buf;
        unsigned int service;
        u64 nonce;
+       u64 secret_id;
        char reply_buf[128];  /* big enough for encrypted blob */
 };
 

diff --git a/net/ceph/osd_client.c b/net/ceph/osd_client.c
index cb14db8496bd31908d1e1ab7be3d7319df0a4478..5ef24e3e16273dec61d96d70c2e4bf014e80e605 100644 (file)
--- a/net/ceph/osd_client.c
+++ b/net/ceph/osd_client.c
@@ -2220,6 +2220,11 @@ static struct ceph_auth_handshake *get_authorizer(struct ceph_connection *con,
                                                        auth);
                if (ret)
                        return ERR_PTR(ret);
+       } else if (ac->ops && ac->ops->update_authorizer) {
+               int ret = ac->ops->update_authorizer(ac, CEPH_ENTITY_TYPE_OSD,
+                                                    auth);
+               if (ret)
+                       return ERR_PTR(ret);
        }
        *proto = ac->protocol;