Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp4371600pxj; Tue, 8 Jun 2021 12:40:03 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzEWEHNhquD3gJPWgumtuQ7gqqA85Im8PlluyXyhm2+WmQcixCDvjgED0LwHOwWPjmO01Kk X-Received: by 2002:a17:907:92e:: with SMTP id au14mr24678868ejc.194.1623181202885; Tue, 08 Jun 2021 12:40:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623181202; cv=none; d=google.com; s=arc-20160816; b=DE2HghBQAxYzAnlPKNEquMcUoKptVlpe4ZN5fT1NWihn3GNLiA8rzS1iwgNQTU+hkv LeI4C51yxyS7IFTltZeqE8THx2EeX/pmZn9q6yjmQyxDt90WISmCvzxD6OrPJSnfFt4L XrUtY0e3ObmSYFvc42HsVSmKl2+O8YZqfTb/A+VBIwA8acvTFQSq5GnZfDGyl4wIldCJ Wh8TOkVLNzSXWOMNkZ+0B8ScBD/8wCVci5FOkHXQwOzgGb5JUNyOzdXNsVfQJabnib92 ctQAcf7FMg9N9Dupxpi3CJ1jKBm7py7zeAkbGXDqQKosk3Wk81XUB2uGDVMuSvgU/I/x NjHw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=Wm0MUBjd3h6JTTCODNQHbrOg3hYjc0ZDB/EBZzZkP1o=; b=BChayWXNadbO0ksJJ+1Bjic1znAxWMA1A2MTgj2mG9/0PBtnwN+Jy6hpz3xuIMO+PN uWpN7ccXZBtpIWZUtTS0UkXC7Yf0FaYt8AX3UycXYlkuKVAPQP00rE8GB0NvdkXKvXRO q/fdwtexZuvjPa0GlhSmyE2mEQAQzeI3Ti7E3Vuw1uyPXE2Khi8nqXNIUxrvAZQ3+WUx d6wEV4FHDOThapJns9k9/4cTVJwpv3IXzQATfu19AnfPyRcy+itmP1QWUseRV9So/rAW SHdAYDbz6ahrldSiHMGRankTfi55y3KTtWV0DqhFgTQwc9bMoKzH7ntTxy2Vrookqux2 91ug== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=cF7CEzvw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id 19si440137ejx.529.2021.06.08.12.39.39; Tue, 08 Jun 2021 12:40:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=cF7CEzvw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S239349AbhFHTfy (ORCPT + 99 others); Tue, 8 Jun 2021 15:35:54 -0400 Received: from mail.kernel.org ([198.145.29.99]:44302 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236250AbhFHT0Q (ORCPT ); Tue, 8 Jun 2021 15:26:16 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id BB5AE61182; Tue, 8 Jun 2021 19:24:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1623180262; bh=kLhaSghSgBwEu/dvnPHLV1+DrLdfAjIKHtB0UzKfxcA=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=cF7CEzvwv5dy8C72+Mtnvrc5fm4zVoihnZSpfmFv7p3fhPsKvPiv/N/NEyDtgPZ7F VFtosUje3C8+fu4SXUESCIWz9cBVIW1U5uUX17aSeFNCtG2m2LJDGqwe+MCM/Fqc3P f7iY96wvKMvW2+LH1KeFC03ZIl+7ntF3DBh5mL4NPg3sZoa1SOmPH93/uighkjz2Y1 L0x5YHEJAJds/cAN94VT9j7ORaS5Jvu5t5k+01cLhHvnC2sufAlHhtZloU/s7uTzgk V25GWbdRFinVAUxJeHKGZvPnpFEyL7q/AhBxpYXfTEgSIEixcRPG478qVUeRlRzEp3 5hmdqxvCsvLBw== Date: Tue, 8 Jun 2021 15:24:21 -0400 From: Sasha Levin To: Ilya Dryomov Cc: Greg Kroah-Hartman , LKML , stable@vger.kernel.org, Sage Weil Subject: Re: [PATCH 5.12 083/161] libceph: dont set global_id until we get an auth ticket Message-ID: References: <20210608175945.476074951@linuxfoundation.org> <20210608175948.243493420@linuxfoundation.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jun 08, 2021 at 09:07:18PM +0200, Ilya Dryomov wrote: >On Tue, Jun 8, 2021 at 8:48 PM Greg Kroah-Hartman > wrote: >> >> From: Ilya Dryomov >> >> [ Upstream commit 61ca49a9105faefa003b37542cebad8722f8ae22 ] >> >> With the introduction of enforcing mode, setting global_id as soon >> as we get it in the first MAuth reply will result in EACCES if the >> connection is reset before we get the second MAuth reply containing >> an auth ticket -- because on retry we would attempt to reclaim that >> global_id with no auth ticket at hand. >> >> Neither ceph_auth_client nor ceph_mon_client depend on global_id >> being set ealy, so just delay the setting until we get and process >> the second MAuth reply. While at it, complain if the monitor sends >> a zero global_id or changes our global_id as the session is likely >> to fail after that. >> >> Cc: stable@vger.kernel.org # needs backporting for < 5.11 >> Signed-off-by: Ilya Dryomov >> Reviewed-by: Sage Weil >> Signed-off-by: Sasha Levin >> --- >> net/ceph/auth.c | 36 +++++++++++++++++++++++------------- >> 1 file changed, 23 insertions(+), 13 deletions(-) >> >> diff --git a/net/ceph/auth.c b/net/ceph/auth.c >> index eb261aa5fe18..de407e8feb97 100644 >> --- a/net/ceph/auth.c >> +++ b/net/ceph/auth.c >> @@ -36,6 +36,20 @@ static int init_protocol(struct ceph_auth_client *ac, int proto) >> } >> } >> >> +static void set_global_id(struct ceph_auth_client *ac, u64 global_id) >> +{ >> + dout("%s global_id %llu\n", __func__, global_id); >> + >> + if (!global_id) >> + pr_err("got zero global_id\n"); >> + >> + if (ac->global_id && global_id != ac->global_id) >> + pr_err("global_id changed from %llu to %llu\n", ac->global_id, >> + global_id); >> + >> + ac->global_id = global_id; >> +} >> + >> /* >> * setup, teardown. >> */ >> @@ -222,11 +236,6 @@ int ceph_handle_auth_reply(struct ceph_auth_client *ac, >> >> payload_end = payload + payload_len; >> >> - if (global_id && ac->global_id != global_id) { >> - dout(" set global_id %lld -> %lld\n", ac->global_id, global_id); >> - ac->global_id = global_id; >> - } >> - >> if (ac->negotiating) { >> /* server does not support our protocols? */ >> if (!protocol && result < 0) { >> @@ -253,11 +262,16 @@ int ceph_handle_auth_reply(struct ceph_auth_client *ac, >> >> ret = ac->ops->handle_reply(ac, result, payload, payload_end, >> NULL, NULL, NULL, NULL); >> - if (ret == -EAGAIN) >> + if (ret == -EAGAIN) { >> ret = build_request(ac, true, reply_buf, reply_len); >> - else if (ret) >> + goto out; >> + } else if (ret) { >> pr_err("auth protocol '%s' mauth authentication failed: %d\n", >> ceph_auth_proto_name(ac->protocol), result); >> + goto out; >> + } >> + >> + set_global_id(ac, global_id); >> >> out: >> mutex_unlock(&ac->mutex); >> @@ -484,15 +498,11 @@ int ceph_auth_handle_reply_done(struct ceph_auth_client *ac, >> int ret; >> >> mutex_lock(&ac->mutex); >> - if (global_id && ac->global_id != global_id) { >> - dout("%s global_id %llu -> %llu\n", __func__, ac->global_id, >> - global_id); >> - ac->global_id = global_id; >> - } >> - >> ret = ac->ops->handle_reply(ac, 0, reply, reply + reply_len, >> session_key, session_key_len, >> con_secret, con_secret_len); >> + if (!ret) >> + set_global_id(ac, global_id); >> mutex_unlock(&ac->mutex); >> return ret; >> } > >Hi Greg, > >I asked Sasha to drop this patch earlier today. I've dropped it now, but I think I'm missing your previous request. Was it as a reply to the added-to mail? I just want to make sure I'm not missing your mails. -- Thanks, Sasha