Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-11414

'read on open' breaks GSS integrity check

Details

    • Bug
    • Resolution: Fixed
    • Critical
    • Lustre 2.12.0
    • Lustre 2.12.0
    • 3
    • 9223372036854775807

    Description

      Feature 'read on open for DoM files' breaks GSS integrity check.

      Indeed, when ski or krb5i flavors are selected, GSS integrity mechanism signs requests on client side before they are sent, and then checks signature on server side upon receiving.
      So it is not possible to alter the request content once signature is calculated.

      However, with the patch implementing 'read on open for DoM files' (https://review.whamcloud.com/23011), the value of request->rq_reqmsg->lm_repsize is changed after the request has been wrapped. And this field is included in request->rq_reqbuf on which the signature is calculated.
      So the signature calculated on the received request on server side does not match the signature calculated on client side.

      Consequence is that it is not possible to use Kerberos or Shared Key with integrity protection flavors (and possible full encryption flavors as well).

      Attachments

        Activity

          [LU-11414] 'read on open' breaks GSS integrity check
          pjones Peter Jones added a comment -

          Landed for 2.12

          pjones Peter Jones added a comment - Landed for 2.12
          gerrit Gerrit Updater added a comment -

          Oleg Drokin (green@whamcloud.com) merged in patch https://review.whamcloud.com/33223/
          Subject: LU-11414 ptlrpc: don't change buffer when signature is ready
          Project: fs/lustre-release
          Branch: master
          Current Patch Set:
          Commit: cf503e047c7fe58c3f75c912b3ce8da93f79bf0e

          gerrit Gerrit Updater added a comment - Oleg Drokin (green@whamcloud.com) merged in patch https://review.whamcloud.com/33223/ Subject: LU-11414 ptlrpc: don't change buffer when signature is ready Project: fs/lustre-release Branch: master Current Patch Set: Commit: cf503e047c7fe58c3f75c912b3ce8da93f79bf0e
          sebastien Sebastien Buisson added a comment -

          Mike, just tested patch at https://review.whamcloud.com/33223 , it fixes GSS regression, thanks.

          sebastien Sebastien Buisson added a comment - Mike, just tested patch at https://review.whamcloud.com/33223 , it fixes GSS regression, thanks.
          tappro Mikhail Pershin added a comment -

          Sebastien, I think this patch should restore GSS functionality. I would appreciate help with testing it, thanks.

          tappro Mikhail Pershin added a comment - Sebastien, I think this patch should restore GSS functionality. I would appreciate help with testing it, thanks.
          gerrit Gerrit Updater added a comment -

          Mike Pershin (mpershin@whamcloud.com) uploaded a new patch: https://review.whamcloud.com/33223
          Subject: LU-11414 ptlrpc: don't change buffer when signature is ready
          Project: fs/lustre-release
          Branch: master
          Current Patch Set: 1
          Commit: 7b6683cc5608d7698bf2869601fb13e66b80ca4a

          gerrit Gerrit Updater added a comment - Mike Pershin (mpershin@whamcloud.com) uploaded a new patch: https://review.whamcloud.com/33223 Subject: LU-11414 ptlrpc: don't change buffer when signature is ready Project: fs/lustre-release Branch: master Current Patch Set: 1 Commit: 7b6683cc5608d7698bf2869601fb13e66b80ca4a
          sebastien Sebastien Buisson added a comment -

          Hi Mike,

          You can try to run sanity-gss test_1 with SHARED_KEYS=true. Even the fact that preparation before test_1 succeeds would be a good sign.
          But it may fail for an unrelated reason. I can test a patch for you if you want.

          Thanks,
          Sebastien.

          sebastien Sebastien Buisson added a comment - Hi Mike, You can try to run sanity-gss test_1 with SHARED_KEYS=true. Even the fact that preparation before test_1 succeeds would be a good sign. But it may fail for an unrelated reason. I can test a patch for you if you want. Thanks, Sebastien.
          tappro Mikhail Pershin added a comment -

          Sebastien, what is the simple way to check that problem?

          tappro Mikhail Pershin added a comment - Sebastien, what is the simple way to check that problem?
          jgmitter Joseph Gmitter (Inactive) added a comment -

          Hi Mike,

          Can you please take a look at this?

          Thanks.

          Joe

          jgmitter Joseph Gmitter (Inactive) added a comment - Hi Mike, Can you please take a look at this? Thanks. Joe

          People

            tappro Mikhail Pershin
            sebastien Sebastien Buisson
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: