Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.19 / 00fd6e14255fe7a249315746386d640bc4e9e758 / . / net / sunrpc / auth_gss / auth_gss.c
blob: f44f46f1d8e053c0d330b442c2f3788cf4073dd4 [file] [log] [blame]
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1/*
2 * linux/net/sunrpc/auth_gss.c
3 *
4 * RPCSEC_GSS client authentication.
5 *
6 * Copyright (c) 2000 The Regents of the University of Michigan.
7 * All rights reserved.
8 *
9 * Dug Song <dugsong@monkey.org>
10 * Andy Adamson <andros@umich.edu>
11 *
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
14 * are met:
15 *
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
21 * 3. Neither the name of the University nor the names of its
22 * contributors may be used to endorse or promote products derived
23 * from this software without specific prior written permission.
24 *
25 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
26 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
27 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
28 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
32 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36 *
37 * $Id$
38 */
39
40
41#include <linux/module.h>
42#include <linux/init.h>
43#include <linux/types.h>
44#include <linux/slab.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]45#include <linux/sched.h>
J. Bruce Fields2d2da60c2005-10-13 16:54:58 -0400[diff] [blame]46#include <linux/pagemap.h>
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]47#include <linux/sunrpc/clnt.h>
48#include <linux/sunrpc/auth.h>
49#include <linux/sunrpc/auth_gss.h>
50#include <linux/sunrpc/svcauth_gss.h>
51#include <linux/sunrpc/gss_err.h>
52#include <linux/workqueue.h>
53#include <linux/sunrpc/rpc_pipe_fs.h>
54#include <linux/sunrpc/gss_api.h>
55#include <asm/uaccess.h>
56
57static struct rpc_authops authgss_ops;
58
59static struct rpc_credops gss_credops;
60
61#ifdef RPC_DEBUG
62# define RPCDBG_FACILITY RPCDBG_AUTH
63#endif
64
65#define NFS_NGROUPS 16
66
67#define GSS_CRED_EXPIRE (60 * HZ) /* XXX: reasonable? */
68#define GSS_CRED_SLACK 1024 /* XXX: unused */
69/* length of a krb5 verifier (48), plus data added before arguments when
70 * using integrity (two 4-byte integers): */
71#define GSS_VERF_SLACK 56
72
73/* XXX this define must match the gssd define
74* as it is passed to gssd to signal the use of
75* machine creds should be part of the shared rpc interface */
76
77#define CA_RUN_AS_MACHINE 0x00000200
78
79/* dump the buffer in `emacs-hexl' style */
80#define isprint(c) ((c > 0x1f) && (c < 0x7f))
81
82static DEFINE_RWLOCK(gss_ctx_lock);
83
84struct gss_auth {
85 struct rpc_auth rpc_auth;
86 struct gss_api_mech *mech;
87 enum rpc_gss_svc service;
88 struct list_head upcalls;
89 struct rpc_clnt *client;
90 struct dentry *dentry;
Trond Myklebustf1345852005-09-23 11:08:25 -0400[diff] [blame]91 char path[48];
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]92 spinlock_t lock;
93};
94
95static void gss_destroy_ctx(struct gss_cl_ctx *);
96static struct rpc_pipe_ops gss_upcall_ops;
97
98void
99print_hexl(u32 *p, u_int length, u_int offset)
100{
101 u_int i, j, jm;
102 u8 c, *cp;
103
104 dprintk("RPC: print_hexl: length %d\n",length);
105 dprintk("\n");
106 cp = (u8 *) p;
107
108 for (i = 0; i < length; i += 0x10) {
109 dprintk(" %04x: ", (u_int)(i + offset));
110 jm = length - i;
111 jm = jm > 16 ? 16 : jm;
112
113 for (j = 0; j < jm; j++) {
114 if ((j % 2) == 1)
115 dprintk("%02x ", (u_int)cp[i+j]);
116 else
117 dprintk("%02x", (u_int)cp[i+j]);
118 }
119 for (; j < 16; j++) {
120 if ((j % 2) == 1)
121 dprintk(" ");
122 else
123 dprintk(" ");
124 }
125 dprintk(" ");
126
127 for (j = 0; j < jm; j++) {
128 c = cp[i+j];
129 c = isprint(c) ? c : '.';
130 dprintk("%c", c);
131 }
132 dprintk("\n");
133 }
134}
135
136EXPORT_SYMBOL(print_hexl);
137
138static inline struct gss_cl_ctx *
139gss_get_ctx(struct gss_cl_ctx *ctx)
140{
141 atomic_inc(&ctx->count);
142 return ctx;
143}
144
145static inline void
146gss_put_ctx(struct gss_cl_ctx *ctx)
147{
148 if (atomic_dec_and_test(&ctx->count))
149 gss_destroy_ctx(ctx);
150}
151
152static void
153gss_cred_set_ctx(struct rpc_cred *cred, struct gss_cl_ctx *ctx)
154{
155 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
156 struct gss_cl_ctx *old;
157 write_lock(&gss_ctx_lock);
158 old = gss_cred->gc_ctx;
159 gss_cred->gc_ctx = ctx;
160 cred->cr_flags |= RPCAUTH_CRED_UPTODATE;
161 write_unlock(&gss_ctx_lock);
162 if (old)
163 gss_put_ctx(old);
164}
165
166static int
167gss_cred_is_uptodate_ctx(struct rpc_cred *cred)
168{
169 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
170 int res = 0;
171
172 read_lock(&gss_ctx_lock);
173 if ((cred->cr_flags & RPCAUTH_CRED_UPTODATE) && gss_cred->gc_ctx)
174 res = 1;
175 read_unlock(&gss_ctx_lock);
176 return res;
177}
178
179static const void *
180simple_get_bytes(const void *p, const void *end, void *res, size_t len)
181{
182 const void *q = (const void *)((const char *)p + len);
183 if (unlikely(q > end || q < p))
184 return ERR_PTR(-EFAULT);
185 memcpy(res, p, len);
186 return q;
187}
188
189static inline const void *
190simple_get_netobj(const void *p, const void *end, struct xdr_netobj *dest)
191{
192 const void *q;
193 unsigned int len;
194
195 p = simple_get_bytes(p, end, &len, sizeof(len));
196 if (IS_ERR(p))
197 return p;
198 q = (const void *)((const char *)p + len);
199 if (unlikely(q > end || q < p))
200 return ERR_PTR(-EFAULT);
201 dest->data = kmalloc(len, GFP_KERNEL);
202 if (unlikely(dest->data == NULL))
203 return ERR_PTR(-ENOMEM);
204 dest->len = len;
205 memcpy(dest->data, p, len);
206 return q;
207}
208
209static struct gss_cl_ctx *
210gss_cred_get_ctx(struct rpc_cred *cred)
211{
212 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
213 struct gss_cl_ctx *ctx = NULL;
214
215 read_lock(&gss_ctx_lock);
216 if (gss_cred->gc_ctx)
217 ctx = gss_get_ctx(gss_cred->gc_ctx);
218 read_unlock(&gss_ctx_lock);
219 return ctx;
220}
221
222static struct gss_cl_ctx *
223gss_alloc_context(void)
224{
225 struct gss_cl_ctx *ctx;
226
227 ctx = kmalloc(sizeof(*ctx), GFP_KERNEL);
228 if (ctx != NULL) {
229 memset(ctx, 0, sizeof(*ctx));
230 ctx->gc_proc = RPC_GSS_PROC_DATA;
231 ctx->gc_seq = 1; /* NetApp 6.4R1 doesn't accept seq. no. 0 */
232 spin_lock_init(&ctx->gc_seq_lock);
233 atomic_set(&ctx->count,1);
234 }
235 return ctx;
236}
237
238#define GSSD_MIN_TIMEOUT (60 * 60)
239static const void *
240gss_fill_context(const void *p, const void *end, struct gss_cl_ctx *ctx, struct gss_api_mech *gm)
241{
242 const void *q;
243 unsigned int seclen;
244 unsigned int timeout;
245 u32 window_size;
246 int ret;
247
248 /* First unsigned int gives the lifetime (in seconds) of the cred */
249 p = simple_get_bytes(p, end, &timeout, sizeof(timeout));
250 if (IS_ERR(p))
251 goto err;
252 if (timeout == 0)
253 timeout = GSSD_MIN_TIMEOUT;
254 ctx->gc_expiry = jiffies + (unsigned long)timeout * HZ * 3 / 4;
255 /* Sequence number window. Determines the maximum number of simultaneous requests */
256 p = simple_get_bytes(p, end, &window_size, sizeof(window_size));
257 if (IS_ERR(p))
258 goto err;
259 ctx->gc_win = window_size;
260 /* gssd signals an error by passing ctx->gc_win = 0: */
261 if (ctx->gc_win == 0) {
262 /* in which case, p points to an error code which we ignore */
263 p = ERR_PTR(-EACCES);
264 goto err;
265 }
266 /* copy the opaque wire context */
267 p = simple_get_netobj(p, end, &ctx->gc_wire_ctx);
268 if (IS_ERR(p))
269 goto err;
270 /* import the opaque security context */
271 p = simple_get_bytes(p, end, &seclen, sizeof(seclen));
272 if (IS_ERR(p))
273 goto err;
274 q = (const void *)((const char *)p + seclen);
275 if (unlikely(q > end || q < p)) {
276 p = ERR_PTR(-EFAULT);
277 goto err;
278 }
279 ret = gss_import_sec_context(p, seclen, gm, &ctx->gc_gss_ctx);
280 if (ret < 0) {
281 p = ERR_PTR(ret);
282 goto err;
283 }
284 return q;
285err:
286 dprintk("RPC: gss_fill_context returning %ld\n", -PTR_ERR(p));
287 return p;
288}
289
290
291struct gss_upcall_msg {
292 atomic_t count;
293 uid_t uid;
294 struct rpc_pipe_msg msg;
295 struct list_head list;
296 struct gss_auth *auth;
297 struct rpc_wait_queue rpc_waitqueue;
298 wait_queue_head_t waitqueue;
299 struct gss_cl_ctx *ctx;
300};
301
302static void
303gss_release_msg(struct gss_upcall_msg *gss_msg)
304{
305 if (!atomic_dec_and_test(&gss_msg->count))
306 return;
307 BUG_ON(!list_empty(&gss_msg->list));
308 if (gss_msg->ctx != NULL)
309 gss_put_ctx(gss_msg->ctx);
310 kfree(gss_msg);
311}
312
313static struct gss_upcall_msg *
314__gss_find_upcall(struct gss_auth *gss_auth, uid_t uid)
315{
316 struct gss_upcall_msg *pos;
317 list_for_each_entry(pos, &gss_auth->upcalls, list) {
318 if (pos->uid != uid)
319 continue;
320 atomic_inc(&pos->count);
321 dprintk("RPC: gss_find_upcall found msg %p\n", pos);
322 return pos;
323 }
324 dprintk("RPC: gss_find_upcall found nothing\n");
325 return NULL;
326}
327
328/* Try to add a upcall to the pipefs queue.
329 * If an upcall owned by our uid already exists, then we return a reference
330 * to that upcall instead of adding the new upcall.
331 */
332static inline struct gss_upcall_msg *
333gss_add_msg(struct gss_auth *gss_auth, struct gss_upcall_msg *gss_msg)
334{
335 struct gss_upcall_msg *old;
336
337 spin_lock(&gss_auth->lock);
338 old = __gss_find_upcall(gss_auth, gss_msg->uid);
339 if (old == NULL) {
340 atomic_inc(&gss_msg->count);
341 list_add(&gss_msg->list, &gss_auth->upcalls);
342 } else
343 gss_msg = old;
344 spin_unlock(&gss_auth->lock);
345 return gss_msg;
346}
347
348static void
349__gss_unhash_msg(struct gss_upcall_msg *gss_msg)
350{
351 if (list_empty(&gss_msg->list))
352 return;
353 list_del_init(&gss_msg->list);
354 rpc_wake_up_status(&gss_msg->rpc_waitqueue, gss_msg->msg.errno);
355 wake_up_all(&gss_msg->waitqueue);
356 atomic_dec(&gss_msg->count);
357}
358
359static void
360gss_unhash_msg(struct gss_upcall_msg *gss_msg)
361{
362 struct gss_auth *gss_auth = gss_msg->auth;
363
364 spin_lock(&gss_auth->lock);
365 __gss_unhash_msg(gss_msg);
366 spin_unlock(&gss_auth->lock);
367}
368
369static void
370gss_upcall_callback(struct rpc_task *task)
371{
372 struct gss_cred *gss_cred = container_of(task->tk_msg.rpc_cred,
373 struct gss_cred, gc_base);
374 struct gss_upcall_msg *gss_msg = gss_cred->gc_upcall;
375
376 BUG_ON(gss_msg == NULL);
377 if (gss_msg->ctx)
378 gss_cred_set_ctx(task->tk_msg.rpc_cred, gss_get_ctx(gss_msg->ctx));
379 else
380 task->tk_status = gss_msg->msg.errno;
381 spin_lock(&gss_msg->auth->lock);
382 gss_cred->gc_upcall = NULL;
383 rpc_wake_up_status(&gss_msg->rpc_waitqueue, gss_msg->msg.errno);
384 spin_unlock(&gss_msg->auth->lock);
385 gss_release_msg(gss_msg);
386}
387
388static inline struct gss_upcall_msg *
389gss_alloc_msg(struct gss_auth *gss_auth, uid_t uid)
390{
391 struct gss_upcall_msg *gss_msg;
392
393 gss_msg = kmalloc(sizeof(*gss_msg), GFP_KERNEL);
394 if (gss_msg != NULL) {
395 memset(gss_msg, 0, sizeof(*gss_msg));
396 INIT_LIST_HEAD(&gss_msg->list);
397 rpc_init_wait_queue(&gss_msg->rpc_waitqueue, "RPCSEC_GSS upcall waitq");
398 init_waitqueue_head(&gss_msg->waitqueue);
399 atomic_set(&gss_msg->count, 1);
400 gss_msg->msg.data = &gss_msg->uid;
401 gss_msg->msg.len = sizeof(gss_msg->uid);
402 gss_msg->uid = uid;
403 gss_msg->auth = gss_auth;
404 }
405 return gss_msg;
406}
407
408static struct gss_upcall_msg *
409gss_setup_upcall(struct rpc_clnt *clnt, struct gss_auth *gss_auth, struct rpc_cred *cred)
410{
411 struct gss_upcall_msg *gss_new, *gss_msg;
412
413 gss_new = gss_alloc_msg(gss_auth, cred->cr_uid);
414 if (gss_new == NULL)
415 return ERR_PTR(-ENOMEM);
416 gss_msg = gss_add_msg(gss_auth, gss_new);
417 if (gss_msg == gss_new) {
418 int res = rpc_queue_upcall(gss_auth->dentry->d_inode, &gss_new->msg);
419 if (res) {
420 gss_unhash_msg(gss_new);
421 gss_msg = ERR_PTR(res);
422 }
423 } else
424 gss_release_msg(gss_new);
425 return gss_msg;
426}
427
428static inline int
429gss_refresh_upcall(struct rpc_task *task)
430{
431 struct rpc_cred *cred = task->tk_msg.rpc_cred;
432 struct gss_auth *gss_auth = container_of(task->tk_client->cl_auth,
433 struct gss_auth, rpc_auth);
434 struct gss_cred *gss_cred = container_of(cred,
435 struct gss_cred, gc_base);
436 struct gss_upcall_msg *gss_msg;
437 int err = 0;
438
439 dprintk("RPC: %4u gss_refresh_upcall for uid %u\n", task->tk_pid, cred->cr_uid);
440 gss_msg = gss_setup_upcall(task->tk_client, gss_auth, cred);
441 if (IS_ERR(gss_msg)) {
442 err = PTR_ERR(gss_msg);
443 goto out;
444 }
445 spin_lock(&gss_auth->lock);
446 if (gss_cred->gc_upcall != NULL)
447 rpc_sleep_on(&gss_cred->gc_upcall->rpc_waitqueue, task, NULL, NULL);
448 else if (gss_msg->ctx == NULL && gss_msg->msg.errno >= 0) {
449 task->tk_timeout = 0;
450 gss_cred->gc_upcall = gss_msg;
451 /* gss_upcall_callback will release the reference to gss_upcall_msg */
452 atomic_inc(&gss_msg->count);
453 rpc_sleep_on(&gss_msg->rpc_waitqueue, task, gss_upcall_callback, NULL);
454 } else
455 err = gss_msg->msg.errno;
456 spin_unlock(&gss_auth->lock);
457 gss_release_msg(gss_msg);
458out:
459 dprintk("RPC: %4u gss_refresh_upcall for uid %u result %d\n", task->tk_pid,
460 cred->cr_uid, err);
461 return err;
462}
463
464static inline int
465gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred)
466{
467 struct rpc_cred *cred = &gss_cred->gc_base;
468 struct gss_upcall_msg *gss_msg;
469 DEFINE_WAIT(wait);
470 int err = 0;
471
472 dprintk("RPC: gss_upcall for uid %u\n", cred->cr_uid);
473 gss_msg = gss_setup_upcall(gss_auth->client, gss_auth, cred);
474 if (IS_ERR(gss_msg)) {
475 err = PTR_ERR(gss_msg);
476 goto out;
477 }
478 for (;;) {
479 prepare_to_wait(&gss_msg->waitqueue, &wait, TASK_INTERRUPTIBLE);
480 spin_lock(&gss_auth->lock);
481 if (gss_msg->ctx != NULL || gss_msg->msg.errno < 0) {
482 spin_unlock(&gss_auth->lock);
483 break;
484 }
485 spin_unlock(&gss_auth->lock);
486 if (signalled()) {
487 err = -ERESTARTSYS;
488 goto out_intr;
489 }
490 schedule();
491 }
492 if (gss_msg->ctx)
493 gss_cred_set_ctx(cred, gss_get_ctx(gss_msg->ctx));
494 else
495 err = gss_msg->msg.errno;
496out_intr:
497 finish_wait(&gss_msg->waitqueue, &wait);
498 gss_release_msg(gss_msg);
499out:
500 dprintk("RPC: gss_create_upcall for uid %u result %d\n", cred->cr_uid, err);
501 return err;
502}
503
504static ssize_t
505gss_pipe_upcall(struct file *filp, struct rpc_pipe_msg *msg,
506 char __user *dst, size_t buflen)
507{
508 char *data = (char *)msg->data + msg->copied;
509 ssize_t mlen = msg->len;
510 ssize_t left;
511
512 if (mlen > buflen)
513 mlen = buflen;
514 left = copy_to_user(dst, data, mlen);
515 if (left < 0) {
516 msg->errno = left;
517 return left;
518 }
519 mlen -= left;
520 msg->copied += mlen;
521 msg->errno = 0;
522 return mlen;
523}
524
525#define MSG_BUF_MAXSIZE 1024
526
527static ssize_t
528gss_pipe_downcall(struct file *filp, const char __user *src, size_t mlen)
529{
530 const void *p, *end;
531 void *buf;
532 struct rpc_clnt *clnt;
533 struct gss_auth *gss_auth;
534 struct rpc_cred *cred;
535 struct gss_upcall_msg *gss_msg;
536 struct gss_cl_ctx *ctx;
537 uid_t uid;
538 int err = -EFBIG;
539
540 if (mlen > MSG_BUF_MAXSIZE)
541 goto out;
542 err = -ENOMEM;
543 buf = kmalloc(mlen, GFP_KERNEL);
544 if (!buf)
545 goto out;
546
547 clnt = RPC_I(filp->f_dentry->d_inode)->private;
548 err = -EFAULT;
549 if (copy_from_user(buf, src, mlen))
550 goto err;
551
552 end = (const void *)((char *)buf + mlen);
553 p = simple_get_bytes(buf, end, &uid, sizeof(uid));
554 if (IS_ERR(p)) {
555 err = PTR_ERR(p);
556 goto err;
557 }
558
559 err = -ENOMEM;
560 ctx = gss_alloc_context();
561 if (ctx == NULL)
562 goto err;
563 err = 0;
564 gss_auth = container_of(clnt->cl_auth, struct gss_auth, rpc_auth);
565 p = gss_fill_context(p, end, ctx, gss_auth->mech);
566 if (IS_ERR(p)) {
567 err = PTR_ERR(p);
568 if (err != -EACCES)
569 goto err_put_ctx;
570 }
571 spin_lock(&gss_auth->lock);
572 gss_msg = __gss_find_upcall(gss_auth, uid);
573 if (gss_msg) {
574 if (err == 0 && gss_msg->ctx == NULL)
575 gss_msg->ctx = gss_get_ctx(ctx);
576 gss_msg->msg.errno = err;
577 __gss_unhash_msg(gss_msg);
578 spin_unlock(&gss_auth->lock);
579 gss_release_msg(gss_msg);
580 } else {
581 struct auth_cred acred = { .uid = uid };
582 spin_unlock(&gss_auth->lock);
583 cred = rpcauth_lookup_credcache(clnt->cl_auth, &acred, 0);
584 if (IS_ERR(cred)) {
585 err = PTR_ERR(cred);
586 goto err_put_ctx;
587 }
588 gss_cred_set_ctx(cred, gss_get_ctx(ctx));
589 }
590 gss_put_ctx(ctx);
591 kfree(buf);
592 dprintk("RPC: gss_pipe_downcall returning length %Zu\n", mlen);
593 return mlen;
594err_put_ctx:
595 gss_put_ctx(ctx);
596err:
597 kfree(buf);
598out:
599 dprintk("RPC: gss_pipe_downcall returning %d\n", err);
600 return err;
601}
602
603static void
604gss_pipe_release(struct inode *inode)
605{
606 struct rpc_inode *rpci = RPC_I(inode);
607 struct rpc_clnt *clnt;
608 struct rpc_auth *auth;
609 struct gss_auth *gss_auth;
610
611 clnt = rpci->private;
612 auth = clnt->cl_auth;
613 gss_auth = container_of(auth, struct gss_auth, rpc_auth);
614 spin_lock(&gss_auth->lock);
615 while (!list_empty(&gss_auth->upcalls)) {
616 struct gss_upcall_msg *gss_msg;
617
618 gss_msg = list_entry(gss_auth->upcalls.next,
619 struct gss_upcall_msg, list);
620 gss_msg->msg.errno = -EPIPE;
621 atomic_inc(&gss_msg->count);
622 __gss_unhash_msg(gss_msg);
623 spin_unlock(&gss_auth->lock);
624 gss_release_msg(gss_msg);
625 spin_lock(&gss_auth->lock);
626 }
627 spin_unlock(&gss_auth->lock);
628}
629
630static void
631gss_pipe_destroy_msg(struct rpc_pipe_msg *msg)
632{
633 struct gss_upcall_msg *gss_msg = container_of(msg, struct gss_upcall_msg, msg);
634 static unsigned long ratelimit;
635
636 if (msg->errno < 0) {
637 dprintk("RPC: gss_pipe_destroy_msg releasing msg %p\n",
638 gss_msg);
639 atomic_inc(&gss_msg->count);
640 gss_unhash_msg(gss_msg);
641 if (msg->errno == -ETIMEDOUT || msg->errno == -EPIPE) {
642 unsigned long now = jiffies;
643 if (time_after(now, ratelimit)) {
644 printk(KERN_WARNING "RPC: AUTH_GSS upcall timed out.\n"
645 "Please check user daemon is running!\n");
646 ratelimit = now + 15*HZ;
647 }
648 }
649 gss_release_msg(gss_msg);
650 }
651}
652
653/*
654 * NOTE: we have the opportunity to use different
655 * parameters based on the input flavor (which must be a pseudoflavor)
656 */
657static struct rpc_auth *
658gss_create(struct rpc_clnt *clnt, rpc_authflavor_t flavor)
659{
660 struct gss_auth *gss_auth;
661 struct rpc_auth * auth;
J. Bruce Fields6a192752005-06-22 17:16:23 +0000[diff] [blame]662 int err = -ENOMEM; /* XXX? */
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]663
664 dprintk("RPC: creating GSS authenticator for client %p\n",clnt);
665
666 if (!try_module_get(THIS_MODULE))
J. Bruce Fields6a192752005-06-22 17:16:23 +0000[diff] [blame]667 return ERR_PTR(err);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]668 if (!(gss_auth = kmalloc(sizeof(*gss_auth), GFP_KERNEL)))
669 goto out_dec;
670 gss_auth->client = clnt;
J. Bruce Fields6a192752005-06-22 17:16:23 +0000[diff] [blame]671 err = -EINVAL;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]672 gss_auth->mech = gss_mech_get_by_pseudoflavor(flavor);
673 if (!gss_auth->mech) {
674 printk(KERN_WARNING "%s: Pseudoflavor %d not found!",
675 __FUNCTION__, flavor);
676 goto err_free;
677 }
678 gss_auth->service = gss_pseudoflavor_to_service(gss_auth->mech, flavor);
J. Bruce Fields438b6fd2005-06-22 17:16:23 +0000[diff] [blame]679 if (gss_auth->service == 0)
680 goto err_put_mech;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]681 INIT_LIST_HEAD(&gss_auth->upcalls);
682 spin_lock_init(&gss_auth->lock);
683 auth = &gss_auth->rpc_auth;
684 auth->au_cslack = GSS_CRED_SLACK >> 2;
685 auth->au_rslack = GSS_VERF_SLACK >> 2;
686 auth->au_ops = &authgss_ops;
687 auth->au_flavor = flavor;
688 atomic_set(&auth->au_count, 1);
689
J. Bruce Fields6a192752005-06-22 17:16:23 +0000[diff] [blame]690 err = rpcauth_init_credcache(auth, GSS_CRED_EXPIRE);
691 if (err)
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]692 goto err_put_mech;
693
Trond Myklebustf1345852005-09-23 11:08:25 -0400[diff] [blame]694 snprintf(gss_auth->path, sizeof(gss_auth->path), "%s/%s",
695 clnt->cl_pathname,
696 gss_auth->mech->gm_name);
697 gss_auth->dentry = rpc_mkpipe(gss_auth->path, clnt, &gss_upcall_ops, RPC_PIPE_WAIT_FOR_OPEN);
J. Bruce Fields6a192752005-06-22 17:16:23 +0000[diff] [blame]698 if (IS_ERR(gss_auth->dentry)) {
699 err = PTR_ERR(gss_auth->dentry);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]700 goto err_put_mech;
J. Bruce Fields6a192752005-06-22 17:16:23 +0000[diff] [blame]701 }
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]702
703 return auth;
704err_put_mech:
705 gss_mech_put(gss_auth->mech);
706err_free:
707 kfree(gss_auth);
708out_dec:
709 module_put(THIS_MODULE);
J. Bruce Fields6a192752005-06-22 17:16:23 +0000[diff] [blame]710 return ERR_PTR(err);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]711}
712
713static void
714gss_destroy(struct rpc_auth *auth)
715{
716 struct gss_auth *gss_auth;
717
718 dprintk("RPC: destroying GSS authenticator %p flavor %d\n",
719 auth, auth->au_flavor);
720
721 gss_auth = container_of(auth, struct gss_auth, rpc_auth);
Trond Myklebustf1345852005-09-23 11:08:25 -0400[diff] [blame]722 rpc_unlink(gss_auth->path);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]723 gss_mech_put(gss_auth->mech);
724
725 rpcauth_free_credcache(auth);
726 kfree(gss_auth);
727 module_put(THIS_MODULE);
728}
729
730/* gss_destroy_cred (and gss_destroy_ctx) are used to clean up after failure
731 * to create a new cred or context, so they check that things have been
732 * allocated before freeing them. */
733static void
734gss_destroy_ctx(struct gss_cl_ctx *ctx)
735{
736 dprintk("RPC: gss_destroy_ctx\n");
737
738 if (ctx->gc_gss_ctx)
739 gss_delete_sec_context(&ctx->gc_gss_ctx);
740
741 kfree(ctx->gc_wire_ctx.data);
742 kfree(ctx);
743}
744
745static void
746gss_destroy_cred(struct rpc_cred *rc)
747{
748 struct gss_cred *cred = container_of(rc, struct gss_cred, gc_base);
749
750 dprintk("RPC: gss_destroy_cred \n");
751
752 if (cred->gc_ctx)
753 gss_put_ctx(cred->gc_ctx);
754 kfree(cred);
755}
756
757/*
758 * Lookup RPCSEC_GSS cred for the current process
759 */
760static struct rpc_cred *
761gss_lookup_cred(struct rpc_auth *auth, struct auth_cred *acred, int taskflags)
762{
763 return rpcauth_lookup_credcache(auth, acred, taskflags);
764}
765
766static struct rpc_cred *
767gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int taskflags)
768{
769 struct gss_auth *gss_auth = container_of(auth, struct gss_auth, rpc_auth);
770 struct gss_cred *cred = NULL;
771 int err = -ENOMEM;
772
773 dprintk("RPC: gss_create_cred for uid %d, flavor %d\n",
774 acred->uid, auth->au_flavor);
775
776 if (!(cred = kmalloc(sizeof(*cred), GFP_KERNEL)))
777 goto out_err;
778
779 memset(cred, 0, sizeof(*cred));
780 atomic_set(&cred->gc_count, 1);
781 cred->gc_uid = acred->uid;
782 /*
783 * Note: in order to force a call to call_refresh(), we deliberately
784 * fail to flag the credential as RPCAUTH_CRED_UPTODATE.
785 */
786 cred->gc_flags = 0;
787 cred->gc_base.cr_ops = &gss_credops;
788 cred->gc_service = gss_auth->service;
789 err = gss_create_upcall(gss_auth, cred);
790 if (err < 0)
791 goto out_err;
792
793 return &cred->gc_base;
794
795out_err:
796 dprintk("RPC: gss_create_cred failed with error %d\n", err);
797 if (cred) gss_destroy_cred(&cred->gc_base);
798 return ERR_PTR(err);
799}
800
801static int
802gss_match(struct auth_cred *acred, struct rpc_cred *rc, int taskflags)
803{
804 struct gss_cred *gss_cred = container_of(rc, struct gss_cred, gc_base);
805
806 /* Don't match with creds that have expired. */
807 if (gss_cred->gc_ctx && time_after(jiffies, gss_cred->gc_ctx->gc_expiry))
808 return 0;
809 return (rc->cr_uid == acred->uid);
810}
811
812/*
813* Marshal credentials.
814* Maybe we should keep a cached credential for performance reasons.
815*/
816static u32 *
817gss_marshal(struct rpc_task *task, u32 *p)
818{
819 struct rpc_cred *cred = task->tk_msg.rpc_cred;
820 struct gss_cred *gss_cred = container_of(cred, struct gss_cred,
821 gc_base);
822 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
823 u32 *cred_len;
824 struct rpc_rqst *req = task->tk_rqstp;
825 u32 maj_stat = 0;
826 struct xdr_netobj mic;
827 struct kvec iov;
828 struct xdr_buf verf_buf;
829
830 dprintk("RPC: %4u gss_marshal\n", task->tk_pid);
831
832 *p++ = htonl(RPC_AUTH_GSS);
833 cred_len = p++;
834
835 spin_lock(&ctx->gc_seq_lock);
836 req->rq_seqno = ctx->gc_seq++;
837 spin_unlock(&ctx->gc_seq_lock);
838
839 *p++ = htonl((u32) RPC_GSS_VERSION);
840 *p++ = htonl((u32) ctx->gc_proc);
841 *p++ = htonl((u32) req->rq_seqno);
842 *p++ = htonl((u32) gss_cred->gc_service);
843 p = xdr_encode_netobj(p, &ctx->gc_wire_ctx);
844 *cred_len = htonl((p - (cred_len + 1)) << 2);
845
846 /* We compute the checksum for the verifier over the xdr-encoded bytes
847 * starting with the xid and ending at the end of the credential: */
Chuck Lever808012f2005-08-25 16:25:49 -0700[diff] [blame]848 iov.iov_base = xprt_skip_transport_header(task->tk_xprt,
849 req->rq_snd_buf.head[0].iov_base);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]850 iov.iov_len = (u8 *)p - (u8 *)iov.iov_base;
851 xdr_buf_from_iov(&iov, &verf_buf);
852
853 /* set verifier flavor*/
854 *p++ = htonl(RPC_AUTH_GSS);
855
856 mic.data = (u8 *)(p + 1);
J. Bruce Fields00fd6e12005-10-13 16:55:18 -0400[diff] [blame^]857 maj_stat = gss_get_mic(ctx->gc_gss_ctx, &verf_buf, &mic);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]858 if (maj_stat == GSS_S_CONTEXT_EXPIRED) {
859 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
860 } else if (maj_stat != 0) {
861 printk("gss_marshal: gss_get_mic FAILED (%d)\n", maj_stat);
862 goto out_put_ctx;
863 }
864 p = xdr_encode_opaque(p, NULL, mic.len);
865 gss_put_ctx(ctx);
866 return p;
867out_put_ctx:
868 gss_put_ctx(ctx);
869 return NULL;
870}
871
872/*
873* Refresh credentials. XXX - finish
874*/
875static int
876gss_refresh(struct rpc_task *task)
877{
878
879 if (!gss_cred_is_uptodate_ctx(task->tk_msg.rpc_cred))
880 return gss_refresh_upcall(task);
881 return 0;
882}
883
884static u32 *
885gss_validate(struct rpc_task *task, u32 *p)
886{
887 struct rpc_cred *cred = task->tk_msg.rpc_cred;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]888 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
J. Bruce Fields00fd6e12005-10-13 16:55:18 -0400[diff] [blame^]889 u32 seq;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]890 struct kvec iov;
891 struct xdr_buf verf_buf;
892 struct xdr_netobj mic;
893 u32 flav,len;
894 u32 maj_stat;
895
896 dprintk("RPC: %4u gss_validate\n", task->tk_pid);
897
898 flav = ntohl(*p++);
899 if ((len = ntohl(*p++)) > RPC_MAX_AUTH_SIZE)
900 goto out_bad;
901 if (flav != RPC_AUTH_GSS)
902 goto out_bad;
903 seq = htonl(task->tk_rqstp->rq_seqno);
904 iov.iov_base = &seq;
905 iov.iov_len = sizeof(seq);
906 xdr_buf_from_iov(&iov, &verf_buf);
907 mic.data = (u8 *)p;
908 mic.len = len;
909
J. Bruce Fields00fd6e12005-10-13 16:55:18 -0400[diff] [blame^]910 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &verf_buf, &mic);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]911 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
912 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
913 if (maj_stat)
914 goto out_bad;
J. Bruce Fields24b26052005-10-13 16:54:53 -0400[diff] [blame]915 /* We leave it to unwrap to calculate au_rslack. For now we just
916 * calculate the length of the verifier: */
917 task->tk_auth->au_verfsize = XDR_QUADLEN(len) + 2;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]918 gss_put_ctx(ctx);
919 dprintk("RPC: %4u GSS gss_validate: gss_verify_mic succeeded.\n",
920 task->tk_pid);
921 return p + XDR_QUADLEN(len);
922out_bad:
923 gss_put_ctx(ctx);
924 dprintk("RPC: %4u gss_validate failed.\n", task->tk_pid);
925 return NULL;
926}
927
928static inline int
929gss_wrap_req_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
930 kxdrproc_t encode, struct rpc_rqst *rqstp, u32 *p, void *obj)
931{
932 struct xdr_buf *snd_buf = &rqstp->rq_snd_buf;
933 struct xdr_buf integ_buf;
934 u32 *integ_len = NULL;
935 struct xdr_netobj mic;
936 u32 offset, *q;
937 struct kvec *iov;
938 u32 maj_stat = 0;
939 int status = -EIO;
940
941 integ_len = p++;
942 offset = (u8 *)p - (u8 *)snd_buf->head[0].iov_base;
943 *p++ = htonl(rqstp->rq_seqno);
944
945 status = encode(rqstp, p, obj);
946 if (status)
947 return status;
948
949 if (xdr_buf_subsegment(snd_buf, &integ_buf,
950 offset, snd_buf->len - offset))
951 return status;
952 *integ_len = htonl(integ_buf.len);
953
954 /* guess whether we're in the head or the tail: */
955 if (snd_buf->page_len || snd_buf->tail[0].iov_len)
956 iov = snd_buf->tail;
957 else
958 iov = snd_buf->head;
959 p = iov->iov_base + iov->iov_len;
960 mic.data = (u8 *)(p + 1);
961
J. Bruce Fields00fd6e12005-10-13 16:55:18 -0400[diff] [blame^]962 maj_stat = gss_get_mic(ctx->gc_gss_ctx, &integ_buf, &mic);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]963 status = -EIO; /* XXX? */
964 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
965 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
966 else if (maj_stat)
967 return status;
968 q = xdr_encode_opaque(p, NULL, mic.len);
969
970 offset = (u8 *)q - (u8 *)p;
971 iov->iov_len += offset;
972 snd_buf->len += offset;
973 return 0;
974}
975
J. Bruce Fields2d2da60c2005-10-13 16:54:58 -0400[diff] [blame]976static void
977priv_release_snd_buf(struct rpc_rqst *rqstp)
978{
979 int i;
980
981 for (i=0; i < rqstp->rq_enc_pages_num; i++)
982 __free_page(rqstp->rq_enc_pages[i]);
983 kfree(rqstp->rq_enc_pages);
984}
985
986static int
987alloc_enc_pages(struct rpc_rqst *rqstp)
988{
989 struct xdr_buf *snd_buf = &rqstp->rq_snd_buf;
990 int first, last, i;
991
992 if (snd_buf->page_len == 0) {
993 rqstp->rq_enc_pages_num = 0;
994 return 0;
995 }
996
997 first = snd_buf->page_base >> PAGE_CACHE_SHIFT;
998 last = (snd_buf->page_base + snd_buf->page_len - 1) >> PAGE_CACHE_SHIFT;
999 rqstp->rq_enc_pages_num = last - first + 1 + 1;
1000 rqstp->rq_enc_pages
1001 = kmalloc(rqstp->rq_enc_pages_num * sizeof(struct page *),
1002 GFP_NOFS);
1003 if (!rqstp->rq_enc_pages)
1004 goto out;
1005 for (i=0; i < rqstp->rq_enc_pages_num; i++) {
1006 rqstp->rq_enc_pages[i] = alloc_page(GFP_NOFS);
1007 if (rqstp->rq_enc_pages[i] == NULL)
1008 goto out_free;
1009 }
1010 rqstp->rq_release_snd_buf = priv_release_snd_buf;
1011 return 0;
1012out_free:
1013 for (i--; i >= 0; i--) {
1014 __free_page(rqstp->rq_enc_pages[i]);
1015 }
1016out:
1017 return -EAGAIN;
1018}
1019
1020static inline int
1021gss_wrap_req_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
1022 kxdrproc_t encode, struct rpc_rqst *rqstp, u32 *p, void *obj)
1023{
1024 struct xdr_buf *snd_buf = &rqstp->rq_snd_buf;
1025 u32 offset;
1026 u32 maj_stat;
1027 int status;
1028 u32 *opaque_len;
1029 struct page **inpages;
1030 int first;
1031 int pad;
1032 struct kvec *iov;
1033 char *tmp;
1034
1035 opaque_len = p++;
1036 offset = (u8 *)p - (u8 *)snd_buf->head[0].iov_base;
1037 *p++ = htonl(rqstp->rq_seqno);
1038
1039 status = encode(rqstp, p, obj);
1040 if (status)
1041 return status;
1042
1043 status = alloc_enc_pages(rqstp);
1044 if (status)
1045 return status;
1046 first = snd_buf->page_base >> PAGE_CACHE_SHIFT;
1047 inpages = snd_buf->pages + first;
1048 snd_buf->pages = rqstp->rq_enc_pages;
1049 snd_buf->page_base -= first << PAGE_CACHE_SHIFT;
1050 /* Give the tail its own page, in case we need extra space in the
1051 * head when wrapping: */
1052 if (snd_buf->page_len || snd_buf->tail[0].iov_len) {
1053 tmp = page_address(rqstp->rq_enc_pages[rqstp->rq_enc_pages_num - 1]);
1054 memcpy(tmp, snd_buf->tail[0].iov_base, snd_buf->tail[0].iov_len);
1055 snd_buf->tail[0].iov_base = tmp;
1056 }
J. Bruce Fields00fd6e12005-10-13 16:55:18 -0400[diff] [blame^]1057 maj_stat = gss_wrap(ctx->gc_gss_ctx, offset, snd_buf, inpages);
J. Bruce Fields2d2da60c2005-10-13 16:54:58 -0400[diff] [blame]1058 /* RPC_SLACK_SPACE should prevent this ever happening: */
1059 BUG_ON(snd_buf->len > snd_buf->buflen);
1060 status = -EIO;
1061 /* We're assuming that when GSS_S_CONTEXT_EXPIRED, the encryption was
1062 * done anyway, so it's safe to put the request on the wire: */
1063 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
1064 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
1065 else if (maj_stat)
1066 return status;
1067
1068 *opaque_len = htonl(snd_buf->len - offset);
1069 /* guess whether we're in the head or the tail: */
1070 if (snd_buf->page_len || snd_buf->tail[0].iov_len)
1071 iov = snd_buf->tail;
1072 else
1073 iov = snd_buf->head;
1074 p = iov->iov_base + iov->iov_len;
1075 pad = 3 - ((snd_buf->len - offset - 1) & 3);
1076 memset(p, 0, pad);
1077 iov->iov_len += pad;
1078 snd_buf->len += pad;
1079
1080 return 0;
1081}
1082
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1083static int
1084gss_wrap_req(struct rpc_task *task,
1085 kxdrproc_t encode, void *rqstp, u32 *p, void *obj)
1086{
1087 struct rpc_cred *cred = task->tk_msg.rpc_cred;
1088 struct gss_cred *gss_cred = container_of(cred, struct gss_cred,
1089 gc_base);
1090 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
1091 int status = -EIO;
1092
1093 dprintk("RPC: %4u gss_wrap_req\n", task->tk_pid);
1094 if (ctx->gc_proc != RPC_GSS_PROC_DATA) {
1095 /* The spec seems a little ambiguous here, but I think that not
1096 * wrapping context destruction requests makes the most sense.
1097 */
1098 status = encode(rqstp, p, obj);
1099 goto out;
1100 }
1101 switch (gss_cred->gc_service) {
1102 case RPC_GSS_SVC_NONE:
1103 status = encode(rqstp, p, obj);
1104 break;
1105 case RPC_GSS_SVC_INTEGRITY:
1106 status = gss_wrap_req_integ(cred, ctx, encode,
1107 rqstp, p, obj);
1108 break;
1109 case RPC_GSS_SVC_PRIVACY:
J. Bruce Fields2d2da60c2005-10-13 16:54:58 -0400[diff] [blame]1110 status = gss_wrap_req_priv(cred, ctx, encode,
1111 rqstp, p, obj);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1112 break;
1113 }
1114out:
1115 gss_put_ctx(ctx);
1116 dprintk("RPC: %4u gss_wrap_req returning %d\n", task->tk_pid, status);
1117 return status;
1118}
1119
1120static inline int
1121gss_unwrap_resp_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
1122 struct rpc_rqst *rqstp, u32 **p)
1123{
1124 struct xdr_buf *rcv_buf = &rqstp->rq_rcv_buf;
1125 struct xdr_buf integ_buf;
1126 struct xdr_netobj mic;
1127 u32 data_offset, mic_offset;
1128 u32 integ_len;
1129 u32 maj_stat;
1130 int status = -EIO;
1131
1132 integ_len = ntohl(*(*p)++);
1133 if (integ_len & 3)
1134 return status;
1135 data_offset = (u8 *)(*p) - (u8 *)rcv_buf->head[0].iov_base;
1136 mic_offset = integ_len + data_offset;
1137 if (mic_offset > rcv_buf->len)
1138 return status;
1139 if (ntohl(*(*p)++) != rqstp->rq_seqno)
1140 return status;
1141
1142 if (xdr_buf_subsegment(rcv_buf, &integ_buf, data_offset,
1143 mic_offset - data_offset))
1144 return status;
1145
1146 if (xdr_buf_read_netobj(rcv_buf, &mic, mic_offset))
1147 return status;
1148
J. Bruce Fields00fd6e12005-10-13 16:55:18 -0400[diff] [blame^]1149 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &integ_buf, &mic);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1150 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
1151 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
1152 if (maj_stat != GSS_S_COMPLETE)
1153 return status;
1154 return 0;
1155}
1156
J. Bruce Fields2d2da60c2005-10-13 16:54:58 -0400[diff] [blame]1157static inline int
1158gss_unwrap_resp_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
1159 struct rpc_rqst *rqstp, u32 **p)
1160{
1161 struct xdr_buf *rcv_buf = &rqstp->rq_rcv_buf;
1162 u32 offset;
1163 u32 opaque_len;
1164 u32 maj_stat;
1165 int status = -EIO;
1166
1167 opaque_len = ntohl(*(*p)++);
1168 offset = (u8 *)(*p) - (u8 *)rcv_buf->head[0].iov_base;
1169 if (offset + opaque_len > rcv_buf->len)
1170 return status;
1171 /* remove padding: */
1172 rcv_buf->len = offset + opaque_len;
1173
J. Bruce Fields00fd6e12005-10-13 16:55:18 -0400[diff] [blame^]1174 maj_stat = gss_unwrap(ctx->gc_gss_ctx, offset, rcv_buf);
J. Bruce Fields2d2da60c2005-10-13 16:54:58 -0400[diff] [blame]1175 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
1176 cred->cr_flags &= ~RPCAUTH_CRED_UPTODATE;
1177 if (maj_stat != GSS_S_COMPLETE)
1178 return status;
1179 if (ntohl(*(*p)++) != rqstp->rq_seqno)
1180 return status;
1181
1182 return 0;
1183}
1184
1185
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1186static int
1187gss_unwrap_resp(struct rpc_task *task,
1188 kxdrproc_t decode, void *rqstp, u32 *p, void *obj)
1189{
1190 struct rpc_cred *cred = task->tk_msg.rpc_cred;
1191 struct gss_cred *gss_cred = container_of(cred, struct gss_cred,
1192 gc_base);
1193 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
J. Bruce Fields24b26052005-10-13 16:54:53 -0400[diff] [blame]1194 u32 *savedp = p;
J. Bruce Fields2d2da60c2005-10-13 16:54:58 -0400[diff] [blame]1195 struct kvec *head = ((struct rpc_rqst *)rqstp)->rq_rcv_buf.head;
1196 int savedlen = head->iov_len;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1197 int status = -EIO;
1198
1199 if (ctx->gc_proc != RPC_GSS_PROC_DATA)
1200 goto out_decode;
1201 switch (gss_cred->gc_service) {
1202 case RPC_GSS_SVC_NONE:
1203 break;
1204 case RPC_GSS_SVC_INTEGRITY:
1205 status = gss_unwrap_resp_integ(cred, ctx, rqstp, &p);
1206 if (status)
1207 goto out;
1208 break;
1209 case RPC_GSS_SVC_PRIVACY:
J. Bruce Fields2d2da60c2005-10-13 16:54:58 -0400[diff] [blame]1210 status = gss_unwrap_resp_priv(cred, ctx, rqstp, &p);
1211 if (status)
1212 goto out;
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1213 break;
1214 }
J. Bruce Fields24b26052005-10-13 16:54:53 -0400[diff] [blame]1215 /* take into account extra slack for integrity and privacy cases: */
J. Bruce Fields2d2da60c2005-10-13 16:54:58 -0400[diff] [blame]1216 task->tk_auth->au_rslack = task->tk_auth->au_verfsize + (p - savedp)
1217 + (savedlen - head->iov_len);
Linus Torvalds1da177e2005-04-16 15:20:36 -0700[diff] [blame]1218out_decode:
1219 status = decode(rqstp, p, obj);
1220out:
1221 gss_put_ctx(ctx);
1222 dprintk("RPC: %4u gss_unwrap_resp returning %d\n", task->tk_pid,
1223 status);
1224 return status;
1225}
1226
1227static struct rpc_authops authgss_ops = {
1228 .owner = THIS_MODULE,
1229 .au_flavor = RPC_AUTH_GSS,
1230#ifdef RPC_DEBUG
1231 .au_name = "RPCSEC_GSS",
1232#endif
1233 .create = gss_create,
1234 .destroy = gss_destroy,
1235 .lookup_cred = gss_lookup_cred,
1236 .crcreate = gss_create_cred
1237};
1238
1239static struct rpc_credops gss_credops = {
1240 .cr_name = "AUTH_GSS",
1241 .crdestroy = gss_destroy_cred,
1242 .crmatch = gss_match,
1243 .crmarshal = gss_marshal,
1244 .crrefresh = gss_refresh,
1245 .crvalidate = gss_validate,
1246 .crwrap_req = gss_wrap_req,
1247 .crunwrap_resp = gss_unwrap_resp,
1248};
1249
1250static struct rpc_pipe_ops gss_upcall_ops = {
1251 .upcall = gss_pipe_upcall,
1252 .downcall = gss_pipe_downcall,
1253 .destroy_msg = gss_pipe_destroy_msg,
1254 .release_pipe = gss_pipe_release,
1255};
1256
1257/*
1258 * Initialize RPCSEC_GSS module
1259 */
1260static int __init init_rpcsec_gss(void)
1261{
1262 int err = 0;
1263
1264 err = rpcauth_register(&authgss_ops);
1265 if (err)
1266 goto out;
1267 err = gss_svc_init();
1268 if (err)
1269 goto out_unregister;
1270 return 0;
1271out_unregister:
1272 rpcauth_unregister(&authgss_ops);
1273out:
1274 return err;
1275}
1276
1277static void __exit exit_rpcsec_gss(void)
1278{
1279 gss_svc_shutdown();
1280 rpcauth_unregister(&authgss_ops);
1281}
1282
1283MODULE_LICENSE("GPL");
1284module_init(init_rpcsec_gss)
1285module_exit(exit_rpcsec_gss)