projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
SUNRPC: Replace clnt->cl_principal
[deliverable/linux.git] / net / sunrpc / auth_gss / auth_gss.c
CommitLineData
1da177e4 1/*
f30c2269 2 * linux/net/sunrpc/auth_gss/auth_gss.c
1da177e4
LT		 3 *
4 * RPCSEC_GSS client authentication.
cca5172a 5 *
1da177e4
LT		 6 * Copyright (c) 2000 The Regents of the University of Michigan.
7 * All rights reserved.
8 *
9 * Dug Song <dugsong@monkey.org>
10 * Andy Adamson <andros@umich.edu>
11 *
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
14 * are met:
15 *
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
21 * 3. Neither the name of the University nor the names of its
22 * contributors may be used to endorse or promote products derived
23 * from this software without specific prior written permission.
24 *
25 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
26 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
27 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
28 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
32 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
1da177e4
LT		 36 */
37
38
39#include <linux/module.h>
40#include <linux/init.h>
41#include <linux/types.h>
42#include <linux/slab.h>
1da177e4 43#include <linux/sched.h>
2d2da60c 44#include <linux/pagemap.h>
1da177e4
LT		 45#include <linux/sunrpc/clnt.h>
46#include <linux/sunrpc/auth.h>
47#include <linux/sunrpc/auth_gss.h>
48#include <linux/sunrpc/svcauth_gss.h>
49#include <linux/sunrpc/gss_err.h>
50#include <linux/workqueue.h>
51#include <linux/sunrpc/rpc_pipe_fs.h>
52#include <linux/sunrpc/gss_api.h>
53#include <asm/uaccess.h>
54
abfdbd53
TM		 55#include "../netns.h"
56
f1c0a861 57static const struct rpc_authops authgss_ops;
1da177e4 58
f1c0a861 59static const struct rpc_credops gss_credops;
0df7fb74 60static const struct rpc_credops gss_nullops;
1da177e4 61
126e216a
TM		 62#define GSS_RETRY_EXPIRED 5
63static unsigned int gss_expired_cred_retry_delay = GSS_RETRY_EXPIRED;
64
1da177e4
LT		 65#ifdef RPC_DEBUG
66# define RPCDBG_FACILITY RPCDBG_AUTH
67#endif
68
725f2865 69#define GSS_CRED_SLACK (RPC_MAX_AUTH_SIZE * 2)
1da177e4
LT		 70/* length of a krb5 verifier (48), plus data added before arguments when
71 * using integrity (two 4-byte integers): */
adeb8133 72#define GSS_VERF_SLACK 100
1da177e4 73
1da177e4 74struct gss_auth {
0285ed1f 75 struct kref kref;
1da177e4
LT		 76 struct rpc_auth rpc_auth;
77 struct gss_api_mech *mech;
78 enum rpc_gss_svc service;
1da177e4 79 struct rpc_clnt *client;
34769fc4
BF		 80 /*
81 * There are two upcall pipes; dentry[1], named "gssd", is used
82 * for the new text-based upcall; dentry[0] is named after the
83 * mechanism (for example, "krb5") and exists for
84 * backwards-compatibility with older gssd's.
85 */
c239d83b 86 struct rpc_pipe *pipe[2];
bd4a3eb1 87 const char *target_name;
1da177e4
LT		 88};
89
79a3f20b 90/* pipe_version >= 0 if and only if someone has a pipe open. */
79a3f20b
BF		 91static DEFINE_SPINLOCK(pipe_version_lock);
92static struct rpc_wait_queue pipe_version_rpc_waitqueue;
93static DECLARE_WAIT_QUEUE_HEAD(pipe_version_waitqueue);
cf81939d 94
5d28dc82 95static void gss_free_ctx(struct gss_cl_ctx *);
b693ba4a
TM		 96static const struct rpc_pipe_ops gss_upcall_ops_v0;
97static const struct rpc_pipe_ops gss_upcall_ops_v1;
1da177e4 98
1da177e4
LT		 99static inline struct gss_cl_ctx *
100gss_get_ctx(struct gss_cl_ctx *ctx)
101{
102 atomic_inc(&ctx->count);
103 return ctx;
104}
105
106static inline void
107gss_put_ctx(struct gss_cl_ctx *ctx)
108{
109 if (atomic_dec_and_test(&ctx->count))
5d28dc82 110 gss_free_ctx(ctx);
1da177e4
LT		 111}
112
5d28dc82
TM		 113/* gss_cred_set_ctx:
114 * called by gss_upcall_callback and gss_create_upcall in order
115 * to set the gss context. The actual exchange of an old context
9beae467 116 * and a new one is protected by the pipe->lock.
5d28dc82 117 */
1da177e4
LT		 118static void
119gss_cred_set_ctx(struct rpc_cred *cred, struct gss_cl_ctx *ctx)
120{
121 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
5d28dc82 122
cd019f75
TM		 123 if (!test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags))
124 return;
7b6962b0 125 gss_get_ctx(ctx);
cf778b00 126 rcu_assign_pointer(gss_cred->gc_ctx, ctx);
fc432dd9 127 set_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
cd019f75 128 smp_mb__before_clear_bit();
fc432dd9 129 clear_bit(RPCAUTH_CRED_NEW, &cred->cr_flags);
1da177e4
LT		 130}
131
132static const void *
133simple_get_bytes(const void *p, const void *end, void *res, size_t len)
134{
135 const void *q = (const void *)((const char *)p + len);
136 if (unlikely(q > end || q < p))
137 return ERR_PTR(-EFAULT);
138 memcpy(res, p, len);
139 return q;
140}
141
142static inline const void *
143simple_get_netobj(const void *p, const void *end, struct xdr_netobj *dest)
144{
145 const void *q;
146 unsigned int len;
147
148 p = simple_get_bytes(p, end, &len, sizeof(len));
149 if (IS_ERR(p))
150 return p;
151 q = (const void *)((const char *)p + len);
152 if (unlikely(q > end || q < p))
153 return ERR_PTR(-EFAULT);
0f38b873 154 dest->data = kmemdup(p, len, GFP_NOFS);
1da177e4
LT		 155 if (unlikely(dest->data == NULL))
156 return ERR_PTR(-ENOMEM);
157 dest->len = len;
1da177e4
LT		 158 return q;
159}
160
161static struct gss_cl_ctx *
162gss_cred_get_ctx(struct rpc_cred *cred)
163{
164 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
165 struct gss_cl_ctx *ctx = NULL;
166
5d28dc82 167 rcu_read_lock();
1da177e4
LT		 168 if (gss_cred->gc_ctx)
169 ctx = gss_get_ctx(gss_cred->gc_ctx);
5d28dc82 170 rcu_read_unlock();
1da177e4
LT		 171 return ctx;
172}
173
174static struct gss_cl_ctx *
175gss_alloc_context(void)
176{
177 struct gss_cl_ctx *ctx;
178
0f38b873 179 ctx = kzalloc(sizeof(*ctx), GFP_NOFS);
1da177e4 180 if (ctx != NULL) {
1da177e4
LT		 181 ctx->gc_proc = RPC_GSS_PROC_DATA;
182 ctx->gc_seq = 1; /* NetApp 6.4R1 doesn't accept seq. no. 0 */
183 spin_lock_init(&ctx->gc_seq_lock);
184 atomic_set(&ctx->count,1);
185 }
186 return ctx;
187}
188
189#define GSSD_MIN_TIMEOUT (60 * 60)
190static const void *
191gss_fill_context(const void *p, const void *end, struct gss_cl_ctx *ctx, struct gss_api_mech *gm)
192{
193 const void *q;
194 unsigned int seclen;
195 unsigned int timeout;
620038f6 196 unsigned long now = jiffies;
1da177e4
LT		 197 u32 window_size;
198 int ret;
199
620038f6
AA		 200 /* First unsigned int gives the remaining lifetime in seconds of the
201 * credential - e.g. the remaining TGT lifetime for Kerberos or
202 * the -t value passed to GSSD.
203 */
1da177e4
LT		 204 p = simple_get_bytes(p, end, &timeout, sizeof(timeout));
205 if (IS_ERR(p))
206 goto err;
207 if (timeout == 0)
208 timeout = GSSD_MIN_TIMEOUT;
620038f6
AA		 209 ctx->gc_expiry = now + ((unsigned long)timeout * HZ);
210 /* Sequence number window. Determines the maximum number of
211 * simultaneous requests
212 */
1da177e4
LT		 213 p = simple_get_bytes(p, end, &window_size, sizeof(window_size));
214 if (IS_ERR(p))
215 goto err;
216 ctx->gc_win = window_size;
217 /* gssd signals an error by passing ctx->gc_win = 0: */
218 if (ctx->gc_win == 0) {
dc5ddce9
JL		 219 /*
220 * in which case, p points to an error code. Anything other
221 * than -EKEYEXPIRED gets converted to -EACCES.
222 */
223 p = simple_get_bytes(p, end, &ret, sizeof(ret));
224 if (!IS_ERR(p))
225 p = (ret == -EKEYEXPIRED) ? ERR_PTR(-EKEYEXPIRED) :
226 ERR_PTR(-EACCES);
1da177e4
LT		 227 goto err;
228 }
229 /* copy the opaque wire context */
230 p = simple_get_netobj(p, end, &ctx->gc_wire_ctx);
231 if (IS_ERR(p))
232 goto err;
233 /* import the opaque security context */
234 p = simple_get_bytes(p, end, &seclen, sizeof(seclen));
235 if (IS_ERR(p))
236 goto err;
237 q = (const void *)((const char *)p + seclen);
238 if (unlikely(q > end || q < p)) {
239 p = ERR_PTR(-EFAULT);
240 goto err;
241 }
400f26b5 242 ret = gss_import_sec_context(p, seclen, gm, &ctx->gc_gss_ctx, NULL, GFP_NOFS);
1da177e4
LT		 243 if (ret < 0) {
244 p = ERR_PTR(ret);
245 goto err;
246 }
620038f6
AA		 247 dprintk("RPC: %s Success. gc_expiry %lu now %lu timeout %u\n",
248 __func__, ctx->gc_expiry, now, timeout);
1da177e4
LT		 249 return q;
250err:
173db309 251 dprintk("RPC: %s returns error %ld\n", __func__, -PTR_ERR(p));
1da177e4
LT		 252 return p;
253}
254
34769fc4 255#define UPCALL_BUF_LEN 128
1da177e4
LT		 256
257struct gss_upcall_msg {
258 atomic_t count;
7eaf040b 259 kuid_t uid;
1da177e4
LT		 260 struct rpc_pipe_msg msg;
261 struct list_head list;
262 struct gss_auth *auth;
9beae467 263 struct rpc_pipe *pipe;
1da177e4
LT		 264 struct rpc_wait_queue rpc_waitqueue;
265 wait_queue_head_t waitqueue;
266 struct gss_cl_ctx *ctx;
34769fc4 267 char databuf[UPCALL_BUF_LEN];
1da177e4
LT		 268};
269
2aed8b47 270static int get_pipe_version(struct net *net)
79a3f20b 271{
2aed8b47 272 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
79a3f20b
BF		 273 int ret;
274
275 spin_lock(&pipe_version_lock);
2aed8b47
TM		 276 if (sn->pipe_version >= 0) {
277 atomic_inc(&sn->pipe_users);
278 ret = sn->pipe_version;
79a3f20b
BF		 279 } else
280 ret = -EAGAIN;
281 spin_unlock(&pipe_version_lock);
282 return ret;
283}
284
2aed8b47 285static void put_pipe_version(struct net *net)
79a3f20b 286{
2aed8b47
TM		 287 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
288
289 if (atomic_dec_and_lock(&sn->pipe_users, &pipe_version_lock)) {
290 sn->pipe_version = -1;
79a3f20b
BF		 291 spin_unlock(&pipe_version_lock);
292 }
293}
294
1da177e4
LT		 295static void
296gss_release_msg(struct gss_upcall_msg *gss_msg)
297{
2aed8b47 298 struct net *net = rpc_net_ns(gss_msg->auth->client);
1da177e4
LT		 299 if (!atomic_dec_and_test(&gss_msg->count))
300 return;
2aed8b47 301 put_pipe_version(net);
1da177e4
LT		 302 BUG_ON(!list_empty(&gss_msg->list));
303 if (gss_msg->ctx != NULL)
304 gss_put_ctx(gss_msg->ctx);
f6a1cc89 305 rpc_destroy_wait_queue(&gss_msg->rpc_waitqueue);
1da177e4
LT		 306 kfree(gss_msg);
307}
308
309static struct gss_upcall_msg *
7eaf040b 310__gss_find_upcall(struct rpc_pipe *pipe, kuid_t uid)
1da177e4
LT		 311{
312 struct gss_upcall_msg *pos;
9beae467 313 list_for_each_entry(pos, &pipe->in_downcall, list) {
0b4d51b0 314 if (!uid_eq(pos->uid, uid))
1da177e4
LT		 315 continue;
316 atomic_inc(&pos->count);
632f0d05 317 dprintk("RPC: %s found msg %p\n", __func__, pos);
1da177e4
LT		 318 return pos;
319 }
632f0d05 320 dprintk("RPC: %s found nothing\n", __func__);
1da177e4
LT		 321 return NULL;
322}
323
720b8f2d 324/* Try to add an upcall to the pipefs queue.
1da177e4
LT		 325 * If an upcall owned by our uid already exists, then we return a reference
326 * to that upcall instead of adding the new upcall.
327 */
328static inline struct gss_upcall_msg *
053e324f 329gss_add_msg(struct gss_upcall_msg *gss_msg)
1da177e4 330{
9beae467 331 struct rpc_pipe *pipe = gss_msg->pipe;
1da177e4
LT		 332 struct gss_upcall_msg *old;
333
9beae467
SK		 334 spin_lock(&pipe->lock);
335 old = __gss_find_upcall(pipe, gss_msg->uid);
1da177e4
LT		 336 if (old == NULL) {
337 atomic_inc(&gss_msg->count);
9beae467 338 list_add(&gss_msg->list, &pipe->in_downcall);
1da177e4
LT		 339 } else
340 gss_msg = old;
9beae467 341 spin_unlock(&pipe->lock);
1da177e4
LT		 342 return gss_msg;
343}
344
345static void
346__gss_unhash_msg(struct gss_upcall_msg *gss_msg)
347{
1da177e4
LT		 348 list_del_init(&gss_msg->list);
349 rpc_wake_up_status(&gss_msg->rpc_waitqueue, gss_msg->msg.errno);
350 wake_up_all(&gss_msg->waitqueue);
351 atomic_dec(&gss_msg->count);
352}
353
354static void
355gss_unhash_msg(struct gss_upcall_msg *gss_msg)
356{
9beae467 357 struct rpc_pipe *pipe = gss_msg->pipe;
1da177e4 358
3b68aaea
TM		 359 if (list_empty(&gss_msg->list))
360 return;
9beae467 361 spin_lock(&pipe->lock);
3b68aaea
TM		 362 if (!list_empty(&gss_msg->list))
363 __gss_unhash_msg(gss_msg);
9beae467 364 spin_unlock(&pipe->lock);
1da177e4
LT		 365}
366
126e216a
TM		 367static void
368gss_handle_downcall_result(struct gss_cred *gss_cred, struct gss_upcall_msg *gss_msg)
369{
370 switch (gss_msg->msg.errno) {
371 case 0:
372 if (gss_msg->ctx == NULL)
373 break;
374 clear_bit(RPCAUTH_CRED_NEGATIVE, &gss_cred->gc_base.cr_flags);
375 gss_cred_set_ctx(&gss_cred->gc_base, gss_msg->ctx);
376 break;
377 case -EKEYEXPIRED:
378 set_bit(RPCAUTH_CRED_NEGATIVE, &gss_cred->gc_base.cr_flags);
379 }
380 gss_cred->gc_upcall_timestamp = jiffies;
381 gss_cred->gc_upcall = NULL;
382 rpc_wake_up_status(&gss_msg->rpc_waitqueue, gss_msg->msg.errno);
383}
384
1da177e4
LT		 385static void
386gss_upcall_callback(struct rpc_task *task)
387{
a17c2153 388 struct gss_cred *gss_cred = container_of(task->tk_rqstp->rq_cred,
1da177e4
LT		 389 struct gss_cred, gc_base);
390 struct gss_upcall_msg *gss_msg = gss_cred->gc_upcall;
9beae467 391 struct rpc_pipe *pipe = gss_msg->pipe;
1da177e4 392
9beae467 393 spin_lock(&pipe->lock);
126e216a 394 gss_handle_downcall_result(gss_cred, gss_msg);
9beae467 395 spin_unlock(&pipe->lock);
126e216a 396 task->tk_status = gss_msg->msg.errno;
1da177e4
LT		 397 gss_release_msg(gss_msg);
398}
399
34769fc4
BF		 400static void gss_encode_v0_msg(struct gss_upcall_msg *gss_msg)
401{
90602c7b
EB		 402 uid_t uid = from_kuid(&init_user_ns, gss_msg->uid);
403 memcpy(gss_msg->databuf, &uid, sizeof(uid));
404 gss_msg->msg.data = gss_msg->databuf;
405 gss_msg->msg.len = sizeof(uid);
406 BUG_ON(sizeof(uid) > UPCALL_BUF_LEN);
34769fc4
BF		 407}
408
8b1c7bf5 409static void gss_encode_v1_msg(struct gss_upcall_msg *gss_msg,
bd4a3eb1
TM		 410 const char *service_name,
411 const char *target_name)
34769fc4 412{
683ac665 413 struct gss_api_mech *mech = gss_msg->auth->mech;
8b1c7bf5
OK		 414 char *p = gss_msg->databuf;
415 int len = 0;
416
417 gss_msg->msg.len = sprintf(gss_msg->databuf, "mech=%s uid=%d ",
683ac665 418 mech->gm_name,
90602c7b 419 from_kuid(&init_user_ns, gss_msg->uid));
8b1c7bf5 420 p += gss_msg->msg.len;
bd4a3eb1
TM		 421 if (target_name) {
422 len = sprintf(p, "target=%s ", target_name);
8b1c7bf5
OK		 423 p += len;
424 gss_msg->msg.len += len;
425 }
68c97153
TM		 426 if (service_name != NULL) {
427 len = sprintf(p, "service=%s ", service_name);
2efef708
OK		 428 p += len;
429 gss_msg->msg.len += len;
430 }
683ac665 431 if (mech->gm_upcall_enctypes) {
f8628220 432 len = sprintf(p, "enctypes=%s ", mech->gm_upcall_enctypes);
683ac665
TM		 433 p += len;
434 gss_msg->msg.len += len;
435 }
8b1c7bf5
OK		 436 len = sprintf(p, "\n");
437 gss_msg->msg.len += len;
438
34769fc4
BF		 439 gss_msg->msg.data = gss_msg->databuf;
440 BUG_ON(gss_msg->msg.len > UPCALL_BUF_LEN);
441}
442
68c97153
TM		 443static struct gss_upcall_msg *
444gss_alloc_msg(struct gss_auth *gss_auth, struct rpc_clnt *clnt,
7eaf040b 445 kuid_t uid, const char *service_name)
1da177e4
LT		 446{
447 struct gss_upcall_msg *gss_msg;
79a3f20b 448 int vers;
1da177e4 449
0f38b873 450 gss_msg = kzalloc(sizeof(*gss_msg), GFP_NOFS);
db75b3d6
BF		 451 if (gss_msg == NULL)
452 return ERR_PTR(-ENOMEM);
2aed8b47 453 vers = get_pipe_version(rpc_net_ns(clnt));
79a3f20b
BF		 454 if (vers < 0) {
455 kfree(gss_msg);
456 return ERR_PTR(vers);
457 }
c239d83b 458 gss_msg->pipe = gss_auth->pipe[vers];
db75b3d6
BF		 459 INIT_LIST_HEAD(&gss_msg->list);
460 rpc_init_wait_queue(&gss_msg->rpc_waitqueue, "RPCSEC_GSS upcall waitq");
461 init_waitqueue_head(&gss_msg->waitqueue);
462 atomic_set(&gss_msg->count, 1);
db75b3d6
BF		 463 gss_msg->uid = uid;
464 gss_msg->auth = gss_auth;
bd4a3eb1
TM		 465 switch (vers) {
466 case 0:
467 gss_encode_v0_msg(gss_msg);
468 default:
469 gss_encode_v1_msg(gss_msg, service_name, gss_auth->target_name);
470 };
1da177e4
LT		 471 return gss_msg;
472}
473
474static struct gss_upcall_msg *
475gss_setup_upcall(struct rpc_clnt *clnt, struct gss_auth *gss_auth, struct rpc_cred *cred)
476{
7c67db3a
TM		 477 struct gss_cred *gss_cred = container_of(cred,
478 struct gss_cred, gc_base);
1da177e4 479 struct gss_upcall_msg *gss_new, *gss_msg;
7eaf040b 480 kuid_t uid = cred->cr_uid;
1da177e4 481
68c97153 482 gss_new = gss_alloc_msg(gss_auth, clnt, uid, gss_cred->gc_principal);
db75b3d6
BF		 483 if (IS_ERR(gss_new))
484 return gss_new;
053e324f 485 gss_msg = gss_add_msg(gss_new);
1da177e4 486 if (gss_msg == gss_new) {
9beae467 487 int res = rpc_queue_upcall(gss_new->pipe, &gss_new->msg);
1da177e4
LT		 488 if (res) {
489 gss_unhash_msg(gss_new);
490 gss_msg = ERR_PTR(res);
491 }
492 } else
493 gss_release_msg(gss_new);
494 return gss_msg;
495}
496
b03568c3
BF		 497static void warn_gssd(void)
498{
499 static unsigned long ratelimit;
500 unsigned long now = jiffies;
501
502 if (time_after(now, ratelimit)) {
503 printk(KERN_WARNING "RPC: AUTH_GSS upcall timed out.\n"
504 "Please check user daemon is running.\n");
505 ratelimit = now + 15*HZ;
506 }
507}
508
1da177e4
LT		 509static inline int
510gss_refresh_upcall(struct rpc_task *task)
511{
a17c2153 512 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
4a8c1344 513 struct gss_auth *gss_auth = container_of(cred->cr_auth,
1da177e4
LT		 514 struct gss_auth, rpc_auth);
515 struct gss_cred *gss_cred = container_of(cred,
516 struct gss_cred, gc_base);
517 struct gss_upcall_msg *gss_msg;
9beae467 518 struct rpc_pipe *pipe;
1da177e4
LT		 519 int err = 0;
520
632f0d05 521 dprintk("RPC: %5u %s for uid %u\n",
cdba321e 522 task->tk_pid, __func__, from_kuid(&init_user_ns, cred->cr_uid));
1da177e4 523 gss_msg = gss_setup_upcall(task->tk_client, gss_auth, cred);
480e3243 524 if (PTR_ERR(gss_msg) == -EAGAIN) {
79a3f20b
BF		 525 /* XXX: warning on the first, under the assumption we
526 * shouldn't normally hit this case on a refresh. */
527 warn_gssd();
528 task->tk_timeout = 15*HZ;
529 rpc_sleep_on(&pipe_version_rpc_waitqueue, task, NULL);
d1a8016a 530 return -EAGAIN;
79a3f20b 531 }
1da177e4
LT		 532 if (IS_ERR(gss_msg)) {
533 err = PTR_ERR(gss_msg);
534 goto out;
535 }
9beae467
SK		 536 pipe = gss_msg->pipe;
537 spin_lock(&pipe->lock);
1da177e4 538 if (gss_cred->gc_upcall != NULL)
5d00837b 539 rpc_sleep_on(&gss_cred->gc_upcall->rpc_waitqueue, task, NULL);
126e216a 540 else if (gss_msg->ctx == NULL && gss_msg->msg.errno >= 0) {
1da177e4
LT		 541 task->tk_timeout = 0;
542 gss_cred->gc_upcall = gss_msg;
543 /* gss_upcall_callback will release the reference to gss_upcall_msg */
544 atomic_inc(&gss_msg->count);
5d00837b 545 rpc_sleep_on(&gss_msg->rpc_waitqueue, task, gss_upcall_callback);
126e216a
TM		 546 } else {
547 gss_handle_downcall_result(gss_cred, gss_msg);
1da177e4 548 err = gss_msg->msg.errno;
126e216a 549 }
9beae467 550 spin_unlock(&pipe->lock);
1da177e4
LT		 551 gss_release_msg(gss_msg);
552out:
632f0d05 553 dprintk("RPC: %5u %s for uid %u result %d\n",
cdba321e
EB		 554 task->tk_pid, __func__,
555 from_kuid(&init_user_ns, cred->cr_uid), err);
1da177e4
LT		 556 return err;
557}
558
559static inline int
560gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred)
561{
abfdbd53
TM		 562 struct net *net = rpc_net_ns(gss_auth->client);
563 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
9beae467 564 struct rpc_pipe *pipe;
1da177e4
LT		 565 struct rpc_cred *cred = &gss_cred->gc_base;
566 struct gss_upcall_msg *gss_msg;
abfdbd53 567 unsigned long timeout;
1da177e4 568 DEFINE_WAIT(wait);
d36ccb9c 569 int err;
1da177e4 570
cdba321e
EB		 571 dprintk("RPC: %s for uid %u\n",
572 __func__, from_kuid(&init_user_ns, cred->cr_uid));
79a3f20b 573retry:
d36ccb9c 574 err = 0;
abfdbd53
TM		 575 /* Default timeout is 15s unless we know that gssd is not running */
576 timeout = 15 * HZ;
577 if (!sn->gssd_running)
578 timeout = HZ >> 2;
1da177e4 579 gss_msg = gss_setup_upcall(gss_auth->client, gss_auth, cred);
79a3f20b
BF		 580 if (PTR_ERR(gss_msg) == -EAGAIN) {
581 err = wait_event_interruptible_timeout(pipe_version_waitqueue,
2aed8b47
TM		 582 sn->pipe_version >= 0, timeout);
583 if (sn->pipe_version < 0) {
abfdbd53
TM		 584 if (err == 0)
585 sn->gssd_running = 0;
d1a8016a
BS		 586 warn_gssd();
587 err = -EACCES;
588 }
d36ccb9c 589 if (err < 0)
79a3f20b 590 goto out;
79a3f20b
BF		 591 goto retry;
592 }
1da177e4
LT		 593 if (IS_ERR(gss_msg)) {
594 err = PTR_ERR(gss_msg);
595 goto out;
596 }
9beae467 597 pipe = gss_msg->pipe;
1da177e4 598 for (;;) {
5afa9133 599 prepare_to_wait(&gss_msg->waitqueue, &wait, TASK_KILLABLE);
9beae467 600 spin_lock(&pipe->lock);
1da177e4 601 if (gss_msg->ctx != NULL || gss_msg->msg.errno < 0) {
1da177e4
LT		 602 break;
603 }
9beae467 604 spin_unlock(&pipe->lock);
5afa9133 605 if (fatal_signal_pending(current)) {
1da177e4
LT		 606 err = -ERESTARTSYS;
607 goto out_intr;
608 }
609 schedule();
610 }
611 if (gss_msg->ctx)
7b6962b0 612 gss_cred_set_ctx(cred, gss_msg->ctx);
1da177e4
LT		 613 else
614 err = gss_msg->msg.errno;
9beae467 615 spin_unlock(&pipe->lock);
1da177e4
LT		 616out_intr:
617 finish_wait(&gss_msg->waitqueue, &wait);
618 gss_release_msg(gss_msg);
619out:
632f0d05 620 dprintk("RPC: %s for uid %u result %d\n",
cdba321e 621 __func__, from_kuid(&init_user_ns, cred->cr_uid), err);
1da177e4
LT		 622 return err;
623}
624
1da177e4
LT		 625#define MSG_BUF_MAXSIZE 1024
626
627static ssize_t
628gss_pipe_downcall(struct file *filp, const char __user *src, size_t mlen)
629{
630 const void *p, *end;
631 void *buf;
1da177e4 632 struct gss_upcall_msg *gss_msg;
496ad9aa 633 struct rpc_pipe *pipe = RPC_I(file_inode(filp))->pipe;
1da177e4 634 struct gss_cl_ctx *ctx;
90602c7b
EB		 635 uid_t id;
636 kuid_t uid;
3b68aaea 637 ssize_t err = -EFBIG;
1da177e4
LT		 638
639 if (mlen > MSG_BUF_MAXSIZE)
640 goto out;
641 err = -ENOMEM;
0f38b873 642 buf = kmalloc(mlen, GFP_NOFS);
1da177e4
LT		 643 if (!buf)
644 goto out;
645
1da177e4
LT		 646 err = -EFAULT;
647 if (copy_from_user(buf, src, mlen))
648 goto err;
649
650 end = (const void *)((char *)buf + mlen);
90602c7b 651 p = simple_get_bytes(buf, end, &id, sizeof(id));
1da177e4
LT		 652 if (IS_ERR(p)) {
653 err = PTR_ERR(p);
654 goto err;
655 }
656
90602c7b
EB		 657 uid = make_kuid(&init_user_ns, id);
658 if (!uid_valid(uid)) {
659 err = -EINVAL;
660 goto err;
661 }
662
1da177e4
LT		 663 err = -ENOMEM;
664 ctx = gss_alloc_context();
665 if (ctx == NULL)
666 goto err;
3b68aaea
TM		 667
668 err = -ENOENT;
669 /* Find a matching upcall */
9beae467
SK		 670 spin_lock(&pipe->lock);
671 gss_msg = __gss_find_upcall(pipe, uid);
3b68aaea 672 if (gss_msg == NULL) {
9beae467 673 spin_unlock(&pipe->lock);
3b68aaea
TM		 674 goto err_put_ctx;
675 }
676 list_del_init(&gss_msg->list);
9beae467 677 spin_unlock(&pipe->lock);
3b68aaea 678
6e84c7b6 679 p = gss_fill_context(p, end, ctx, gss_msg->auth->mech);
1da177e4
LT		 680 if (IS_ERR(p)) {
681 err = PTR_ERR(p);
486bad2e
JL		 682 switch (err) {
683 case -EACCES:
dc5ddce9 684 case -EKEYEXPIRED:
486bad2e
JL		 685 gss_msg->msg.errno = err;
686 err = mlen;
687 break;
688 case -EFAULT:
689 case -ENOMEM:
690 case -EINVAL:
691 case -ENOSYS:
692 gss_msg->msg.errno = -EAGAIN;
693 break;
694 default:
695 printk(KERN_CRIT "%s: bad return from "
6c853099 696 "gss_fill_context: %zd\n", __func__, err);
486bad2e
JL		 697 BUG();
698 }
3b68aaea 699 goto err_release_msg;
1da177e4 700 }
3b68aaea
TM		 701 gss_msg->ctx = gss_get_ctx(ctx);
702 err = mlen;
703
704err_release_msg:
9beae467 705 spin_lock(&pipe->lock);
3b68aaea 706 __gss_unhash_msg(gss_msg);
9beae467 707 spin_unlock(&pipe->lock);
3b68aaea 708 gss_release_msg(gss_msg);
1da177e4
LT		 709err_put_ctx:
710 gss_put_ctx(ctx);
711err:
712 kfree(buf);
713out:
632f0d05 714 dprintk("RPC: %s returning %Zd\n", __func__, err);
1da177e4
LT		 715 return err;
716}
717
34769fc4 718static int gss_pipe_open(struct inode *inode, int new_version)
cf81939d 719{
2aed8b47
TM		 720 struct net *net = inode->i_sb->s_fs_info;
721 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
34769fc4
BF		 722 int ret = 0;
723
79a3f20b 724 spin_lock(&pipe_version_lock);
2aed8b47 725 if (sn->pipe_version < 0) {
34769fc4 726 /* First open of any gss pipe determines the version: */
2aed8b47 727 sn->pipe_version = new_version;
79a3f20b
BF		 728 rpc_wake_up(&pipe_version_rpc_waitqueue);
729 wake_up(&pipe_version_waitqueue);
2aed8b47 730 } else if (sn->pipe_version != new_version) {
34769fc4
BF		 731 /* Trying to open a pipe of a different version */
732 ret = -EBUSY;
733 goto out;
79a3f20b 734 }
2aed8b47 735 atomic_inc(&sn->pipe_users);
34769fc4 736out:
79a3f20b 737 spin_unlock(&pipe_version_lock);
34769fc4
BF		 738 return ret;
739
740}
741
742static int gss_pipe_open_v0(struct inode *inode)
743{
744 return gss_pipe_open(inode, 0);
745}
746
747static int gss_pipe_open_v1(struct inode *inode)
748{
749 return gss_pipe_open(inode, 1);
cf81939d
BF		 750}
751
1da177e4
LT		 752static void
753gss_pipe_release(struct inode *inode)
754{
2aed8b47 755 struct net *net = inode->i_sb->s_fs_info;
9beae467 756 struct rpc_pipe *pipe = RPC_I(inode)->pipe;
6e84c7b6 757 struct gss_upcall_msg *gss_msg;
1da177e4 758
5a67657a 759restart:
9beae467
SK		 760 spin_lock(&pipe->lock);
761 list_for_each_entry(gss_msg, &pipe->in_downcall, list) {
1da177e4 762
5a67657a
TM		 763 if (!list_empty(&gss_msg->msg.list))
764 continue;
1da177e4
LT		 765 gss_msg->msg.errno = -EPIPE;
766 atomic_inc(&gss_msg->count);
767 __gss_unhash_msg(gss_msg);
9beae467 768 spin_unlock(&pipe->lock);
1da177e4 769 gss_release_msg(gss_msg);
5a67657a 770 goto restart;
1da177e4 771 }
9beae467 772 spin_unlock(&pipe->lock);
cf81939d 773
2aed8b47 774 put_pipe_version(net);
1da177e4
LT		 775}
776
777static void
778gss_pipe_destroy_msg(struct rpc_pipe_msg *msg)
779{
780 struct gss_upcall_msg *gss_msg = container_of(msg, struct gss_upcall_msg, msg);
1da177e4
LT		 781
782 if (msg->errno < 0) {
632f0d05
CL		 783 dprintk("RPC: %s releasing msg %p\n",
784 __func__, gss_msg);
1da177e4
LT		 785 atomic_inc(&gss_msg->count);
786 gss_unhash_msg(gss_msg);
b03568c3
BF		 787 if (msg->errno == -ETIMEDOUT)
788 warn_gssd();
1da177e4
LT		 789 gss_release_msg(gss_msg);
790 }
791}
792
ccdc28f8
SK		 793static void gss_pipes_dentries_destroy(struct rpc_auth *auth)
794{
795 struct gss_auth *gss_auth;
796
797 gss_auth = container_of(auth, struct gss_auth, rpc_auth);
80df9d20
SK		 798 if (gss_auth->pipe[0]->dentry)
799 rpc_unlink(gss_auth->pipe[0]->dentry);
800 if (gss_auth->pipe[1]->dentry)
801 rpc_unlink(gss_auth->pipe[1]->dentry);
ccdc28f8
SK		 802}
803
804static int gss_pipes_dentries_create(struct rpc_auth *auth)
805{
806 int err;
807 struct gss_auth *gss_auth;
808 struct rpc_clnt *clnt;
809
810 gss_auth = container_of(auth, struct gss_auth, rpc_auth);
811 clnt = gss_auth->client;
812
30507f58 813 gss_auth->pipe[1]->dentry = rpc_mkpipe_dentry(clnt->cl_dentry,
ccdc28f8
SK		 814 "gssd",
815 clnt, gss_auth->pipe[1]);
816 if (IS_ERR(gss_auth->pipe[1]->dentry))
817 return PTR_ERR(gss_auth->pipe[1]->dentry);
30507f58 818 gss_auth->pipe[0]->dentry = rpc_mkpipe_dentry(clnt->cl_dentry,
ccdc28f8
SK		 819 gss_auth->mech->gm_name,
820 clnt, gss_auth->pipe[0]);
821 if (IS_ERR(gss_auth->pipe[0]->dentry)) {
822 err = PTR_ERR(gss_auth->pipe[0]->dentry);
823 goto err_unlink_pipe_1;
824 }
825 return 0;
826
827err_unlink_pipe_1:
828 rpc_unlink(gss_auth->pipe[1]->dentry);
829 return err;
830}
831
832static void gss_pipes_dentries_destroy_net(struct rpc_clnt *clnt,
833 struct rpc_auth *auth)
834{
2446ab60 835 struct net *net = rpc_net_ns(clnt);
ccdc28f8
SK		 836 struct super_block *sb;
837
838 sb = rpc_get_sb_net(net);
839 if (sb) {
30507f58 840 if (clnt->cl_dentry)
ccdc28f8
SK		 841 gss_pipes_dentries_destroy(auth);
842 rpc_put_sb_net(net);
843 }
844}
845
846static int gss_pipes_dentries_create_net(struct rpc_clnt *clnt,
847 struct rpc_auth *auth)
848{
2446ab60 849 struct net *net = rpc_net_ns(clnt);
ccdc28f8
SK		 850 struct super_block *sb;
851 int err = 0;
852
853 sb = rpc_get_sb_net(net);
854 if (sb) {
30507f58 855 if (clnt->cl_dentry)
ccdc28f8
SK		 856 err = gss_pipes_dentries_create(auth);
857 rpc_put_sb_net(net);
858 }
859 return err;
860}
861
cca5172a
YH		 862/*
863 * NOTE: we have the opportunity to use different
1da177e4
LT		 864 * parameters based on the input flavor (which must be a pseudoflavor)
865 */
866static struct rpc_auth *
c2190661 867gss_create(struct rpc_auth_create_args *args, struct rpc_clnt *clnt)
1da177e4 868{
c2190661 869 rpc_authflavor_t flavor = args->pseudoflavor;
1da177e4
LT		 870 struct gss_auth *gss_auth;
871 struct rpc_auth * auth;
6a19275a 872 int err = -ENOMEM; /* XXX? */
1da177e4 873
8885cb36 874 dprintk("RPC: creating GSS authenticator for client %p\n", clnt);
1da177e4
LT		 875
876 if (!try_module_get(THIS_MODULE))
6a19275a 877 return ERR_PTR(err);
1da177e4
LT		 878 if (!(gss_auth = kmalloc(sizeof(*gss_auth), GFP_KERNEL)))
879 goto out_dec;
bd4a3eb1 880 gss_auth->target_name = NULL;
c2190661
TM		 881 if (args->target_name) {
882 gss_auth->target_name = kstrdup(args->target_name, GFP_KERNEL);
bd4a3eb1
TM		 883 if (gss_auth->target_name == NULL)
884 goto err_free;
885 }
1da177e4 886 gss_auth->client = clnt;
6a19275a 887 err = -EINVAL;
1da177e4
LT		 888 gss_auth->mech = gss_mech_get_by_pseudoflavor(flavor);
889 if (!gss_auth->mech) {
9b1d75b7 890 dprintk("RPC: Pseudoflavor %d not found!\n", flavor);
1da177e4
LT		 891 goto err_free;
892 }
893 gss_auth->service = gss_pseudoflavor_to_service(gss_auth->mech, flavor);
438b6fde
BF		 894 if (gss_auth->service == 0)
895 goto err_put_mech;
1da177e4
LT		 896 auth = &gss_auth->rpc_auth;
897 auth->au_cslack = GSS_CRED_SLACK >> 2;
898 auth->au_rslack = GSS_VERF_SLACK >> 2;
899 auth->au_ops = &authgss_ops;
900 auth->au_flavor = flavor;
901 atomic_set(&auth->au_count, 1);
0285ed1f 902 kref_init(&gss_auth->kref);
1da177e4 903
34769fc4
BF		 904 /*
905 * Note: if we created the old pipe first, then someone who
906 * examined the directory at the right moment might conclude
907 * that we supported only the old pipe. So we instead create
908 * the new pipe first.
909 */
c239d83b
SK		 910 gss_auth->pipe[1] = rpc_mkpipe_data(&gss_upcall_ops_v1,
911 RPC_PIPE_WAIT_FOR_OPEN);
912 if (IS_ERR(gss_auth->pipe[1])) {
913 err = PTR_ERR(gss_auth->pipe[1]);
1da177e4 914 goto err_put_mech;
6a19275a 915 }
1da177e4 916
c239d83b
SK		 917 gss_auth->pipe[0] = rpc_mkpipe_data(&gss_upcall_ops_v0,
918 RPC_PIPE_WAIT_FOR_OPEN);
919 if (IS_ERR(gss_auth->pipe[0])) {
920 err = PTR_ERR(gss_auth->pipe[0]);
921 goto err_destroy_pipe_1;
922 }
ccdc28f8
SK		 923 err = gss_pipes_dentries_create_net(clnt, auth);
924 if (err)
c239d83b 925 goto err_destroy_pipe_0;
f5c2187c 926 err = rpcauth_init_credcache(auth);
07a2bf1d 927 if (err)
ccdc28f8 928 goto err_unlink_pipes;
07a2bf1d 929
1da177e4 930 return auth;
ccdc28f8
SK		 931err_unlink_pipes:
932 gss_pipes_dentries_destroy_net(clnt, auth);
c239d83b
SK		 933err_destroy_pipe_0:
934 rpc_destroy_pipe_data(gss_auth->pipe[0]);
935err_destroy_pipe_1:
936 rpc_destroy_pipe_data(gss_auth->pipe[1]);
1da177e4
LT		 937err_put_mech:
938 gss_mech_put(gss_auth->mech);
939err_free:
bd4a3eb1 940 kfree(gss_auth->target_name);
1da177e4
LT		 941 kfree(gss_auth);
942out_dec:
943 module_put(THIS_MODULE);
6a19275a 944 return ERR_PTR(err);
1da177e4
LT		 945}
946
0285ed1f
TM		 947static void
948gss_free(struct gss_auth *gss_auth)
949{
ccdc28f8 950 gss_pipes_dentries_destroy_net(gss_auth->client, &gss_auth->rpc_auth);
c239d83b
SK		 951 rpc_destroy_pipe_data(gss_auth->pipe[0]);
952 rpc_destroy_pipe_data(gss_auth->pipe[1]);
0285ed1f 953 gss_mech_put(gss_auth->mech);
bd4a3eb1 954 kfree(gss_auth->target_name);
0285ed1f
TM		 955
956 kfree(gss_auth);
957 module_put(THIS_MODULE);
958}
959
960static void
961gss_free_callback(struct kref *kref)
962{
963 struct gss_auth *gss_auth = container_of(kref, struct gss_auth, kref);
964
965 gss_free(gss_auth);
966}
967
1da177e4
LT		 968static void
969gss_destroy(struct rpc_auth *auth)
970{
971 struct gss_auth *gss_auth;
972
8885cb36
CL		 973 dprintk("RPC: destroying GSS authenticator %p flavor %d\n",
974 auth, auth->au_flavor);
1da177e4 975
3ab9bb72
TM		 976 rpcauth_destroy_credcache(auth);
977
1da177e4 978 gss_auth = container_of(auth, struct gss_auth, rpc_auth);
0285ed1f 979 kref_put(&gss_auth->kref, gss_free_callback);
1da177e4
LT		 980}
981
0df7fb74
TM		 982/*
983 * gss_destroying_context will cause the RPCSEC_GSS to send a NULL RPC call
984 * to the server with the GSS control procedure field set to
985 * RPC_GSS_PROC_DESTROY. This should normally cause the server to release
986 * all RPCSEC_GSS state associated with that context.
987 */
988static int
989gss_destroying_context(struct rpc_cred *cred)
990{
991 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
992 struct gss_auth *gss_auth = container_of(cred->cr_auth, struct gss_auth, rpc_auth);
993 struct rpc_task *task;
994
995 if (gss_cred->gc_ctx == NULL ||
6dcd3926 996 test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) == 0)
0df7fb74
TM		 997 return 0;
998
999 gss_cred->gc_ctx->gc_proc = RPC_GSS_PROC_DESTROY;
1000 cred->cr_ops = &gss_nullops;
1001
1002 /* Take a reference to ensure the cred will be destroyed either
1003 * by the RPC call or by the put_rpccred() below */
1004 get_rpccred(cred);
1005
080a1f14 1006 task = rpc_call_null(gss_auth->client, cred, RPC_TASK_ASYNC|RPC_TASK_SOFT);
0df7fb74
TM		 1007 if (!IS_ERR(task))
1008 rpc_put_task(task);
1009
1010 put_rpccred(cred);
1011 return 1;
1012}
1013
1014/* gss_destroy_cred (and gss_free_ctx) are used to clean up after failure
1da177e4
LT		 1015 * to create a new cred or context, so they check that things have been
1016 * allocated before freeing them. */
1017static void
5d28dc82 1018gss_do_free_ctx(struct gss_cl_ctx *ctx)
1da177e4 1019{
632f0d05 1020 dprintk("RPC: %s\n", __func__);
1da177e4 1021
0d8a3746 1022 gss_delete_sec_context(&ctx->gc_gss_ctx);
1da177e4
LT		 1023 kfree(ctx->gc_wire_ctx.data);
1024 kfree(ctx);
1025}
1026
5d28dc82
TM		 1027static void
1028gss_free_ctx_callback(struct rcu_head *head)
1029{
1030 struct gss_cl_ctx *ctx = container_of(head, struct gss_cl_ctx, gc_rcu);
1031 gss_do_free_ctx(ctx);
1032}
1033
1034static void
1035gss_free_ctx(struct gss_cl_ctx *ctx)
1036{
1037 call_rcu(&ctx->gc_rcu, gss_free_ctx_callback);
1038}
1039
1da177e4 1040static void
31be5bf1 1041gss_free_cred(struct gss_cred *gss_cred)
1da177e4 1042{
632f0d05 1043 dprintk("RPC: %s cred=%p\n", __func__, gss_cred);
31be5bf1
TM		 1044 kfree(gss_cred);
1045}
1da177e4 1046
31be5bf1
TM		 1047static void
1048gss_free_cred_callback(struct rcu_head *head)
1049{
1050 struct gss_cred *gss_cred = container_of(head, struct gss_cred, gc_base.cr_rcu);
1051 gss_free_cred(gss_cred);
1052}
1da177e4 1053
31be5bf1 1054static void
6dcd3926 1055gss_destroy_nullcred(struct rpc_cred *cred)
31be5bf1 1056{
5d28dc82 1057 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
0285ed1f 1058 struct gss_auth *gss_auth = container_of(cred->cr_auth, struct gss_auth, rpc_auth);
5d28dc82
TM		 1059 struct gss_cl_ctx *ctx = gss_cred->gc_ctx;
1060
a9b3cd7f 1061 RCU_INIT_POINTER(gss_cred->gc_ctx, NULL);
31be5bf1 1062 call_rcu(&cred->cr_rcu, gss_free_cred_callback);
5d28dc82
TM		 1063 if (ctx)
1064 gss_put_ctx(ctx);
0285ed1f 1065 kref_put(&gss_auth->kref, gss_free_callback);
1da177e4
LT		 1066}
1067
6dcd3926
JL		 1068static void
1069gss_destroy_cred(struct rpc_cred *cred)
1070{
1071
1072 if (gss_destroying_context(cred))
1073 return;
1074 gss_destroy_nullcred(cred);
1075}
1076
1da177e4
LT		 1077/*
1078 * Lookup RPCSEC_GSS cred for the current process
1079 */
1080static struct rpc_cred *
8a317760 1081gss_lookup_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
1da177e4 1082{
8a317760 1083 return rpcauth_lookup_credcache(auth, acred, flags);
1da177e4
LT		 1084}
1085
1086static struct rpc_cred *
8a317760 1087gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
1da177e4
LT		 1088{
1089 struct gss_auth *gss_auth = container_of(auth, struct gss_auth, rpc_auth);
1090 struct gss_cred *cred = NULL;
1091 int err = -ENOMEM;
1092
632f0d05 1093 dprintk("RPC: %s for uid %d, flavor %d\n",
cdba321e
EB		 1094 __func__, from_kuid(&init_user_ns, acred->uid),
1095 auth->au_flavor);
1da177e4 1096
0f38b873 1097 if (!(cred = kzalloc(sizeof(*cred), GFP_NOFS)))
1da177e4
LT		 1098 goto out_err;
1099
5fe4755e 1100 rpcauth_init_cred(&cred->gc_base, acred, auth, &gss_credops);
1da177e4
LT		 1101 /*
1102 * Note: in order to force a call to call_refresh(), we deliberately
1103 * fail to flag the credential as RPCAUTH_CRED_UPTODATE.
1104 */
fc432dd9 1105 cred->gc_base.cr_flags = 1UL << RPCAUTH_CRED_NEW;
1da177e4 1106 cred->gc_service = gss_auth->service;
68c97153
TM		 1107 cred->gc_principal = NULL;
1108 if (acred->machine_cred)
1109 cred->gc_principal = acred->principal;
0285ed1f 1110 kref_get(&gss_auth->kref);
1da177e4
LT		 1111 return &cred->gc_base;
1112
1113out_err:
632f0d05 1114 dprintk("RPC: %s failed with error %d\n", __func__, err);
1da177e4
LT		 1115 return ERR_PTR(err);
1116}
1117
fba3bad4
TM		 1118static int
1119gss_cred_init(struct rpc_auth *auth, struct rpc_cred *cred)
1120{
1121 struct gss_auth *gss_auth = container_of(auth, struct gss_auth, rpc_auth);
1122 struct gss_cred *gss_cred = container_of(cred,struct gss_cred, gc_base);
1123 int err;
1124
1125 do {
1126 err = gss_create_upcall(gss_auth, gss_cred);
1127 } while (err == -EAGAIN);
1128 return err;
1129}
1130
1da177e4 1131static int
8a317760 1132gss_match(struct auth_cred *acred, struct rpc_cred *rc, int flags)
1da177e4
LT		 1133{
1134 struct gss_cred *gss_cred = container_of(rc, struct gss_cred, gc_base);
1135
cd019f75 1136 if (test_bit(RPCAUTH_CRED_NEW, &rc->cr_flags))
8a317760 1137 goto out;
1da177e4 1138 /* Don't match with creds that have expired. */
cd019f75
TM		 1139 if (time_after(jiffies, gss_cred->gc_ctx->gc_expiry))
1140 return 0;
1141 if (!test_bit(RPCAUTH_CRED_UPTODATE, &rc->cr_flags))
1da177e4 1142 return 0;
8a317760 1143out:
68c97153
TM		 1144 if (acred->principal != NULL) {
1145 if (gss_cred->gc_principal == NULL)
1146 return 0;
1147 return strcmp(acred->principal, gss_cred->gc_principal) == 0;
1148 }
1149 if (gss_cred->gc_principal != NULL)
7c67db3a 1150 return 0;
0b4d51b0 1151 return uid_eq(rc->cr_uid, acred->uid);
1da177e4
LT		 1152}
1153
1154/*
1155* Marshal credentials.
1156* Maybe we should keep a cached credential for performance reasons.
1157*/
d8ed029d
AD		 1158static __be32 *
1159gss_marshal(struct rpc_task *task, __be32 *p)
1da177e4 1160{
a17c2153
TM		 1161 struct rpc_rqst *req = task->tk_rqstp;
1162 struct rpc_cred *cred = req->rq_cred;
1da177e4
LT		 1163 struct gss_cred *gss_cred = container_of(cred, struct gss_cred,
1164 gc_base);
1165 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
d8ed029d 1166 __be32 *cred_len;
1da177e4
LT		 1167 u32 maj_stat = 0;
1168 struct xdr_netobj mic;
1169 struct kvec iov;
1170 struct xdr_buf verf_buf;
1171
632f0d05 1172 dprintk("RPC: %5u %s\n", task->tk_pid, __func__);
1da177e4
LT		 1173
1174 *p++ = htonl(RPC_AUTH_GSS);
1175 cred_len = p++;
1176
1177 spin_lock(&ctx->gc_seq_lock);
1178 req->rq_seqno = ctx->gc_seq++;
1179 spin_unlock(&ctx->gc_seq_lock);
1180
1181 *p++ = htonl((u32) RPC_GSS_VERSION);
1182 *p++ = htonl((u32) ctx->gc_proc);
1183 *p++ = htonl((u32) req->rq_seqno);
1184 *p++ = htonl((u32) gss_cred->gc_service);
1185 p = xdr_encode_netobj(p, &ctx->gc_wire_ctx);
1186 *cred_len = htonl((p - (cred_len + 1)) << 2);
1187
1188 /* We compute the checksum for the verifier over the xdr-encoded bytes
1189 * starting with the xid and ending at the end of the credential: */
a4f0835c 1190 iov.iov_base = xprt_skip_transport_header(req->rq_xprt,
808012fb 1191 req->rq_snd_buf.head[0].iov_base);
1da177e4
LT		 1192 iov.iov_len = (u8 *)p - (u8 *)iov.iov_base;
1193 xdr_buf_from_iov(&iov, &verf_buf);
1194
1195 /* set verifier flavor*/
1196 *p++ = htonl(RPC_AUTH_GSS);
1197
1198 mic.data = (u8 *)(p + 1);
00fd6e14 1199 maj_stat = gss_get_mic(ctx->gc_gss_ctx, &verf_buf, &mic);
1da177e4 1200 if (maj_stat == GSS_S_CONTEXT_EXPIRED) {
fc432dd9 1201 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
1da177e4
LT		 1202 } else if (maj_stat != 0) {
1203 printk("gss_marshal: gss_get_mic FAILED (%d)\n", maj_stat);
1204 goto out_put_ctx;
1205 }
1206 p = xdr_encode_opaque(p, NULL, mic.len);
1207 gss_put_ctx(ctx);
1208 return p;
1209out_put_ctx:
1210 gss_put_ctx(ctx);
1211 return NULL;
1212}
1213
cd019f75
TM		 1214static int gss_renew_cred(struct rpc_task *task)
1215{
a17c2153 1216 struct rpc_cred *oldcred = task->tk_rqstp->rq_cred;
cd019f75
TM		 1217 struct gss_cred *gss_cred = container_of(oldcred,
1218 struct gss_cred,
1219 gc_base);
1220 struct rpc_auth *auth = oldcred->cr_auth;
1221 struct auth_cred acred = {
1222 .uid = oldcred->cr_uid,
68c97153
TM		 1223 .principal = gss_cred->gc_principal,
1224 .machine_cred = (gss_cred->gc_principal != NULL ? 1 : 0),
cd019f75
TM		 1225 };
1226 struct rpc_cred *new;
1227
1228 new = gss_lookup_cred(auth, &acred, RPCAUTH_LOOKUP_NEW);
1229 if (IS_ERR(new))
1230 return PTR_ERR(new);
a17c2153 1231 task->tk_rqstp->rq_cred = new;
cd019f75
TM		 1232 put_rpccred(oldcred);
1233 return 0;
1234}
1235
126e216a
TM		 1236static int gss_cred_is_negative_entry(struct rpc_cred *cred)
1237{
1238 if (test_bit(RPCAUTH_CRED_NEGATIVE, &cred->cr_flags)) {
1239 unsigned long now = jiffies;
1240 unsigned long begin, expire;
1241 struct gss_cred *gss_cred;
1242
1243 gss_cred = container_of(cred, struct gss_cred, gc_base);
1244 begin = gss_cred->gc_upcall_timestamp;
1245 expire = begin + gss_expired_cred_retry_delay * HZ;
1246
1247 if (time_in_range_open(now, begin, expire))
1248 return 1;
1249 }
1250 return 0;
1251}
1252
1da177e4
LT		 1253/*
1254* Refresh credentials. XXX - finish
1255*/
1256static int
1257gss_refresh(struct rpc_task *task)
1258{
a17c2153 1259 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
cd019f75
TM		 1260 int ret = 0;
1261
126e216a
TM		 1262 if (gss_cred_is_negative_entry(cred))
1263 return -EKEYEXPIRED;
1264
cd019f75
TM		 1265 if (!test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags) &&
1266 !test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags)) {
1267 ret = gss_renew_cred(task);
1268 if (ret < 0)
1269 goto out;
a17c2153 1270 cred = task->tk_rqstp->rq_cred;
cd019f75 1271 }
1da177e4 1272
cd019f75
TM		 1273 if (test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags))
1274 ret = gss_refresh_upcall(task);
1275out:
1276 return ret;
1da177e4
LT		 1277}
1278
0df7fb74
TM		 1279/* Dummy refresh routine: used only when destroying the context */
1280static int
1281gss_refresh_null(struct rpc_task *task)
1282{
1283 return -EACCES;
1284}
1285
d8ed029d
AD		 1286static __be32 *
1287gss_validate(struct rpc_task *task, __be32 *p)
1da177e4 1288{
a17c2153 1289 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
1da177e4 1290 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
d8ed029d 1291 __be32 seq;
1da177e4
LT		 1292 struct kvec iov;
1293 struct xdr_buf verf_buf;
1294 struct xdr_netobj mic;
1295 u32 flav,len;
1296 u32 maj_stat;
1297
632f0d05 1298 dprintk("RPC: %5u %s\n", task->tk_pid, __func__);
1da177e4
LT		 1299
1300 flav = ntohl(*p++);
1301 if ((len = ntohl(*p++)) > RPC_MAX_AUTH_SIZE)
cca5172a 1302 goto out_bad;
1da177e4
LT		 1303 if (flav != RPC_AUTH_GSS)
1304 goto out_bad;
1305 seq = htonl(task->tk_rqstp->rq_seqno);
1306 iov.iov_base = &seq;
1307 iov.iov_len = sizeof(seq);
1308 xdr_buf_from_iov(&iov, &verf_buf);
1309 mic.data = (u8 *)p;
1310 mic.len = len;
1311
00fd6e14 1312 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &verf_buf, &mic);
1da177e4 1313 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
fc432dd9 1314 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
0df7fb74 1315 if (maj_stat) {
632f0d05
CL		 1316 dprintk("RPC: %5u %s: gss_verify_mic returned error 0x%08x\n",
1317 task->tk_pid, __func__, maj_stat);
1da177e4 1318 goto out_bad;
0df7fb74 1319 }
24b2605b
BF		 1320 /* We leave it to unwrap to calculate au_rslack. For now we just
1321 * calculate the length of the verifier: */
1be27f36 1322 cred->cr_auth->au_verfsize = XDR_QUADLEN(len) + 2;
1da177e4 1323 gss_put_ctx(ctx);
632f0d05
CL		 1324 dprintk("RPC: %5u %s: gss_verify_mic succeeded.\n",
1325 task->tk_pid, __func__);
1da177e4
LT		 1326 return p + XDR_QUADLEN(len);
1327out_bad:
1328 gss_put_ctx(ctx);
632f0d05 1329 dprintk("RPC: %5u %s failed.\n", task->tk_pid, __func__);
1da177e4
LT		 1330 return NULL;
1331}
1332
9f06c719
CL		 1333static void gss_wrap_req_encode(kxdreproc_t encode, struct rpc_rqst *rqstp,
1334 __be32 *p, void *obj)
1335{
1336 struct xdr_stream xdr;
1337
1338 xdr_init_encode(&xdr, &rqstp->rq_snd_buf, p);
1339 encode(rqstp, &xdr, obj);
1340}
1341
1da177e4
LT		 1342static inline int
1343gss_wrap_req_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
9f06c719
CL		 1344 kxdreproc_t encode, struct rpc_rqst *rqstp,
1345 __be32 *p, void *obj)
1da177e4
LT		 1346{
1347 struct xdr_buf *snd_buf = &rqstp->rq_snd_buf;
1348 struct xdr_buf integ_buf;
d8ed029d 1349 __be32 *integ_len = NULL;
1da177e4 1350 struct xdr_netobj mic;
d8ed029d
AD		 1351 u32 offset;
1352 __be32 *q;
1da177e4
LT		 1353 struct kvec *iov;
1354 u32 maj_stat = 0;
1355 int status = -EIO;
1356
1357 integ_len = p++;
1358 offset = (u8 *)p - (u8 *)snd_buf->head[0].iov_base;
1359 *p++ = htonl(rqstp->rq_seqno);
1360
9f06c719 1361 gss_wrap_req_encode(encode, rqstp, p, obj);
1da177e4
LT		 1362
1363 if (xdr_buf_subsegment(snd_buf, &integ_buf,
1364 offset, snd_buf->len - offset))
1365 return status;
1366 *integ_len = htonl(integ_buf.len);
1367
1368 /* guess whether we're in the head or the tail: */
cca5172a 1369 if (snd_buf->page_len || snd_buf->tail[0].iov_len)
1da177e4
LT		 1370 iov = snd_buf->tail;
1371 else
1372 iov = snd_buf->head;
1373 p = iov->iov_base + iov->iov_len;
1374 mic.data = (u8 *)(p + 1);
1375
00fd6e14 1376 maj_stat = gss_get_mic(ctx->gc_gss_ctx, &integ_buf, &mic);
1da177e4
LT		 1377 status = -EIO; /* XXX? */
1378 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
fc432dd9 1379 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
1da177e4
LT		 1380 else if (maj_stat)
1381 return status;
1382 q = xdr_encode_opaque(p, NULL, mic.len);
1383
1384 offset = (u8 *)q - (u8 *)p;
1385 iov->iov_len += offset;
1386 snd_buf->len += offset;
1387 return 0;
1388}
1389
2d2da60c
BF		 1390static void
1391priv_release_snd_buf(struct rpc_rqst *rqstp)
1392{
1393 int i;
1394
1395 for (i=0; i < rqstp->rq_enc_pages_num; i++)
1396 __free_page(rqstp->rq_enc_pages[i]);
1397 kfree(rqstp->rq_enc_pages);
1398}
1399
1400static int
1401alloc_enc_pages(struct rpc_rqst *rqstp)
1402{
1403 struct xdr_buf *snd_buf = &rqstp->rq_snd_buf;
1404 int first, last, i;
1405
1406 if (snd_buf->page_len == 0) {
1407 rqstp->rq_enc_pages_num = 0;
1408 return 0;
1409 }
1410
1411 first = snd_buf->page_base >> PAGE_CACHE_SHIFT;
1412 last = (snd_buf->page_base + snd_buf->page_len - 1) >> PAGE_CACHE_SHIFT;
1413 rqstp->rq_enc_pages_num = last - first + 1 + 1;
1414 rqstp->rq_enc_pages
1415 = kmalloc(rqstp->rq_enc_pages_num * sizeof(struct page *),
1416 GFP_NOFS);
1417 if (!rqstp->rq_enc_pages)
1418 goto out;
1419 for (i=0; i < rqstp->rq_enc_pages_num; i++) {
1420 rqstp->rq_enc_pages[i] = alloc_page(GFP_NOFS);
1421 if (rqstp->rq_enc_pages[i] == NULL)
1422 goto out_free;
1423 }
1424 rqstp->rq_release_snd_buf = priv_release_snd_buf;
1425 return 0;
1426out_free:
cdead7cf
TM		 1427 rqstp->rq_enc_pages_num = i;
1428 priv_release_snd_buf(rqstp);
2d2da60c
BF		 1429out:
1430 return -EAGAIN;
1431}
1432
1433static inline int
1434gss_wrap_req_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
9f06c719
CL		 1435 kxdreproc_t encode, struct rpc_rqst *rqstp,
1436 __be32 *p, void *obj)
2d2da60c
BF		 1437{
1438 struct xdr_buf *snd_buf = &rqstp->rq_snd_buf;
1439 u32 offset;
1440 u32 maj_stat;
1441 int status;
d8ed029d 1442 __be32 *opaque_len;
2d2da60c
BF		 1443 struct page **inpages;
1444 int first;
1445 int pad;
1446 struct kvec *iov;
1447 char *tmp;
1448
1449 opaque_len = p++;
1450 offset = (u8 *)p - (u8 *)snd_buf->head[0].iov_base;
1451 *p++ = htonl(rqstp->rq_seqno);
1452
9f06c719 1453 gss_wrap_req_encode(encode, rqstp, p, obj);
2d2da60c
BF		 1454
1455 status = alloc_enc_pages(rqstp);
1456 if (status)
1457 return status;
1458 first = snd_buf->page_base >> PAGE_CACHE_SHIFT;
1459 inpages = snd_buf->pages + first;
1460 snd_buf->pages = rqstp->rq_enc_pages;
1461 snd_buf->page_base -= first << PAGE_CACHE_SHIFT;
7561042f
KC		 1462 /*
1463 * Give the tail its own page, in case we need extra space in the
1464 * head when wrapping:
1465 *
1466 * call_allocate() allocates twice the slack space required
1467 * by the authentication flavor to rq_callsize.
1468 * For GSS, slack is GSS_CRED_SLACK.
1469 */
2d2da60c
BF		 1470 if (snd_buf->page_len || snd_buf->tail[0].iov_len) {
1471 tmp = page_address(rqstp->rq_enc_pages[rqstp->rq_enc_pages_num - 1]);
1472 memcpy(tmp, snd_buf->tail[0].iov_base, snd_buf->tail[0].iov_len);
1473 snd_buf->tail[0].iov_base = tmp;
1474 }
00fd6e14 1475 maj_stat = gss_wrap(ctx->gc_gss_ctx, offset, snd_buf, inpages);
7561042f 1476 /* slack space should prevent this ever happening: */
2d2da60c 1477 BUG_ON(snd_buf->len > snd_buf->buflen);
cca5172a 1478 status = -EIO;
2d2da60c
BF		 1479 /* We're assuming that when GSS_S_CONTEXT_EXPIRED, the encryption was
1480 * done anyway, so it's safe to put the request on the wire: */
1481 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
fc432dd9 1482 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
2d2da60c
BF		 1483 else if (maj_stat)
1484 return status;
1485
1486 *opaque_len = htonl(snd_buf->len - offset);
1487 /* guess whether we're in the head or the tail: */
1488 if (snd_buf->page_len || snd_buf->tail[0].iov_len)
1489 iov = snd_buf->tail;
1490 else
1491 iov = snd_buf->head;
1492 p = iov->iov_base + iov->iov_len;
1493 pad = 3 - ((snd_buf->len - offset - 1) & 3);
1494 memset(p, 0, pad);
1495 iov->iov_len += pad;
1496 snd_buf->len += pad;
1497
1498 return 0;
1499}
1500
1da177e4
LT		 1501static int
1502gss_wrap_req(struct rpc_task *task,
9f06c719 1503 kxdreproc_t encode, void *rqstp, __be32 *p, void *obj)
1da177e4 1504{
a17c2153 1505 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
1da177e4
LT		 1506 struct gss_cred *gss_cred = container_of(cred, struct gss_cred,
1507 gc_base);
1508 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
1509 int status = -EIO;
1510
632f0d05 1511 dprintk("RPC: %5u %s\n", task->tk_pid, __func__);
1da177e4
LT		 1512 if (ctx->gc_proc != RPC_GSS_PROC_DATA) {
1513 /* The spec seems a little ambiguous here, but I think that not
1514 * wrapping context destruction requests makes the most sense.
1515 */
9f06c719
CL		 1516 gss_wrap_req_encode(encode, rqstp, p, obj);
1517 status = 0;
1da177e4
LT		 1518 goto out;
1519 }
1520 switch (gss_cred->gc_service) {
89f0e4fe
JP		 1521 case RPC_GSS_SVC_NONE:
1522 gss_wrap_req_encode(encode, rqstp, p, obj);
1523 status = 0;
1524 break;
1525 case RPC_GSS_SVC_INTEGRITY:
1526 status = gss_wrap_req_integ(cred, ctx, encode, rqstp, p, obj);
1527 break;
1528 case RPC_GSS_SVC_PRIVACY:
1529 status = gss_wrap_req_priv(cred, ctx, encode, rqstp, p, obj);
1530 break;
1da177e4
LT		 1531 }
1532out:
1533 gss_put_ctx(ctx);
632f0d05 1534 dprintk("RPC: %5u %s returning %d\n", task->tk_pid, __func__, status);
1da177e4
LT		 1535 return status;
1536}
1537
1538static inline int
1539gss_unwrap_resp_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
d8ed029d 1540 struct rpc_rqst *rqstp, __be32 **p)
1da177e4
LT		 1541{
1542 struct xdr_buf *rcv_buf = &rqstp->rq_rcv_buf;
1543 struct xdr_buf integ_buf;
1544 struct xdr_netobj mic;
1545 u32 data_offset, mic_offset;
1546 u32 integ_len;
1547 u32 maj_stat;
1548 int status = -EIO;
1549
1550 integ_len = ntohl(*(*p)++);
1551 if (integ_len & 3)
1552 return status;
1553 data_offset = (u8 *)(*p) - (u8 *)rcv_buf->head[0].iov_base;
1554 mic_offset = integ_len + data_offset;
1555 if (mic_offset > rcv_buf->len)
1556 return status;
1557 if (ntohl(*(*p)++) != rqstp->rq_seqno)
1558 return status;
1559
1560 if (xdr_buf_subsegment(rcv_buf, &integ_buf, data_offset,
1561 mic_offset - data_offset))
1562 return status;
1563
1564 if (xdr_buf_read_netobj(rcv_buf, &mic, mic_offset))
1565 return status;
1566
00fd6e14 1567 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &integ_buf, &mic);
1da177e4 1568 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
fc432dd9 1569 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
1da177e4
LT		 1570 if (maj_stat != GSS_S_COMPLETE)
1571 return status;
1572 return 0;
1573}
1574
2d2da60c
BF		 1575static inline int
1576gss_unwrap_resp_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
d8ed029d 1577 struct rpc_rqst *rqstp, __be32 **p)
2d2da60c
BF		 1578{
1579 struct xdr_buf *rcv_buf = &rqstp->rq_rcv_buf;
1580 u32 offset;
1581 u32 opaque_len;
1582 u32 maj_stat;
1583 int status = -EIO;
1584
1585 opaque_len = ntohl(*(*p)++);
1586 offset = (u8 *)(*p) - (u8 *)rcv_buf->head[0].iov_base;
1587 if (offset + opaque_len > rcv_buf->len)
1588 return status;
1589 /* remove padding: */
1590 rcv_buf->len = offset + opaque_len;
1591
00fd6e14 1592 maj_stat = gss_unwrap(ctx->gc_gss_ctx, offset, rcv_buf);
2d2da60c 1593 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
fc432dd9 1594 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
2d2da60c
BF		 1595 if (maj_stat != GSS_S_COMPLETE)
1596 return status;
1597 if (ntohl(*(*p)++) != rqstp->rq_seqno)
1598 return status;
1599
1600 return 0;
1601}
1602
bf269551
CL		 1603static int
1604gss_unwrap_req_decode(kxdrdproc_t decode, struct rpc_rqst *rqstp,
1605 __be32 *p, void *obj)
1606{
1607 struct xdr_stream xdr;
1608
1609 xdr_init_decode(&xdr, &rqstp->rq_rcv_buf, p);
1610 return decode(rqstp, &xdr, obj);
1611}
2d2da60c 1612
1da177e4
LT		 1613static int
1614gss_unwrap_resp(struct rpc_task *task,
bf269551 1615 kxdrdproc_t decode, void *rqstp, __be32 *p, void *obj)
1da177e4 1616{
a17c2153 1617 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
1da177e4
LT		 1618 struct gss_cred *gss_cred = container_of(cred, struct gss_cred,
1619 gc_base);
1620 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
d8ed029d 1621 __be32 *savedp = p;
2d2da60c
BF		 1622 struct kvec *head = ((struct rpc_rqst *)rqstp)->rq_rcv_buf.head;
1623 int savedlen = head->iov_len;
1da177e4
LT		 1624 int status = -EIO;
1625
1626 if (ctx->gc_proc != RPC_GSS_PROC_DATA)
1627 goto out_decode;
1628 switch (gss_cred->gc_service) {
89f0e4fe
JP		 1629 case RPC_GSS_SVC_NONE:
1630 break;
1631 case RPC_GSS_SVC_INTEGRITY:
1632 status = gss_unwrap_resp_integ(cred, ctx, rqstp, &p);
1633 if (status)
1634 goto out;
1635 break;
1636 case RPC_GSS_SVC_PRIVACY:
1637 status = gss_unwrap_resp_priv(cred, ctx, rqstp, &p);
1638 if (status)
1639 goto out;
1640 break;
1da177e4 1641 }
24b2605b 1642 /* take into account extra slack for integrity and privacy cases: */
1be27f36 1643 cred->cr_auth->au_rslack = cred->cr_auth->au_verfsize + (p - savedp)
2d2da60c 1644 + (savedlen - head->iov_len);
1da177e4 1645out_decode:
bf269551 1646 status = gss_unwrap_req_decode(decode, rqstp, p, obj);
1da177e4
LT		 1647out:
1648 gss_put_ctx(ctx);
632f0d05
CL		 1649 dprintk("RPC: %5u %s returning %d\n",
1650 task->tk_pid, __func__, status);
1da177e4
LT		 1651 return status;
1652}
cca5172a 1653
f1c0a861 1654static const struct rpc_authops authgss_ops = {
1da177e4
LT		 1655 .owner = THIS_MODULE,
1656 .au_flavor = RPC_AUTH_GSS,
1da177e4 1657 .au_name = "RPCSEC_GSS",
1da177e4
LT		 1658 .create = gss_create,
1659 .destroy = gss_destroy,
1660 .lookup_cred = gss_lookup_cred,
80df9d20
SK		 1661 .crcreate = gss_create_cred,
1662 .pipes_create = gss_pipes_dentries_create,
1663 .pipes_destroy = gss_pipes_dentries_destroy,
6a1a1e34 1664 .list_pseudoflavors = gss_mech_list_pseudoflavors,
9568c5e9 1665 .info2flavor = gss_mech_info2flavor,
a77c806f 1666 .flavor2info = gss_mech_flavor2info,
1da177e4
LT		 1667};
1668
f1c0a861 1669static const struct rpc_credops gss_credops = {
1da177e4
LT		 1670 .cr_name = "AUTH_GSS",
1671 .crdestroy = gss_destroy_cred,
fba3bad4 1672 .cr_init = gss_cred_init,
5c691044 1673 .crbind = rpcauth_generic_bind_cred,
1da177e4
LT		 1674 .crmatch = gss_match,
1675 .crmarshal = gss_marshal,
1676 .crrefresh = gss_refresh,
1677 .crvalidate = gss_validate,
1678 .crwrap_req = gss_wrap_req,
1679 .crunwrap_resp = gss_unwrap_resp,
1680};
1681
0df7fb74
TM		 1682static const struct rpc_credops gss_nullops = {
1683 .cr_name = "AUTH_GSS",
6dcd3926 1684 .crdestroy = gss_destroy_nullcred,
5c691044 1685 .crbind = rpcauth_generic_bind_cred,
0df7fb74
TM		 1686 .crmatch = gss_match,
1687 .crmarshal = gss_marshal,
1688 .crrefresh = gss_refresh_null,
1689 .crvalidate = gss_validate,
1690 .crwrap_req = gss_wrap_req,
1691 .crunwrap_resp = gss_unwrap_resp,
1692};
1693
b693ba4a 1694static const struct rpc_pipe_ops gss_upcall_ops_v0 = {
c1225158 1695 .upcall = rpc_pipe_generic_upcall,
34769fc4
BF		 1696 .downcall = gss_pipe_downcall,
1697 .destroy_msg = gss_pipe_destroy_msg,
1698 .open_pipe = gss_pipe_open_v0,
1699 .release_pipe = gss_pipe_release,
1700};
1701
b693ba4a 1702static const struct rpc_pipe_ops gss_upcall_ops_v1 = {
c1225158 1703 .upcall = rpc_pipe_generic_upcall,
1da177e4
LT		 1704 .downcall = gss_pipe_downcall,
1705 .destroy_msg = gss_pipe_destroy_msg,
34769fc4 1706 .open_pipe = gss_pipe_open_v1,
1da177e4
LT		 1707 .release_pipe = gss_pipe_release,
1708};
1709
a1db410d
SK		 1710static __net_init int rpcsec_gss_init_net(struct net *net)
1711{
1712 return gss_svc_init_net(net);
1713}
1714
1715static __net_exit void rpcsec_gss_exit_net(struct net *net)
1716{
1717 gss_svc_shutdown_net(net);
1718}
1719
1720static struct pernet_operations rpcsec_gss_net_ops = {
1721 .init = rpcsec_gss_init_net,
1722 .exit = rpcsec_gss_exit_net,
1723};
1724
1da177e4
LT		 1725/*
1726 * Initialize RPCSEC_GSS module
1727 */
1728static int __init init_rpcsec_gss(void)
1729{
1730 int err = 0;
1731
1732 err = rpcauth_register(&authgss_ops);
1733 if (err)
1734 goto out;
1735 err = gss_svc_init();
1736 if (err)
1737 goto out_unregister;
a1db410d
SK		 1738 err = register_pernet_subsys(&rpcsec_gss_net_ops);
1739 if (err)
1740 goto out_svc_exit;
79a3f20b 1741 rpc_init_wait_queue(&pipe_version_rpc_waitqueue, "gss pipe version");
1da177e4 1742 return 0;
a1db410d
SK		 1743out_svc_exit:
1744 gss_svc_shutdown();
1da177e4
LT		 1745out_unregister:
1746 rpcauth_unregister(&authgss_ops);
1747out:
1748 return err;
1749}
1750
1751static void __exit exit_rpcsec_gss(void)
1752{
a1db410d 1753 unregister_pernet_subsys(&rpcsec_gss_net_ops);
1da177e4
LT		 1754 gss_svc_shutdown();
1755 rpcauth_unregister(&authgss_ops);
bf12691d 1756 rcu_barrier(); /* Wait for completion of call_rcu()'s */
1da177e4
LT		 1757}
1758
71afa85e 1759MODULE_ALIAS("rpc-auth-6");
1da177e4 1760MODULE_LICENSE("GPL");
126e216a
TM		 1761module_param_named(expired_cred_retry_delay,
1762 gss_expired_cred_retry_delay,
1763 uint, 0644);
1764MODULE_PARM_DESC(expired_cred_retry_delay, "Timeout (in seconds) until "
1765 "the RPC engine retries an expired credential");
1766
1da177e4
LT		 1767module_init(init_rpcsec_gss)
1768module_exit(exit_rpcsec_gss)
Linux kernel - Deliverables
This page took 0.798343 seconds and 5 git commands to generate.