projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
SUNRPC: don't map EKEYEXPIRED to EACCES in call_refreshresult
[deliverable/linux.git] / net / sunrpc / auth_gss / auth_gss.c
CommitLineData
1da177e4 1/*
f30c2269 2 * linux/net/sunrpc/auth_gss/auth_gss.c
1da177e4
LT		 3 *
4 * RPCSEC_GSS client authentication.
cca5172a 5 *
1da177e4
LT		 6 * Copyright (c) 2000 The Regents of the University of Michigan.
7 * All rights reserved.
8 *
9 * Dug Song <dugsong@monkey.org>
10 * Andy Adamson <andros@umich.edu>
11 *
12 * Redistribution and use in source and binary forms, with or without
13 * modification, are permitted provided that the following conditions
14 * are met:
15 *
16 * 1. Redistributions of source code must retain the above copyright
17 * notice, this list of conditions and the following disclaimer.
18 * 2. Redistributions in binary form must reproduce the above copyright
19 * notice, this list of conditions and the following disclaimer in the
20 * documentation and/or other materials provided with the distribution.
21 * 3. Neither the name of the University nor the names of its
22 * contributors may be used to endorse or promote products derived
23 * from this software without specific prior written permission.
24 *
25 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
26 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
27 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
28 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
29 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
30 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
31 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
32 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
33 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
34 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
1da177e4
LT		 36 */
37
38
39#include <linux/module.h>
40#include <linux/init.h>
41#include <linux/types.h>
42#include <linux/slab.h>
1da177e4 43#include <linux/sched.h>
2d2da60c 44#include <linux/pagemap.h>
1da177e4
LT		 45#include <linux/sunrpc/clnt.h>
46#include <linux/sunrpc/auth.h>
47#include <linux/sunrpc/auth_gss.h>
48#include <linux/sunrpc/svcauth_gss.h>
49#include <linux/sunrpc/gss_err.h>
50#include <linux/workqueue.h>
51#include <linux/sunrpc/rpc_pipe_fs.h>
52#include <linux/sunrpc/gss_api.h>
53#include <asm/uaccess.h>
eb6dc19d 54#include <linux/hashtable.h>
1da177e4 55
abfdbd53
TM		 56#include "../netns.h"
57
f1c0a861 58static const struct rpc_authops authgss_ops;
1da177e4 59
f1c0a861 60static const struct rpc_credops gss_credops;
0df7fb74 61static const struct rpc_credops gss_nullops;
1da177e4 62
126e216a
TM		 63#define GSS_RETRY_EXPIRED 5
64static unsigned int gss_expired_cred_retry_delay = GSS_RETRY_EXPIRED;
65
1da177e4
LT		 66#ifdef RPC_DEBUG
67# define RPCDBG_FACILITY RPCDBG_AUTH
68#endif
69
725f2865 70#define GSS_CRED_SLACK (RPC_MAX_AUTH_SIZE * 2)
1da177e4
LT		 71/* length of a krb5 verifier (48), plus data added before arguments when
72 * using integrity (two 4-byte integers): */
adeb8133 73#define GSS_VERF_SLACK 100
1da177e4 74
eb6dc19d
TM		 75static DEFINE_HASHTABLE(gss_auth_hash_table, 16);
76static DEFINE_SPINLOCK(gss_auth_hash_lock);
77
19172284
TM		 78struct gss_pipe {
79 struct rpc_pipe_dir_object pdo;
80 struct rpc_pipe *pipe;
81 struct rpc_clnt *clnt;
82 const char *name;
414a6295 83 struct kref kref;
19172284
TM		 84};
85
1da177e4 86struct gss_auth {
0285ed1f 87 struct kref kref;
eb6dc19d 88 struct hlist_node hash;
1da177e4
LT		 89 struct rpc_auth rpc_auth;
90 struct gss_api_mech *mech;
91 enum rpc_gss_svc service;
1da177e4 92 struct rpc_clnt *client;
e726340a 93 struct net *net;
34769fc4
BF		 94 /*
95 * There are two upcall pipes; dentry[1], named "gssd", is used
96 * for the new text-based upcall; dentry[0] is named after the
97 * mechanism (for example, "krb5") and exists for
98 * backwards-compatibility with older gssd's.
99 */
19172284 100 struct gss_pipe *gss_pipe[2];
bd4a3eb1 101 const char *target_name;
1da177e4
LT		 102};
103
79a3f20b 104/* pipe_version >= 0 if and only if someone has a pipe open. */
79a3f20b
BF		 105static DEFINE_SPINLOCK(pipe_version_lock);
106static struct rpc_wait_queue pipe_version_rpc_waitqueue;
107static DECLARE_WAIT_QUEUE_HEAD(pipe_version_waitqueue);
cf81939d 108
5d28dc82 109static void gss_free_ctx(struct gss_cl_ctx *);
b693ba4a
TM		 110static const struct rpc_pipe_ops gss_upcall_ops_v0;
111static const struct rpc_pipe_ops gss_upcall_ops_v1;
1da177e4 112
1da177e4
LT		 113static inline struct gss_cl_ctx *
114gss_get_ctx(struct gss_cl_ctx *ctx)
115{
116 atomic_inc(&ctx->count);
117 return ctx;
118}
119
120static inline void
121gss_put_ctx(struct gss_cl_ctx *ctx)
122{
123 if (atomic_dec_and_test(&ctx->count))
5d28dc82 124 gss_free_ctx(ctx);
1da177e4
LT		 125}
126
5d28dc82
TM		 127/* gss_cred_set_ctx:
128 * called by gss_upcall_callback and gss_create_upcall in order
129 * to set the gss context. The actual exchange of an old context
9beae467 130 * and a new one is protected by the pipe->lock.
5d28dc82 131 */
1da177e4
LT		 132static void
133gss_cred_set_ctx(struct rpc_cred *cred, struct gss_cl_ctx *ctx)
134{
135 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
5d28dc82 136
cd019f75
TM		 137 if (!test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags))
138 return;
7b6962b0 139 gss_get_ctx(ctx);
cf778b00 140 rcu_assign_pointer(gss_cred->gc_ctx, ctx);
fc432dd9 141 set_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
cd019f75 142 smp_mb__before_clear_bit();
fc432dd9 143 clear_bit(RPCAUTH_CRED_NEW, &cred->cr_flags);
1da177e4
LT		 144}
145
146static const void *
147simple_get_bytes(const void *p, const void *end, void *res, size_t len)
148{
149 const void *q = (const void *)((const char *)p + len);
150 if (unlikely(q > end || q < p))
151 return ERR_PTR(-EFAULT);
152 memcpy(res, p, len);
153 return q;
154}
155
156static inline const void *
157simple_get_netobj(const void *p, const void *end, struct xdr_netobj *dest)
158{
159 const void *q;
160 unsigned int len;
161
162 p = simple_get_bytes(p, end, &len, sizeof(len));
163 if (IS_ERR(p))
164 return p;
165 q = (const void *)((const char *)p + len);
166 if (unlikely(q > end || q < p))
167 return ERR_PTR(-EFAULT);
0f38b873 168 dest->data = kmemdup(p, len, GFP_NOFS);
1da177e4
LT		 169 if (unlikely(dest->data == NULL))
170 return ERR_PTR(-ENOMEM);
171 dest->len = len;
1da177e4
LT		 172 return q;
173}
174
175static struct gss_cl_ctx *
176gss_cred_get_ctx(struct rpc_cred *cred)
177{
178 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
179 struct gss_cl_ctx *ctx = NULL;
180
5d28dc82 181 rcu_read_lock();
1da177e4
LT		 182 if (gss_cred->gc_ctx)
183 ctx = gss_get_ctx(gss_cred->gc_ctx);
5d28dc82 184 rcu_read_unlock();
1da177e4
LT		 185 return ctx;
186}
187
188static struct gss_cl_ctx *
189gss_alloc_context(void)
190{
191 struct gss_cl_ctx *ctx;
192
0f38b873 193 ctx = kzalloc(sizeof(*ctx), GFP_NOFS);
1da177e4 194 if (ctx != NULL) {
1da177e4
LT		 195 ctx->gc_proc = RPC_GSS_PROC_DATA;
196 ctx->gc_seq = 1; /* NetApp 6.4R1 doesn't accept seq. no. 0 */
197 spin_lock_init(&ctx->gc_seq_lock);
198 atomic_set(&ctx->count,1);
199 }
200 return ctx;
201}
202
203#define GSSD_MIN_TIMEOUT (60 * 60)
204static const void *
205gss_fill_context(const void *p, const void *end, struct gss_cl_ctx *ctx, struct gss_api_mech *gm)
206{
207 const void *q;
208 unsigned int seclen;
209 unsigned int timeout;
620038f6 210 unsigned long now = jiffies;
1da177e4
LT		 211 u32 window_size;
212 int ret;
213
620038f6
AA		 214 /* First unsigned int gives the remaining lifetime in seconds of the
215 * credential - e.g. the remaining TGT lifetime for Kerberos or
216 * the -t value passed to GSSD.
217 */
1da177e4
LT		 218 p = simple_get_bytes(p, end, &timeout, sizeof(timeout));
219 if (IS_ERR(p))
220 goto err;
221 if (timeout == 0)
222 timeout = GSSD_MIN_TIMEOUT;
620038f6
AA		 223 ctx->gc_expiry = now + ((unsigned long)timeout * HZ);
224 /* Sequence number window. Determines the maximum number of
225 * simultaneous requests
226 */
1da177e4
LT		 227 p = simple_get_bytes(p, end, &window_size, sizeof(window_size));
228 if (IS_ERR(p))
229 goto err;
230 ctx->gc_win = window_size;
231 /* gssd signals an error by passing ctx->gc_win = 0: */
232 if (ctx->gc_win == 0) {
dc5ddce9
JL		 233 /*
234 * in which case, p points to an error code. Anything other
235 * than -EKEYEXPIRED gets converted to -EACCES.
236 */
237 p = simple_get_bytes(p, end, &ret, sizeof(ret));
238 if (!IS_ERR(p))
239 p = (ret == -EKEYEXPIRED) ? ERR_PTR(-EKEYEXPIRED) :
240 ERR_PTR(-EACCES);
1da177e4
LT		 241 goto err;
242 }
243 /* copy the opaque wire context */
244 p = simple_get_netobj(p, end, &ctx->gc_wire_ctx);
245 if (IS_ERR(p))
246 goto err;
247 /* import the opaque security context */
248 p = simple_get_bytes(p, end, &seclen, sizeof(seclen));
249 if (IS_ERR(p))
250 goto err;
251 q = (const void *)((const char *)p + seclen);
252 if (unlikely(q > end || q < p)) {
253 p = ERR_PTR(-EFAULT);
254 goto err;
255 }
400f26b5 256 ret = gss_import_sec_context(p, seclen, gm, &ctx->gc_gss_ctx, NULL, GFP_NOFS);
1da177e4
LT		 257 if (ret < 0) {
258 p = ERR_PTR(ret);
259 goto err;
260 }
620038f6
AA		 261 dprintk("RPC: %s Success. gc_expiry %lu now %lu timeout %u\n",
262 __func__, ctx->gc_expiry, now, timeout);
1da177e4
LT		 263 return q;
264err:
173db309 265 dprintk("RPC: %s returns error %ld\n", __func__, -PTR_ERR(p));
1da177e4
LT		 266 return p;
267}
268
34769fc4 269#define UPCALL_BUF_LEN 128
1da177e4
LT		 270
271struct gss_upcall_msg {
272 atomic_t count;
7eaf040b 273 kuid_t uid;
1da177e4
LT		 274 struct rpc_pipe_msg msg;
275 struct list_head list;
276 struct gss_auth *auth;
9beae467 277 struct rpc_pipe *pipe;
1da177e4
LT		 278 struct rpc_wait_queue rpc_waitqueue;
279 wait_queue_head_t waitqueue;
280 struct gss_cl_ctx *ctx;
34769fc4 281 char databuf[UPCALL_BUF_LEN];
1da177e4
LT		 282};
283
2aed8b47 284static int get_pipe_version(struct net *net)
79a3f20b 285{
2aed8b47 286 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
79a3f20b
BF		 287 int ret;
288
289 spin_lock(&pipe_version_lock);
2aed8b47
TM		 290 if (sn->pipe_version >= 0) {
291 atomic_inc(&sn->pipe_users);
292 ret = sn->pipe_version;
79a3f20b
BF		 293 } else
294 ret = -EAGAIN;
295 spin_unlock(&pipe_version_lock);
296 return ret;
297}
298
2aed8b47 299static void put_pipe_version(struct net *net)
79a3f20b 300{
2aed8b47
TM		 301 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
302
303 if (atomic_dec_and_lock(&sn->pipe_users, &pipe_version_lock)) {
304 sn->pipe_version = -1;
79a3f20b
BF		 305 spin_unlock(&pipe_version_lock);
306 }
307}
308
1da177e4
LT		 309static void
310gss_release_msg(struct gss_upcall_msg *gss_msg)
311{
e726340a 312 struct net *net = gss_msg->auth->net;
1da177e4
LT		 313 if (!atomic_dec_and_test(&gss_msg->count))
314 return;
2aed8b47 315 put_pipe_version(net);
1da177e4
LT		 316 BUG_ON(!list_empty(&gss_msg->list));
317 if (gss_msg->ctx != NULL)
318 gss_put_ctx(gss_msg->ctx);
f6a1cc89 319 rpc_destroy_wait_queue(&gss_msg->rpc_waitqueue);
1da177e4
LT		 320 kfree(gss_msg);
321}
322
323static struct gss_upcall_msg *
7eaf040b 324__gss_find_upcall(struct rpc_pipe *pipe, kuid_t uid)
1da177e4
LT		 325{
326 struct gss_upcall_msg *pos;
9beae467 327 list_for_each_entry(pos, &pipe->in_downcall, list) {
0b4d51b0 328 if (!uid_eq(pos->uid, uid))
1da177e4
LT		 329 continue;
330 atomic_inc(&pos->count);
632f0d05 331 dprintk("RPC: %s found msg %p\n", __func__, pos);
1da177e4
LT		 332 return pos;
333 }
632f0d05 334 dprintk("RPC: %s found nothing\n", __func__);
1da177e4
LT		 335 return NULL;
336}
337
720b8f2d 338/* Try to add an upcall to the pipefs queue.
1da177e4
LT		 339 * If an upcall owned by our uid already exists, then we return a reference
340 * to that upcall instead of adding the new upcall.
341 */
342static inline struct gss_upcall_msg *
053e324f 343gss_add_msg(struct gss_upcall_msg *gss_msg)
1da177e4 344{
9beae467 345 struct rpc_pipe *pipe = gss_msg->pipe;
1da177e4
LT		 346 struct gss_upcall_msg *old;
347
9beae467
SK		 348 spin_lock(&pipe->lock);
349 old = __gss_find_upcall(pipe, gss_msg->uid);
1da177e4
LT		 350 if (old == NULL) {
351 atomic_inc(&gss_msg->count);
9beae467 352 list_add(&gss_msg->list, &pipe->in_downcall);
1da177e4
LT		 353 } else
354 gss_msg = old;
9beae467 355 spin_unlock(&pipe->lock);
1da177e4
LT		 356 return gss_msg;
357}
358
359static void
360__gss_unhash_msg(struct gss_upcall_msg *gss_msg)
361{
1da177e4
LT		 362 list_del_init(&gss_msg->list);
363 rpc_wake_up_status(&gss_msg->rpc_waitqueue, gss_msg->msg.errno);
364 wake_up_all(&gss_msg->waitqueue);
365 atomic_dec(&gss_msg->count);
366}
367
368static void
369gss_unhash_msg(struct gss_upcall_msg *gss_msg)
370{
9beae467 371 struct rpc_pipe *pipe = gss_msg->pipe;
1da177e4 372
3b68aaea
TM		 373 if (list_empty(&gss_msg->list))
374 return;
9beae467 375 spin_lock(&pipe->lock);
3b68aaea
TM		 376 if (!list_empty(&gss_msg->list))
377 __gss_unhash_msg(gss_msg);
9beae467 378 spin_unlock(&pipe->lock);
1da177e4
LT		 379}
380
126e216a
TM		 381static void
382gss_handle_downcall_result(struct gss_cred *gss_cred, struct gss_upcall_msg *gss_msg)
383{
384 switch (gss_msg->msg.errno) {
385 case 0:
386 if (gss_msg->ctx == NULL)
387 break;
388 clear_bit(RPCAUTH_CRED_NEGATIVE, &gss_cred->gc_base.cr_flags);
389 gss_cred_set_ctx(&gss_cred->gc_base, gss_msg->ctx);
390 break;
391 case -EKEYEXPIRED:
392 set_bit(RPCAUTH_CRED_NEGATIVE, &gss_cred->gc_base.cr_flags);
393 }
394 gss_cred->gc_upcall_timestamp = jiffies;
395 gss_cred->gc_upcall = NULL;
396 rpc_wake_up_status(&gss_msg->rpc_waitqueue, gss_msg->msg.errno);
397}
398
1da177e4
LT		 399static void
400gss_upcall_callback(struct rpc_task *task)
401{
a17c2153 402 struct gss_cred *gss_cred = container_of(task->tk_rqstp->rq_cred,
1da177e4
LT		 403 struct gss_cred, gc_base);
404 struct gss_upcall_msg *gss_msg = gss_cred->gc_upcall;
9beae467 405 struct rpc_pipe *pipe = gss_msg->pipe;
1da177e4 406
9beae467 407 spin_lock(&pipe->lock);
126e216a 408 gss_handle_downcall_result(gss_cred, gss_msg);
9beae467 409 spin_unlock(&pipe->lock);
126e216a 410 task->tk_status = gss_msg->msg.errno;
1da177e4
LT		 411 gss_release_msg(gss_msg);
412}
413
34769fc4
BF		 414static void gss_encode_v0_msg(struct gss_upcall_msg *gss_msg)
415{
90602c7b
EB		 416 uid_t uid = from_kuid(&init_user_ns, gss_msg->uid);
417 memcpy(gss_msg->databuf, &uid, sizeof(uid));
418 gss_msg->msg.data = gss_msg->databuf;
419 gss_msg->msg.len = sizeof(uid);
420 BUG_ON(sizeof(uid) > UPCALL_BUF_LEN);
34769fc4
BF		 421}
422
8b1c7bf5 423static void gss_encode_v1_msg(struct gss_upcall_msg *gss_msg,
bd4a3eb1
TM		 424 const char *service_name,
425 const char *target_name)
34769fc4 426{
683ac665 427 struct gss_api_mech *mech = gss_msg->auth->mech;
8b1c7bf5
OK		 428 char *p = gss_msg->databuf;
429 int len = 0;
430
431 gss_msg->msg.len = sprintf(gss_msg->databuf, "mech=%s uid=%d ",
683ac665 432 mech->gm_name,
90602c7b 433 from_kuid(&init_user_ns, gss_msg->uid));
8b1c7bf5 434 p += gss_msg->msg.len;
bd4a3eb1
TM		 435 if (target_name) {
436 len = sprintf(p, "target=%s ", target_name);
8b1c7bf5
OK		 437 p += len;
438 gss_msg->msg.len += len;
439 }
68c97153
TM		 440 if (service_name != NULL) {
441 len = sprintf(p, "service=%s ", service_name);
2efef708
OK		 442 p += len;
443 gss_msg->msg.len += len;
444 }
683ac665 445 if (mech->gm_upcall_enctypes) {
f8628220 446 len = sprintf(p, "enctypes=%s ", mech->gm_upcall_enctypes);
683ac665
TM		 447 p += len;
448 gss_msg->msg.len += len;
449 }
8b1c7bf5
OK		 450 len = sprintf(p, "\n");
451 gss_msg->msg.len += len;
452
34769fc4
BF		 453 gss_msg->msg.data = gss_msg->databuf;
454 BUG_ON(gss_msg->msg.len > UPCALL_BUF_LEN);
455}
456
68c97153 457static struct gss_upcall_msg *
e726340a 458gss_alloc_msg(struct gss_auth *gss_auth,
7eaf040b 459 kuid_t uid, const char *service_name)
1da177e4
LT		 460{
461 struct gss_upcall_msg *gss_msg;
79a3f20b 462 int vers;
1da177e4 463
0f38b873 464 gss_msg = kzalloc(sizeof(*gss_msg), GFP_NOFS);
db75b3d6
BF		 465 if (gss_msg == NULL)
466 return ERR_PTR(-ENOMEM);
e726340a 467 vers = get_pipe_version(gss_auth->net);
79a3f20b
BF		 468 if (vers < 0) {
469 kfree(gss_msg);
470 return ERR_PTR(vers);
471 }
19172284 472 gss_msg->pipe = gss_auth->gss_pipe[vers]->pipe;
db75b3d6
BF		 473 INIT_LIST_HEAD(&gss_msg->list);
474 rpc_init_wait_queue(&gss_msg->rpc_waitqueue, "RPCSEC_GSS upcall waitq");
475 init_waitqueue_head(&gss_msg->waitqueue);
476 atomic_set(&gss_msg->count, 1);
db75b3d6
BF		 477 gss_msg->uid = uid;
478 gss_msg->auth = gss_auth;
bd4a3eb1
TM		 479 switch (vers) {
480 case 0:
481 gss_encode_v0_msg(gss_msg);
482 default:
483 gss_encode_v1_msg(gss_msg, service_name, gss_auth->target_name);
484 };
1da177e4
LT		 485 return gss_msg;
486}
487
488static struct gss_upcall_msg *
e726340a 489gss_setup_upcall(struct gss_auth *gss_auth, struct rpc_cred *cred)
1da177e4 490{
7c67db3a
TM		 491 struct gss_cred *gss_cred = container_of(cred,
492 struct gss_cred, gc_base);
1da177e4 493 struct gss_upcall_msg *gss_new, *gss_msg;
7eaf040b 494 kuid_t uid = cred->cr_uid;
1da177e4 495
e726340a 496 gss_new = gss_alloc_msg(gss_auth, uid, gss_cred->gc_principal);
db75b3d6
BF		 497 if (IS_ERR(gss_new))
498 return gss_new;
053e324f 499 gss_msg = gss_add_msg(gss_new);
1da177e4 500 if (gss_msg == gss_new) {
9beae467 501 int res = rpc_queue_upcall(gss_new->pipe, &gss_new->msg);
1da177e4
LT		 502 if (res) {
503 gss_unhash_msg(gss_new);
504 gss_msg = ERR_PTR(res);
505 }
506 } else
507 gss_release_msg(gss_new);
508 return gss_msg;
509}
510
b03568c3
BF		 511static void warn_gssd(void)
512{
513 static unsigned long ratelimit;
514 unsigned long now = jiffies;
515
516 if (time_after(now, ratelimit)) {
517 printk(KERN_WARNING "RPC: AUTH_GSS upcall timed out.\n"
518 "Please check user daemon is running.\n");
519 ratelimit = now + 15*HZ;
520 }
521}
522
1da177e4
LT		 523static inline int
524gss_refresh_upcall(struct rpc_task *task)
525{
a17c2153 526 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
4a8c1344 527 struct gss_auth *gss_auth = container_of(cred->cr_auth,
1da177e4
LT		 528 struct gss_auth, rpc_auth);
529 struct gss_cred *gss_cred = container_of(cred,
530 struct gss_cred, gc_base);
531 struct gss_upcall_msg *gss_msg;
9beae467 532 struct rpc_pipe *pipe;
1da177e4
LT		 533 int err = 0;
534
632f0d05 535 dprintk("RPC: %5u %s for uid %u\n",
cdba321e 536 task->tk_pid, __func__, from_kuid(&init_user_ns, cred->cr_uid));
e726340a 537 gss_msg = gss_setup_upcall(gss_auth, cred);
480e3243 538 if (PTR_ERR(gss_msg) == -EAGAIN) {
79a3f20b
BF		 539 /* XXX: warning on the first, under the assumption we
540 * shouldn't normally hit this case on a refresh. */
541 warn_gssd();
542 task->tk_timeout = 15*HZ;
543 rpc_sleep_on(&pipe_version_rpc_waitqueue, task, NULL);
d1a8016a 544 return -EAGAIN;
79a3f20b 545 }
1da177e4
LT		 546 if (IS_ERR(gss_msg)) {
547 err = PTR_ERR(gss_msg);
548 goto out;
549 }
9beae467
SK		 550 pipe = gss_msg->pipe;
551 spin_lock(&pipe->lock);
1da177e4 552 if (gss_cred->gc_upcall != NULL)
5d00837b 553 rpc_sleep_on(&gss_cred->gc_upcall->rpc_waitqueue, task, NULL);
126e216a 554 else if (gss_msg->ctx == NULL && gss_msg->msg.errno >= 0) {
1da177e4
LT		 555 task->tk_timeout = 0;
556 gss_cred->gc_upcall = gss_msg;
557 /* gss_upcall_callback will release the reference to gss_upcall_msg */
558 atomic_inc(&gss_msg->count);
5d00837b 559 rpc_sleep_on(&gss_msg->rpc_waitqueue, task, gss_upcall_callback);
126e216a
TM		 560 } else {
561 gss_handle_downcall_result(gss_cred, gss_msg);
1da177e4 562 err = gss_msg->msg.errno;
126e216a 563 }
9beae467 564 spin_unlock(&pipe->lock);
1da177e4
LT		 565 gss_release_msg(gss_msg);
566out:
632f0d05 567 dprintk("RPC: %5u %s for uid %u result %d\n",
cdba321e
EB		 568 task->tk_pid, __func__,
569 from_kuid(&init_user_ns, cred->cr_uid), err);
1da177e4
LT		 570 return err;
571}
572
573static inline int
574gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred)
575{
e726340a 576 struct net *net = gss_auth->net;
abfdbd53 577 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
9beae467 578 struct rpc_pipe *pipe;
1da177e4
LT		 579 struct rpc_cred *cred = &gss_cred->gc_base;
580 struct gss_upcall_msg *gss_msg;
abfdbd53 581 unsigned long timeout;
1da177e4 582 DEFINE_WAIT(wait);
d36ccb9c 583 int err;
1da177e4 584
cdba321e
EB		 585 dprintk("RPC: %s for uid %u\n",
586 __func__, from_kuid(&init_user_ns, cred->cr_uid));
79a3f20b 587retry:
d36ccb9c 588 err = 0;
abfdbd53
TM		 589 /* Default timeout is 15s unless we know that gssd is not running */
590 timeout = 15 * HZ;
591 if (!sn->gssd_running)
592 timeout = HZ >> 2;
e726340a 593 gss_msg = gss_setup_upcall(gss_auth, cred);
79a3f20b
BF		 594 if (PTR_ERR(gss_msg) == -EAGAIN) {
595 err = wait_event_interruptible_timeout(pipe_version_waitqueue,
2aed8b47
TM		 596 sn->pipe_version >= 0, timeout);
597 if (sn->pipe_version < 0) {
abfdbd53
TM		 598 if (err == 0)
599 sn->gssd_running = 0;
d1a8016a
BS		 600 warn_gssd();
601 err = -EACCES;
602 }
d36ccb9c 603 if (err < 0)
79a3f20b 604 goto out;
79a3f20b
BF		 605 goto retry;
606 }
1da177e4
LT		 607 if (IS_ERR(gss_msg)) {
608 err = PTR_ERR(gss_msg);
609 goto out;
610 }
9beae467 611 pipe = gss_msg->pipe;
1da177e4 612 for (;;) {
5afa9133 613 prepare_to_wait(&gss_msg->waitqueue, &wait, TASK_KILLABLE);
9beae467 614 spin_lock(&pipe->lock);
1da177e4 615 if (gss_msg->ctx != NULL || gss_msg->msg.errno < 0) {
1da177e4
LT		 616 break;
617 }
9beae467 618 spin_unlock(&pipe->lock);
5afa9133 619 if (fatal_signal_pending(current)) {
1da177e4
LT		 620 err = -ERESTARTSYS;
621 goto out_intr;
622 }
623 schedule();
624 }
625 if (gss_msg->ctx)
7b6962b0 626 gss_cred_set_ctx(cred, gss_msg->ctx);
1da177e4
LT		 627 else
628 err = gss_msg->msg.errno;
9beae467 629 spin_unlock(&pipe->lock);
1da177e4
LT		 630out_intr:
631 finish_wait(&gss_msg->waitqueue, &wait);
632 gss_release_msg(gss_msg);
633out:
632f0d05 634 dprintk("RPC: %s for uid %u result %d\n",
cdba321e 635 __func__, from_kuid(&init_user_ns, cred->cr_uid), err);
1da177e4
LT		 636 return err;
637}
638
1da177e4
LT		 639#define MSG_BUF_MAXSIZE 1024
640
641static ssize_t
642gss_pipe_downcall(struct file *filp, const char __user *src, size_t mlen)
643{
644 const void *p, *end;
645 void *buf;
1da177e4 646 struct gss_upcall_msg *gss_msg;
496ad9aa 647 struct rpc_pipe *pipe = RPC_I(file_inode(filp))->pipe;
1da177e4 648 struct gss_cl_ctx *ctx;
90602c7b
EB		 649 uid_t id;
650 kuid_t uid;
3b68aaea 651 ssize_t err = -EFBIG;
1da177e4
LT		 652
653 if (mlen > MSG_BUF_MAXSIZE)
654 goto out;
655 err = -ENOMEM;
0f38b873 656 buf = kmalloc(mlen, GFP_NOFS);
1da177e4
LT		 657 if (!buf)
658 goto out;
659
1da177e4
LT		 660 err = -EFAULT;
661 if (copy_from_user(buf, src, mlen))
662 goto err;
663
664 end = (const void *)((char *)buf + mlen);
90602c7b 665 p = simple_get_bytes(buf, end, &id, sizeof(id));
1da177e4
LT		 666 if (IS_ERR(p)) {
667 err = PTR_ERR(p);
668 goto err;
669 }
670
90602c7b
EB		 671 uid = make_kuid(&init_user_ns, id);
672 if (!uid_valid(uid)) {
673 err = -EINVAL;
674 goto err;
675 }
676
1da177e4
LT		 677 err = -ENOMEM;
678 ctx = gss_alloc_context();
679 if (ctx == NULL)
680 goto err;
3b68aaea
TM		 681
682 err = -ENOENT;
683 /* Find a matching upcall */
9beae467
SK		 684 spin_lock(&pipe->lock);
685 gss_msg = __gss_find_upcall(pipe, uid);
3b68aaea 686 if (gss_msg == NULL) {
9beae467 687 spin_unlock(&pipe->lock);
3b68aaea
TM		 688 goto err_put_ctx;
689 }
690 list_del_init(&gss_msg->list);
9beae467 691 spin_unlock(&pipe->lock);
3b68aaea 692
6e84c7b6 693 p = gss_fill_context(p, end, ctx, gss_msg->auth->mech);
1da177e4
LT		 694 if (IS_ERR(p)) {
695 err = PTR_ERR(p);
486bad2e
JL		 696 switch (err) {
697 case -EACCES:
dc5ddce9 698 case -EKEYEXPIRED:
486bad2e
JL		 699 gss_msg->msg.errno = err;
700 err = mlen;
701 break;
702 case -EFAULT:
703 case -ENOMEM:
704 case -EINVAL:
705 case -ENOSYS:
706 gss_msg->msg.errno = -EAGAIN;
707 break;
708 default:
709 printk(KERN_CRIT "%s: bad return from "
6c853099 710 "gss_fill_context: %zd\n", __func__, err);
486bad2e
JL		 711 BUG();
712 }
3b68aaea 713 goto err_release_msg;
1da177e4 714 }
3b68aaea
TM		 715 gss_msg->ctx = gss_get_ctx(ctx);
716 err = mlen;
717
718err_release_msg:
9beae467 719 spin_lock(&pipe->lock);
3b68aaea 720 __gss_unhash_msg(gss_msg);
9beae467 721 spin_unlock(&pipe->lock);
3b68aaea 722 gss_release_msg(gss_msg);
1da177e4
LT		 723err_put_ctx:
724 gss_put_ctx(ctx);
725err:
726 kfree(buf);
727out:
632f0d05 728 dprintk("RPC: %s returning %Zd\n", __func__, err);
1da177e4
LT		 729 return err;
730}
731
34769fc4 732static int gss_pipe_open(struct inode *inode, int new_version)
cf81939d 733{
2aed8b47
TM		 734 struct net *net = inode->i_sb->s_fs_info;
735 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id);
34769fc4
BF		 736 int ret = 0;
737
79a3f20b 738 spin_lock(&pipe_version_lock);
2aed8b47 739 if (sn->pipe_version < 0) {
34769fc4 740 /* First open of any gss pipe determines the version: */
2aed8b47 741 sn->pipe_version = new_version;
79a3f20b
BF		 742 rpc_wake_up(&pipe_version_rpc_waitqueue);
743 wake_up(&pipe_version_waitqueue);
2aed8b47 744 } else if (sn->pipe_version != new_version) {
34769fc4
BF		 745 /* Trying to open a pipe of a different version */
746 ret = -EBUSY;
747 goto out;
79a3f20b 748 }
2aed8b47 749 atomic_inc(&sn->pipe_users);
34769fc4 750out:
79a3f20b 751 spin_unlock(&pipe_version_lock);
34769fc4
BF		 752 return ret;
753
754}
755
756static int gss_pipe_open_v0(struct inode *inode)
757{
758 return gss_pipe_open(inode, 0);
759}
760
761static int gss_pipe_open_v1(struct inode *inode)
762{
763 return gss_pipe_open(inode, 1);
cf81939d
BF		 764}
765
1da177e4
LT		 766static void
767gss_pipe_release(struct inode *inode)
768{
2aed8b47 769 struct net *net = inode->i_sb->s_fs_info;
9beae467 770 struct rpc_pipe *pipe = RPC_I(inode)->pipe;
6e84c7b6 771 struct gss_upcall_msg *gss_msg;
1da177e4 772
5a67657a 773restart:
9beae467
SK		 774 spin_lock(&pipe->lock);
775 list_for_each_entry(gss_msg, &pipe->in_downcall, list) {
1da177e4 776
5a67657a
TM		 777 if (!list_empty(&gss_msg->msg.list))
778 continue;
1da177e4
LT		 779 gss_msg->msg.errno = -EPIPE;
780 atomic_inc(&gss_msg->count);
781 __gss_unhash_msg(gss_msg);
9beae467 782 spin_unlock(&pipe->lock);
1da177e4 783 gss_release_msg(gss_msg);
5a67657a 784 goto restart;
1da177e4 785 }
9beae467 786 spin_unlock(&pipe->lock);
cf81939d 787
2aed8b47 788 put_pipe_version(net);
1da177e4
LT		 789}
790
791static void
792gss_pipe_destroy_msg(struct rpc_pipe_msg *msg)
793{
794 struct gss_upcall_msg *gss_msg = container_of(msg, struct gss_upcall_msg, msg);
1da177e4
LT		 795
796 if (msg->errno < 0) {
632f0d05
CL		 797 dprintk("RPC: %s releasing msg %p\n",
798 __func__, gss_msg);
1da177e4
LT		 799 atomic_inc(&gss_msg->count);
800 gss_unhash_msg(gss_msg);
b03568c3
BF		 801 if (msg->errno == -ETIMEDOUT)
802 warn_gssd();
1da177e4
LT		 803 gss_release_msg(gss_msg);
804 }
805}
806
19172284
TM		 807static void gss_pipe_dentry_destroy(struct dentry *dir,
808 struct rpc_pipe_dir_object *pdo)
ccdc28f8 809{
19172284
TM		 810 struct gss_pipe *gss_pipe = pdo->pdo_data;
811 struct rpc_pipe *pipe = gss_pipe->pipe;
ccdc28f8 812
19172284
TM		 813 if (pipe->dentry != NULL) {
814 rpc_unlink(pipe->dentry);
815 pipe->dentry = NULL;
6b2fddd3 816 }
ccdc28f8
SK		 817}
818
19172284
TM		 819static int gss_pipe_dentry_create(struct dentry *dir,
820 struct rpc_pipe_dir_object *pdo)
ccdc28f8 821{
19172284 822 struct gss_pipe *p = pdo->pdo_data;
6b2fddd3 823 struct dentry *dentry;
ccdc28f8 824
19172284
TM		 825 dentry = rpc_mkpipe_dentry(dir, p->name, p->clnt, p->pipe);
826 if (IS_ERR(dentry))
827 return PTR_ERR(dentry);
828 p->pipe->dentry = dentry;
829 return 0;
830}
831
832static const struct rpc_pipe_dir_object_ops gss_pipe_dir_object_ops = {
833 .create = gss_pipe_dentry_create,
834 .destroy = gss_pipe_dentry_destroy,
835};
836
837static struct gss_pipe *gss_pipe_alloc(struct rpc_clnt *clnt,
838 const char *name,
839 const struct rpc_pipe_ops *upcall_ops)
840{
19172284
TM		 841 struct gss_pipe *p;
842 int err = -ENOMEM;
ccdc28f8 843
19172284
TM		 844 p = kmalloc(sizeof(*p), GFP_KERNEL);
845 if (p == NULL)
6b2fddd3 846 goto err;
19172284
TM		 847 p->pipe = rpc_mkpipe_data(upcall_ops, RPC_PIPE_WAIT_FOR_OPEN);
848 if (IS_ERR(p->pipe)) {
849 err = PTR_ERR(p->pipe);
850 goto err_free_gss_pipe;
6b2fddd3 851 }
19172284
TM		 852 p->name = name;
853 p->clnt = clnt;
414a6295 854 kref_init(&p->kref);
19172284
TM		 855 rpc_init_pipe_dir_object(&p->pdo,
856 &gss_pipe_dir_object_ops,
857 p);
414a6295 858 return p;
19172284
TM		 859err_free_gss_pipe:
860 kfree(p);
6b2fddd3 861err:
19172284 862 return ERR_PTR(err);
ccdc28f8
SK		 863}
864
414a6295
TM		 865struct gss_alloc_pdo {
866 struct rpc_clnt *clnt;
867 const char *name;
868 const struct rpc_pipe_ops *upcall_ops;
869};
870
871static int gss_pipe_match_pdo(struct rpc_pipe_dir_object *pdo, void *data)
872{
873 struct gss_pipe *gss_pipe;
874 struct gss_alloc_pdo *args = data;
875
876 if (pdo->pdo_ops != &gss_pipe_dir_object_ops)
877 return 0;
878 gss_pipe = container_of(pdo, struct gss_pipe, pdo);
879 if (strcmp(gss_pipe->name, args->name) != 0)
880 return 0;
881 if (!kref_get_unless_zero(&gss_pipe->kref))
882 return 0;
883 return 1;
884}
885
886static struct rpc_pipe_dir_object *gss_pipe_alloc_pdo(void *data)
887{
888 struct gss_pipe *gss_pipe;
889 struct gss_alloc_pdo *args = data;
890
891 gss_pipe = gss_pipe_alloc(args->clnt, args->name, args->upcall_ops);
892 if (!IS_ERR(gss_pipe))
893 return &gss_pipe->pdo;
894 return NULL;
895}
896
897static struct gss_pipe *gss_pipe_get(struct rpc_clnt *clnt,
898 const char *name,
899 const struct rpc_pipe_ops *upcall_ops)
900{
901 struct net *net = rpc_net_ns(clnt);
902 struct rpc_pipe_dir_object *pdo;
903 struct gss_alloc_pdo args = {
904 .clnt = clnt,
905 .name = name,
906 .upcall_ops = upcall_ops,
907 };
908
909 pdo = rpc_find_or_alloc_pipe_dir_object(net,
910 &clnt->cl_pipedir_objects,
911 gss_pipe_match_pdo,
912 gss_pipe_alloc_pdo,
913 &args);
914 if (pdo != NULL)
915 return container_of(pdo, struct gss_pipe, pdo);
916 return ERR_PTR(-ENOMEM);
917}
918
19172284 919static void __gss_pipe_free(struct gss_pipe *p)
ccdc28f8 920{
19172284
TM		 921 struct rpc_clnt *clnt = p->clnt;
922 struct net *net = rpc_net_ns(clnt);
ccdc28f8 923
19172284
TM		 924 rpc_remove_pipe_dir_object(net,
925 &clnt->cl_pipedir_objects,
926 &p->pdo);
927 rpc_destroy_pipe_data(p->pipe);
928 kfree(p);
ccdc28f8
SK		 929}
930
414a6295
TM		 931static void __gss_pipe_release(struct kref *kref)
932{
933 struct gss_pipe *p = container_of(kref, struct gss_pipe, kref);
934
935 __gss_pipe_free(p);
936}
937
19172284 938static void gss_pipe_free(struct gss_pipe *p)
ccdc28f8 939{
19172284 940 if (p != NULL)
414a6295 941 kref_put(&p->kref, __gss_pipe_release);
ccdc28f8
SK		 942}
943
cca5172a
YH		 944/*
945 * NOTE: we have the opportunity to use different
1da177e4
LT		 946 * parameters based on the input flavor (which must be a pseudoflavor)
947 */
eb6dc19d
TM		 948static struct gss_auth *
949gss_create_new(struct rpc_auth_create_args *args, struct rpc_clnt *clnt)
1da177e4 950{
c2190661 951 rpc_authflavor_t flavor = args->pseudoflavor;
1da177e4 952 struct gss_auth *gss_auth;
19172284 953 struct gss_pipe *gss_pipe;
1da177e4 954 struct rpc_auth * auth;
6a19275a 955 int err = -ENOMEM; /* XXX? */
1da177e4 956
8885cb36 957 dprintk("RPC: creating GSS authenticator for client %p\n", clnt);
1da177e4
LT		 958
959 if (!try_module_get(THIS_MODULE))
6a19275a 960 return ERR_PTR(err);
1da177e4
LT		 961 if (!(gss_auth = kmalloc(sizeof(*gss_auth), GFP_KERNEL)))
962 goto out_dec;
eb6dc19d 963 INIT_HLIST_NODE(&gss_auth->hash);
bd4a3eb1 964 gss_auth->target_name = NULL;
c2190661
TM		 965 if (args->target_name) {
966 gss_auth->target_name = kstrdup(args->target_name, GFP_KERNEL);
bd4a3eb1
TM		 967 if (gss_auth->target_name == NULL)
968 goto err_free;
969 }
1da177e4 970 gss_auth->client = clnt;
e726340a 971 gss_auth->net = get_net(rpc_net_ns(clnt));
6a19275a 972 err = -EINVAL;
1da177e4
LT		 973 gss_auth->mech = gss_mech_get_by_pseudoflavor(flavor);
974 if (!gss_auth->mech) {
9b1d75b7 975 dprintk("RPC: Pseudoflavor %d not found!\n", flavor);
e726340a 976 goto err_put_net;
1da177e4
LT		 977 }
978 gss_auth->service = gss_pseudoflavor_to_service(gss_auth->mech, flavor);
438b6fde
BF		 979 if (gss_auth->service == 0)
980 goto err_put_mech;
1da177e4
LT		 981 auth = &gss_auth->rpc_auth;
982 auth->au_cslack = GSS_CRED_SLACK >> 2;
983 auth->au_rslack = GSS_VERF_SLACK >> 2;
984 auth->au_ops = &authgss_ops;
985 auth->au_flavor = flavor;
986 atomic_set(&auth->au_count, 1);
0285ed1f 987 kref_init(&gss_auth->kref);
1da177e4 988
19172284
TM		 989 err = rpcauth_init_credcache(auth);
990 if (err)
991 goto err_put_mech;
34769fc4
BF		 992 /*
993 * Note: if we created the old pipe first, then someone who
994 * examined the directory at the right moment might conclude
995 * that we supported only the old pipe. So we instead create
996 * the new pipe first.
997 */
414a6295 998 gss_pipe = gss_pipe_get(clnt, "gssd", &gss_upcall_ops_v1);
19172284
TM		 999 if (IS_ERR(gss_pipe)) {
1000 err = PTR_ERR(gss_pipe);
1001 goto err_destroy_credcache;
6a19275a 1002 }
19172284 1003 gss_auth->gss_pipe[1] = gss_pipe;
1da177e4 1004
414a6295 1005 gss_pipe = gss_pipe_get(clnt, gss_auth->mech->gm_name,
19172284
TM		 1006 &gss_upcall_ops_v0);
1007 if (IS_ERR(gss_pipe)) {
1008 err = PTR_ERR(gss_pipe);
c239d83b
SK		 1009 goto err_destroy_pipe_1;
1010 }
19172284 1011 gss_auth->gss_pipe[0] = gss_pipe;
07a2bf1d 1012
eb6dc19d 1013 return gss_auth;
c239d83b 1014err_destroy_pipe_1:
414a6295 1015 gss_pipe_free(gss_auth->gss_pipe[1]);
19172284
TM		 1016err_destroy_credcache:
1017 rpcauth_destroy_credcache(auth);
1da177e4
LT		 1018err_put_mech:
1019 gss_mech_put(gss_auth->mech);
e726340a
TM		 1020err_put_net:
1021 put_net(gss_auth->net);
1da177e4 1022err_free:
bd4a3eb1 1023 kfree(gss_auth->target_name);
1da177e4
LT		 1024 kfree(gss_auth);
1025out_dec:
1026 module_put(THIS_MODULE);
6a19275a 1027 return ERR_PTR(err);
1da177e4
LT		 1028}
1029
0285ed1f
TM		 1030static void
1031gss_free(struct gss_auth *gss_auth)
1032{
19172284
TM		 1033 gss_pipe_free(gss_auth->gss_pipe[0]);
1034 gss_pipe_free(gss_auth->gss_pipe[1]);
0285ed1f 1035 gss_mech_put(gss_auth->mech);
e726340a 1036 put_net(gss_auth->net);
bd4a3eb1 1037 kfree(gss_auth->target_name);
0285ed1f
TM		 1038
1039 kfree(gss_auth);
1040 module_put(THIS_MODULE);
1041}
1042
1043static void
1044gss_free_callback(struct kref *kref)
1045{
1046 struct gss_auth *gss_auth = container_of(kref, struct gss_auth, kref);
1047
1048 gss_free(gss_auth);
1049}
1050
1da177e4
LT		 1051static void
1052gss_destroy(struct rpc_auth *auth)
1053{
19172284
TM		 1054 struct gss_auth *gss_auth = container_of(auth,
1055 struct gss_auth, rpc_auth);
1da177e4 1056
8885cb36
CL		 1057 dprintk("RPC: destroying GSS authenticator %p flavor %d\n",
1058 auth, auth->au_flavor);
1da177e4 1059
eb6dc19d
TM		 1060 if (hash_hashed(&gss_auth->hash)) {
1061 spin_lock(&gss_auth_hash_lock);
1062 hash_del(&gss_auth->hash);
1063 spin_unlock(&gss_auth_hash_lock);
1064 }
1065
19172284
TM		 1066 gss_pipe_free(gss_auth->gss_pipe[0]);
1067 gss_auth->gss_pipe[0] = NULL;
1068 gss_pipe_free(gss_auth->gss_pipe[1]);
1069 gss_auth->gss_pipe[1] = NULL;
3ab9bb72
TM		 1070 rpcauth_destroy_credcache(auth);
1071
0285ed1f 1072 kref_put(&gss_auth->kref, gss_free_callback);
1da177e4
LT		 1073}
1074
eb6dc19d
TM		 1075static struct gss_auth *
1076gss_auth_find_or_add_hashed(struct rpc_auth_create_args *args,
1077 struct rpc_clnt *clnt,
1078 struct gss_auth *new)
1079{
1080 struct gss_auth *gss_auth;
1081 unsigned long hashval = (unsigned long)clnt;
1082
1083 spin_lock(&gss_auth_hash_lock);
1084 hash_for_each_possible(gss_auth_hash_table,
1085 gss_auth,
1086 hash,
1087 hashval) {
1088 if (gss_auth->rpc_auth.au_flavor != args->pseudoflavor)
1089 continue;
1090 if (gss_auth->target_name != args->target_name) {
1091 if (gss_auth->target_name == NULL)
1092 continue;
1093 if (args->target_name == NULL)
1094 continue;
1095 if (strcmp(gss_auth->target_name, args->target_name))
1096 continue;
1097 }
1098 if (!atomic_inc_not_zero(&gss_auth->rpc_auth.au_count))
1099 continue;
1100 goto out;
1101 }
1102 if (new)
1103 hash_add(gss_auth_hash_table, &new->hash, hashval);
1104 gss_auth = new;
1105out:
1106 spin_unlock(&gss_auth_hash_lock);
1107 return gss_auth;
1108}
1109
1110static struct gss_auth *
1111gss_create_hashed(struct rpc_auth_create_args *args, struct rpc_clnt *clnt)
1112{
1113 struct gss_auth *gss_auth;
1114 struct gss_auth *new;
1115
1116 gss_auth = gss_auth_find_or_add_hashed(args, clnt, NULL);
1117 if (gss_auth != NULL)
1118 goto out;
1119 new = gss_create_new(args, clnt);
1120 if (IS_ERR(new))
1121 return new;
1122 gss_auth = gss_auth_find_or_add_hashed(args, clnt, new);
1123 if (gss_auth != new)
1124 gss_destroy(&new->rpc_auth);
1125out:
1126 return gss_auth;
1127}
1128
1129static struct rpc_auth *
1130gss_create(struct rpc_auth_create_args *args, struct rpc_clnt *clnt)
1131{
1132 struct gss_auth *gss_auth;
1133 struct rpc_xprt *xprt = rcu_access_pointer(clnt->cl_xprt);
1134
1135 while (clnt != clnt->cl_parent) {
1136 struct rpc_clnt *parent = clnt->cl_parent;
1137 /* Find the original parent for this transport */
1138 if (rcu_access_pointer(parent->cl_xprt) != xprt)
1139 break;
1140 clnt = parent;
1141 }
1142
1143 gss_auth = gss_create_hashed(args, clnt);
1144 if (IS_ERR(gss_auth))
1145 return ERR_CAST(gss_auth);
1146 return &gss_auth->rpc_auth;
1147}
1148
0df7fb74
TM		 1149/*
1150 * gss_destroying_context will cause the RPCSEC_GSS to send a NULL RPC call
1151 * to the server with the GSS control procedure field set to
1152 * RPC_GSS_PROC_DESTROY. This should normally cause the server to release
1153 * all RPCSEC_GSS state associated with that context.
1154 */
1155static int
1156gss_destroying_context(struct rpc_cred *cred)
1157{
1158 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
1159 struct gss_auth *gss_auth = container_of(cred->cr_auth, struct gss_auth, rpc_auth);
1160 struct rpc_task *task;
1161
1162 if (gss_cred->gc_ctx == NULL ||
6dcd3926 1163 test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags) == 0)
0df7fb74
TM		 1164 return 0;
1165
1166 gss_cred->gc_ctx->gc_proc = RPC_GSS_PROC_DESTROY;
1167 cred->cr_ops = &gss_nullops;
1168
1169 /* Take a reference to ensure the cred will be destroyed either
1170 * by the RPC call or by the put_rpccred() below */
1171 get_rpccred(cred);
1172
080a1f14 1173 task = rpc_call_null(gss_auth->client, cred, RPC_TASK_ASYNC|RPC_TASK_SOFT);
0df7fb74
TM		 1174 if (!IS_ERR(task))
1175 rpc_put_task(task);
1176
1177 put_rpccred(cred);
1178 return 1;
1179}
1180
1181/* gss_destroy_cred (and gss_free_ctx) are used to clean up after failure
1da177e4
LT		 1182 * to create a new cred or context, so they check that things have been
1183 * allocated before freeing them. */
1184static void
5d28dc82 1185gss_do_free_ctx(struct gss_cl_ctx *ctx)
1da177e4 1186{
632f0d05 1187 dprintk("RPC: %s\n", __func__);
1da177e4 1188
0d8a3746 1189 gss_delete_sec_context(&ctx->gc_gss_ctx);
1da177e4
LT		 1190 kfree(ctx->gc_wire_ctx.data);
1191 kfree(ctx);
1192}
1193
5d28dc82
TM		 1194static void
1195gss_free_ctx_callback(struct rcu_head *head)
1196{
1197 struct gss_cl_ctx *ctx = container_of(head, struct gss_cl_ctx, gc_rcu);
1198 gss_do_free_ctx(ctx);
1199}
1200
1201static void
1202gss_free_ctx(struct gss_cl_ctx *ctx)
1203{
1204 call_rcu(&ctx->gc_rcu, gss_free_ctx_callback);
1205}
1206
1da177e4 1207static void
31be5bf1 1208gss_free_cred(struct gss_cred *gss_cred)
1da177e4 1209{
632f0d05 1210 dprintk("RPC: %s cred=%p\n", __func__, gss_cred);
31be5bf1
TM		 1211 kfree(gss_cred);
1212}
1da177e4 1213
31be5bf1
TM		 1214static void
1215gss_free_cred_callback(struct rcu_head *head)
1216{
1217 struct gss_cred *gss_cred = container_of(head, struct gss_cred, gc_base.cr_rcu);
1218 gss_free_cred(gss_cred);
1219}
1da177e4 1220
31be5bf1 1221static void
6dcd3926 1222gss_destroy_nullcred(struct rpc_cred *cred)
31be5bf1 1223{
5d28dc82 1224 struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base);
0285ed1f 1225 struct gss_auth *gss_auth = container_of(cred->cr_auth, struct gss_auth, rpc_auth);
5d28dc82
TM		 1226 struct gss_cl_ctx *ctx = gss_cred->gc_ctx;
1227
a9b3cd7f 1228 RCU_INIT_POINTER(gss_cred->gc_ctx, NULL);
31be5bf1 1229 call_rcu(&cred->cr_rcu, gss_free_cred_callback);
5d28dc82
TM		 1230 if (ctx)
1231 gss_put_ctx(ctx);
0285ed1f 1232 kref_put(&gss_auth->kref, gss_free_callback);
1da177e4
LT		 1233}
1234
6dcd3926
JL		 1235static void
1236gss_destroy_cred(struct rpc_cred *cred)
1237{
1238
1239 if (gss_destroying_context(cred))
1240 return;
1241 gss_destroy_nullcred(cred);
1242}
1243
1da177e4
LT		 1244/*
1245 * Lookup RPCSEC_GSS cred for the current process
1246 */
1247static struct rpc_cred *
8a317760 1248gss_lookup_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
1da177e4 1249{
8a317760 1250 return rpcauth_lookup_credcache(auth, acred, flags);
1da177e4
LT		 1251}
1252
1253static struct rpc_cred *
8a317760 1254gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
1da177e4
LT		 1255{
1256 struct gss_auth *gss_auth = container_of(auth, struct gss_auth, rpc_auth);
1257 struct gss_cred *cred = NULL;
1258 int err = -ENOMEM;
1259
632f0d05 1260 dprintk("RPC: %s for uid %d, flavor %d\n",
cdba321e
EB		 1261 __func__, from_kuid(&init_user_ns, acred->uid),
1262 auth->au_flavor);
1da177e4 1263
0f38b873 1264 if (!(cred = kzalloc(sizeof(*cred), GFP_NOFS)))
1da177e4
LT		 1265 goto out_err;
1266
5fe4755e 1267 rpcauth_init_cred(&cred->gc_base, acred, auth, &gss_credops);
1da177e4
LT		 1268 /*
1269 * Note: in order to force a call to call_refresh(), we deliberately
1270 * fail to flag the credential as RPCAUTH_CRED_UPTODATE.
1271 */
fc432dd9 1272 cred->gc_base.cr_flags = 1UL << RPCAUTH_CRED_NEW;
1da177e4 1273 cred->gc_service = gss_auth->service;
68c97153
TM		 1274 cred->gc_principal = NULL;
1275 if (acred->machine_cred)
1276 cred->gc_principal = acred->principal;
0285ed1f 1277 kref_get(&gss_auth->kref);
1da177e4
LT		 1278 return &cred->gc_base;
1279
1280out_err:
632f0d05 1281 dprintk("RPC: %s failed with error %d\n", __func__, err);
1da177e4
LT		 1282 return ERR_PTR(err);
1283}
1284
fba3bad4
TM		 1285static int
1286gss_cred_init(struct rpc_auth *auth, struct rpc_cred *cred)
1287{
1288 struct gss_auth *gss_auth = container_of(auth, struct gss_auth, rpc_auth);
1289 struct gss_cred *gss_cred = container_of(cred,struct gss_cred, gc_base);
1290 int err;
1291
1292 do {
1293 err = gss_create_upcall(gss_auth, gss_cred);
1294 } while (err == -EAGAIN);
1295 return err;
1296}
1297
1da177e4 1298static int
8a317760 1299gss_match(struct auth_cred *acred, struct rpc_cred *rc, int flags)
1da177e4
LT		 1300{
1301 struct gss_cred *gss_cred = container_of(rc, struct gss_cred, gc_base);
1302
cd019f75 1303 if (test_bit(RPCAUTH_CRED_NEW, &rc->cr_flags))
8a317760 1304 goto out;
1da177e4 1305 /* Don't match with creds that have expired. */
cd019f75
TM		 1306 if (time_after(jiffies, gss_cred->gc_ctx->gc_expiry))
1307 return 0;
1308 if (!test_bit(RPCAUTH_CRED_UPTODATE, &rc->cr_flags))
1da177e4 1309 return 0;
8a317760 1310out:
68c97153
TM		 1311 if (acred->principal != NULL) {
1312 if (gss_cred->gc_principal == NULL)
1313 return 0;
1314 return strcmp(acred->principal, gss_cred->gc_principal) == 0;
1315 }
1316 if (gss_cred->gc_principal != NULL)
7c67db3a 1317 return 0;
0b4d51b0 1318 return uid_eq(rc->cr_uid, acred->uid);
1da177e4
LT		 1319}
1320
1321/*
1322* Marshal credentials.
1323* Maybe we should keep a cached credential for performance reasons.
1324*/
d8ed029d
AD		 1325static __be32 *
1326gss_marshal(struct rpc_task *task, __be32 *p)
1da177e4 1327{
a17c2153
TM		 1328 struct rpc_rqst *req = task->tk_rqstp;
1329 struct rpc_cred *cred = req->rq_cred;
1da177e4
LT		 1330 struct gss_cred *gss_cred = container_of(cred, struct gss_cred,
1331 gc_base);
1332 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
d8ed029d 1333 __be32 *cred_len;
1da177e4
LT		 1334 u32 maj_stat = 0;
1335 struct xdr_netobj mic;
1336 struct kvec iov;
1337 struct xdr_buf verf_buf;
1338
632f0d05 1339 dprintk("RPC: %5u %s\n", task->tk_pid, __func__);
1da177e4
LT		 1340
1341 *p++ = htonl(RPC_AUTH_GSS);
1342 cred_len = p++;
1343
1344 spin_lock(&ctx->gc_seq_lock);
1345 req->rq_seqno = ctx->gc_seq++;
1346 spin_unlock(&ctx->gc_seq_lock);
1347
1348 *p++ = htonl((u32) RPC_GSS_VERSION);
1349 *p++ = htonl((u32) ctx->gc_proc);
1350 *p++ = htonl((u32) req->rq_seqno);
1351 *p++ = htonl((u32) gss_cred->gc_service);
1352 p = xdr_encode_netobj(p, &ctx->gc_wire_ctx);
1353 *cred_len = htonl((p - (cred_len + 1)) << 2);
1354
1355 /* We compute the checksum for the verifier over the xdr-encoded bytes
1356 * starting with the xid and ending at the end of the credential: */
a4f0835c 1357 iov.iov_base = xprt_skip_transport_header(req->rq_xprt,
808012fb 1358 req->rq_snd_buf.head[0].iov_base);
1da177e4
LT		 1359 iov.iov_len = (u8 *)p - (u8 *)iov.iov_base;
1360 xdr_buf_from_iov(&iov, &verf_buf);
1361
1362 /* set verifier flavor*/
1363 *p++ = htonl(RPC_AUTH_GSS);
1364
1365 mic.data = (u8 *)(p + 1);
00fd6e14 1366 maj_stat = gss_get_mic(ctx->gc_gss_ctx, &verf_buf, &mic);
1da177e4 1367 if (maj_stat == GSS_S_CONTEXT_EXPIRED) {
fc432dd9 1368 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
1da177e4
LT		 1369 } else if (maj_stat != 0) {
1370 printk("gss_marshal: gss_get_mic FAILED (%d)\n", maj_stat);
1371 goto out_put_ctx;
1372 }
1373 p = xdr_encode_opaque(p, NULL, mic.len);
1374 gss_put_ctx(ctx);
1375 return p;
1376out_put_ctx:
1377 gss_put_ctx(ctx);
1378 return NULL;
1379}
1380
cd019f75
TM		 1381static int gss_renew_cred(struct rpc_task *task)
1382{
a17c2153 1383 struct rpc_cred *oldcred = task->tk_rqstp->rq_cred;
cd019f75
TM		 1384 struct gss_cred *gss_cred = container_of(oldcred,
1385 struct gss_cred,
1386 gc_base);
1387 struct rpc_auth *auth = oldcred->cr_auth;
1388 struct auth_cred acred = {
1389 .uid = oldcred->cr_uid,
68c97153
TM		 1390 .principal = gss_cred->gc_principal,
1391 .machine_cred = (gss_cred->gc_principal != NULL ? 1 : 0),
cd019f75
TM		 1392 };
1393 struct rpc_cred *new;
1394
1395 new = gss_lookup_cred(auth, &acred, RPCAUTH_LOOKUP_NEW);
1396 if (IS_ERR(new))
1397 return PTR_ERR(new);
a17c2153 1398 task->tk_rqstp->rq_cred = new;
cd019f75
TM		 1399 put_rpccred(oldcred);
1400 return 0;
1401}
1402
126e216a
TM		 1403static int gss_cred_is_negative_entry(struct rpc_cred *cred)
1404{
1405 if (test_bit(RPCAUTH_CRED_NEGATIVE, &cred->cr_flags)) {
1406 unsigned long now = jiffies;
1407 unsigned long begin, expire;
1408 struct gss_cred *gss_cred;
1409
1410 gss_cred = container_of(cred, struct gss_cred, gc_base);
1411 begin = gss_cred->gc_upcall_timestamp;
1412 expire = begin + gss_expired_cred_retry_delay * HZ;
1413
1414 if (time_in_range_open(now, begin, expire))
1415 return 1;
1416 }
1417 return 0;
1418}
1419
1da177e4
LT		 1420/*
1421* Refresh credentials. XXX - finish
1422*/
1423static int
1424gss_refresh(struct rpc_task *task)
1425{
a17c2153 1426 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
cd019f75
TM		 1427 int ret = 0;
1428
126e216a
TM		 1429 if (gss_cred_is_negative_entry(cred))
1430 return -EKEYEXPIRED;
1431
cd019f75
TM		 1432 if (!test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags) &&
1433 !test_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags)) {
1434 ret = gss_renew_cred(task);
1435 if (ret < 0)
1436 goto out;
a17c2153 1437 cred = task->tk_rqstp->rq_cred;
cd019f75 1438 }
1da177e4 1439
cd019f75
TM		 1440 if (test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags))
1441 ret = gss_refresh_upcall(task);
1442out:
1443 return ret;
1da177e4
LT		 1444}
1445
0df7fb74
TM		 1446/* Dummy refresh routine: used only when destroying the context */
1447static int
1448gss_refresh_null(struct rpc_task *task)
1449{
1450 return -EACCES;
1451}
1452
d8ed029d
AD		 1453static __be32 *
1454gss_validate(struct rpc_task *task, __be32 *p)
1da177e4 1455{
a17c2153 1456 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
1da177e4 1457 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
d8ed029d 1458 __be32 seq;
1da177e4
LT		 1459 struct kvec iov;
1460 struct xdr_buf verf_buf;
1461 struct xdr_netobj mic;
1462 u32 flav,len;
1463 u32 maj_stat;
1464
632f0d05 1465 dprintk("RPC: %5u %s\n", task->tk_pid, __func__);
1da177e4
LT		 1466
1467 flav = ntohl(*p++);
1468 if ((len = ntohl(*p++)) > RPC_MAX_AUTH_SIZE)
cca5172a 1469 goto out_bad;
1da177e4
LT		 1470 if (flav != RPC_AUTH_GSS)
1471 goto out_bad;
1472 seq = htonl(task->tk_rqstp->rq_seqno);
1473 iov.iov_base = &seq;
1474 iov.iov_len = sizeof(seq);
1475 xdr_buf_from_iov(&iov, &verf_buf);
1476 mic.data = (u8 *)p;
1477 mic.len = len;
1478
00fd6e14 1479 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &verf_buf, &mic);
1da177e4 1480 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
fc432dd9 1481 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
0df7fb74 1482 if (maj_stat) {
632f0d05
CL		 1483 dprintk("RPC: %5u %s: gss_verify_mic returned error 0x%08x\n",
1484 task->tk_pid, __func__, maj_stat);
1da177e4 1485 goto out_bad;
0df7fb74 1486 }
24b2605b
BF		 1487 /* We leave it to unwrap to calculate au_rslack. For now we just
1488 * calculate the length of the verifier: */
1be27f36 1489 cred->cr_auth->au_verfsize = XDR_QUADLEN(len) + 2;
1da177e4 1490 gss_put_ctx(ctx);
632f0d05
CL		 1491 dprintk("RPC: %5u %s: gss_verify_mic succeeded.\n",
1492 task->tk_pid, __func__);
1da177e4
LT		 1493 return p + XDR_QUADLEN(len);
1494out_bad:
1495 gss_put_ctx(ctx);
632f0d05 1496 dprintk("RPC: %5u %s failed.\n", task->tk_pid, __func__);
1da177e4
LT		 1497 return NULL;
1498}
1499
9f06c719
CL		 1500static void gss_wrap_req_encode(kxdreproc_t encode, struct rpc_rqst *rqstp,
1501 __be32 *p, void *obj)
1502{
1503 struct xdr_stream xdr;
1504
1505 xdr_init_encode(&xdr, &rqstp->rq_snd_buf, p);
1506 encode(rqstp, &xdr, obj);
1507}
1508
1da177e4
LT		 1509static inline int
1510gss_wrap_req_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
9f06c719
CL		 1511 kxdreproc_t encode, struct rpc_rqst *rqstp,
1512 __be32 *p, void *obj)
1da177e4
LT		 1513{
1514 struct xdr_buf *snd_buf = &rqstp->rq_snd_buf;
1515 struct xdr_buf integ_buf;
d8ed029d 1516 __be32 *integ_len = NULL;
1da177e4 1517 struct xdr_netobj mic;
d8ed029d
AD		 1518 u32 offset;
1519 __be32 *q;
1da177e4
LT		 1520 struct kvec *iov;
1521 u32 maj_stat = 0;
1522 int status = -EIO;
1523
1524 integ_len = p++;
1525 offset = (u8 *)p - (u8 *)snd_buf->head[0].iov_base;
1526 *p++ = htonl(rqstp->rq_seqno);
1527
9f06c719 1528 gss_wrap_req_encode(encode, rqstp, p, obj);
1da177e4
LT		 1529
1530 if (xdr_buf_subsegment(snd_buf, &integ_buf,
1531 offset, snd_buf->len - offset))
1532 return status;
1533 *integ_len = htonl(integ_buf.len);
1534
1535 /* guess whether we're in the head or the tail: */
cca5172a 1536 if (snd_buf->page_len || snd_buf->tail[0].iov_len)
1da177e4
LT		 1537 iov = snd_buf->tail;
1538 else
1539 iov = snd_buf->head;
1540 p = iov->iov_base + iov->iov_len;
1541 mic.data = (u8 *)(p + 1);
1542
00fd6e14 1543 maj_stat = gss_get_mic(ctx->gc_gss_ctx, &integ_buf, &mic);
1da177e4
LT		 1544 status = -EIO; /* XXX? */
1545 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
fc432dd9 1546 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
1da177e4
LT		 1547 else if (maj_stat)
1548 return status;
1549 q = xdr_encode_opaque(p, NULL, mic.len);
1550
1551 offset = (u8 *)q - (u8 *)p;
1552 iov->iov_len += offset;
1553 snd_buf->len += offset;
1554 return 0;
1555}
1556
2d2da60c
BF		 1557static void
1558priv_release_snd_buf(struct rpc_rqst *rqstp)
1559{
1560 int i;
1561
1562 for (i=0; i < rqstp->rq_enc_pages_num; i++)
1563 __free_page(rqstp->rq_enc_pages[i]);
1564 kfree(rqstp->rq_enc_pages);
1565}
1566
1567static int
1568alloc_enc_pages(struct rpc_rqst *rqstp)
1569{
1570 struct xdr_buf *snd_buf = &rqstp->rq_snd_buf;
1571 int first, last, i;
1572
1573 if (snd_buf->page_len == 0) {
1574 rqstp->rq_enc_pages_num = 0;
1575 return 0;
1576 }
1577
1578 first = snd_buf->page_base >> PAGE_CACHE_SHIFT;
1579 last = (snd_buf->page_base + snd_buf->page_len - 1) >> PAGE_CACHE_SHIFT;
1580 rqstp->rq_enc_pages_num = last - first + 1 + 1;
1581 rqstp->rq_enc_pages
1582 = kmalloc(rqstp->rq_enc_pages_num * sizeof(struct page *),
1583 GFP_NOFS);
1584 if (!rqstp->rq_enc_pages)
1585 goto out;
1586 for (i=0; i < rqstp->rq_enc_pages_num; i++) {
1587 rqstp->rq_enc_pages[i] = alloc_page(GFP_NOFS);
1588 if (rqstp->rq_enc_pages[i] == NULL)
1589 goto out_free;
1590 }
1591 rqstp->rq_release_snd_buf = priv_release_snd_buf;
1592 return 0;
1593out_free:
cdead7cf
TM		 1594 rqstp->rq_enc_pages_num = i;
1595 priv_release_snd_buf(rqstp);
2d2da60c
BF		 1596out:
1597 return -EAGAIN;
1598}
1599
1600static inline int
1601gss_wrap_req_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
9f06c719
CL		 1602 kxdreproc_t encode, struct rpc_rqst *rqstp,
1603 __be32 *p, void *obj)
2d2da60c
BF		 1604{
1605 struct xdr_buf *snd_buf = &rqstp->rq_snd_buf;
1606 u32 offset;
1607 u32 maj_stat;
1608 int status;
d8ed029d 1609 __be32 *opaque_len;
2d2da60c
BF		 1610 struct page **inpages;
1611 int first;
1612 int pad;
1613 struct kvec *iov;
1614 char *tmp;
1615
1616 opaque_len = p++;
1617 offset = (u8 *)p - (u8 *)snd_buf->head[0].iov_base;
1618 *p++ = htonl(rqstp->rq_seqno);
1619
9f06c719 1620 gss_wrap_req_encode(encode, rqstp, p, obj);
2d2da60c
BF		 1621
1622 status = alloc_enc_pages(rqstp);
1623 if (status)
1624 return status;
1625 first = snd_buf->page_base >> PAGE_CACHE_SHIFT;
1626 inpages = snd_buf->pages + first;
1627 snd_buf->pages = rqstp->rq_enc_pages;
1628 snd_buf->page_base -= first << PAGE_CACHE_SHIFT;
7561042f
KC		 1629 /*
1630 * Give the tail its own page, in case we need extra space in the
1631 * head when wrapping:
1632 *
1633 * call_allocate() allocates twice the slack space required
1634 * by the authentication flavor to rq_callsize.
1635 * For GSS, slack is GSS_CRED_SLACK.
1636 */
2d2da60c
BF		 1637 if (snd_buf->page_len || snd_buf->tail[0].iov_len) {
1638 tmp = page_address(rqstp->rq_enc_pages[rqstp->rq_enc_pages_num - 1]);
1639 memcpy(tmp, snd_buf->tail[0].iov_base, snd_buf->tail[0].iov_len);
1640 snd_buf->tail[0].iov_base = tmp;
1641 }
00fd6e14 1642 maj_stat = gss_wrap(ctx->gc_gss_ctx, offset, snd_buf, inpages);
7561042f 1643 /* slack space should prevent this ever happening: */
2d2da60c 1644 BUG_ON(snd_buf->len > snd_buf->buflen);
cca5172a 1645 status = -EIO;
2d2da60c
BF		 1646 /* We're assuming that when GSS_S_CONTEXT_EXPIRED, the encryption was
1647 * done anyway, so it's safe to put the request on the wire: */
1648 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
fc432dd9 1649 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
2d2da60c
BF		 1650 else if (maj_stat)
1651 return status;
1652
1653 *opaque_len = htonl(snd_buf->len - offset);
1654 /* guess whether we're in the head or the tail: */
1655 if (snd_buf->page_len || snd_buf->tail[0].iov_len)
1656 iov = snd_buf->tail;
1657 else
1658 iov = snd_buf->head;
1659 p = iov->iov_base + iov->iov_len;
1660 pad = 3 - ((snd_buf->len - offset - 1) & 3);
1661 memset(p, 0, pad);
1662 iov->iov_len += pad;
1663 snd_buf->len += pad;
1664
1665 return 0;
1666}
1667
1da177e4
LT		 1668static int
1669gss_wrap_req(struct rpc_task *task,
9f06c719 1670 kxdreproc_t encode, void *rqstp, __be32 *p, void *obj)
1da177e4 1671{
a17c2153 1672 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
1da177e4
LT		 1673 struct gss_cred *gss_cred = container_of(cred, struct gss_cred,
1674 gc_base);
1675 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
1676 int status = -EIO;
1677
632f0d05 1678 dprintk("RPC: %5u %s\n", task->tk_pid, __func__);
1da177e4
LT		 1679 if (ctx->gc_proc != RPC_GSS_PROC_DATA) {
1680 /* The spec seems a little ambiguous here, but I think that not
1681 * wrapping context destruction requests makes the most sense.
1682 */
9f06c719
CL		 1683 gss_wrap_req_encode(encode, rqstp, p, obj);
1684 status = 0;
1da177e4
LT		 1685 goto out;
1686 }
1687 switch (gss_cred->gc_service) {
89f0e4fe
JP		 1688 case RPC_GSS_SVC_NONE:
1689 gss_wrap_req_encode(encode, rqstp, p, obj);
1690 status = 0;
1691 break;
1692 case RPC_GSS_SVC_INTEGRITY:
1693 status = gss_wrap_req_integ(cred, ctx, encode, rqstp, p, obj);
1694 break;
1695 case RPC_GSS_SVC_PRIVACY:
1696 status = gss_wrap_req_priv(cred, ctx, encode, rqstp, p, obj);
1697 break;
1da177e4
LT		 1698 }
1699out:
1700 gss_put_ctx(ctx);
632f0d05 1701 dprintk("RPC: %5u %s returning %d\n", task->tk_pid, __func__, status);
1da177e4
LT		 1702 return status;
1703}
1704
1705static inline int
1706gss_unwrap_resp_integ(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
d8ed029d 1707 struct rpc_rqst *rqstp, __be32 **p)
1da177e4
LT		 1708{
1709 struct xdr_buf *rcv_buf = &rqstp->rq_rcv_buf;
1710 struct xdr_buf integ_buf;
1711 struct xdr_netobj mic;
1712 u32 data_offset, mic_offset;
1713 u32 integ_len;
1714 u32 maj_stat;
1715 int status = -EIO;
1716
1717 integ_len = ntohl(*(*p)++);
1718 if (integ_len & 3)
1719 return status;
1720 data_offset = (u8 *)(*p) - (u8 *)rcv_buf->head[0].iov_base;
1721 mic_offset = integ_len + data_offset;
1722 if (mic_offset > rcv_buf->len)
1723 return status;
1724 if (ntohl(*(*p)++) != rqstp->rq_seqno)
1725 return status;
1726
1727 if (xdr_buf_subsegment(rcv_buf, &integ_buf, data_offset,
1728 mic_offset - data_offset))
1729 return status;
1730
1731 if (xdr_buf_read_netobj(rcv_buf, &mic, mic_offset))
1732 return status;
1733
00fd6e14 1734 maj_stat = gss_verify_mic(ctx->gc_gss_ctx, &integ_buf, &mic);
1da177e4 1735 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
fc432dd9 1736 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
1da177e4
LT		 1737 if (maj_stat != GSS_S_COMPLETE)
1738 return status;
1739 return 0;
1740}
1741
2d2da60c
BF		 1742static inline int
1743gss_unwrap_resp_priv(struct rpc_cred *cred, struct gss_cl_ctx *ctx,
d8ed029d 1744 struct rpc_rqst *rqstp, __be32 **p)
2d2da60c
BF		 1745{
1746 struct xdr_buf *rcv_buf = &rqstp->rq_rcv_buf;
1747 u32 offset;
1748 u32 opaque_len;
1749 u32 maj_stat;
1750 int status = -EIO;
1751
1752 opaque_len = ntohl(*(*p)++);
1753 offset = (u8 *)(*p) - (u8 *)rcv_buf->head[0].iov_base;
1754 if (offset + opaque_len > rcv_buf->len)
1755 return status;
1756 /* remove padding: */
1757 rcv_buf->len = offset + opaque_len;
1758
00fd6e14 1759 maj_stat = gss_unwrap(ctx->gc_gss_ctx, offset, rcv_buf);
2d2da60c 1760 if (maj_stat == GSS_S_CONTEXT_EXPIRED)
fc432dd9 1761 clear_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
2d2da60c
BF		 1762 if (maj_stat != GSS_S_COMPLETE)
1763 return status;
1764 if (ntohl(*(*p)++) != rqstp->rq_seqno)
1765 return status;
1766
1767 return 0;
1768}
1769
bf269551
CL		 1770static int
1771gss_unwrap_req_decode(kxdrdproc_t decode, struct rpc_rqst *rqstp,
1772 __be32 *p, void *obj)
1773{
1774 struct xdr_stream xdr;
1775
1776 xdr_init_decode(&xdr, &rqstp->rq_rcv_buf, p);
1777 return decode(rqstp, &xdr, obj);
1778}
2d2da60c 1779
1da177e4
LT		 1780static int
1781gss_unwrap_resp(struct rpc_task *task,
bf269551 1782 kxdrdproc_t decode, void *rqstp, __be32 *p, void *obj)
1da177e4 1783{
a17c2153 1784 struct rpc_cred *cred = task->tk_rqstp->rq_cred;
1da177e4
LT		 1785 struct gss_cred *gss_cred = container_of(cred, struct gss_cred,
1786 gc_base);
1787 struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
d8ed029d 1788 __be32 *savedp = p;
2d2da60c
BF		 1789 struct kvec *head = ((struct rpc_rqst *)rqstp)->rq_rcv_buf.head;
1790 int savedlen = head->iov_len;
1da177e4
LT		 1791 int status = -EIO;
1792
1793 if (ctx->gc_proc != RPC_GSS_PROC_DATA)
1794 goto out_decode;
1795 switch (gss_cred->gc_service) {
89f0e4fe
JP		 1796 case RPC_GSS_SVC_NONE:
1797 break;
1798 case RPC_GSS_SVC_INTEGRITY:
1799 status = gss_unwrap_resp_integ(cred, ctx, rqstp, &p);
1800 if (status)
1801 goto out;
1802 break;
1803 case RPC_GSS_SVC_PRIVACY:
1804 status = gss_unwrap_resp_priv(cred, ctx, rqstp, &p);
1805 if (status)
1806 goto out;
1807 break;
1da177e4 1808 }
24b2605b 1809 /* take into account extra slack for integrity and privacy cases: */
1be27f36 1810 cred->cr_auth->au_rslack = cred->cr_auth->au_verfsize + (p - savedp)
2d2da60c 1811 + (savedlen - head->iov_len);
1da177e4 1812out_decode:
bf269551 1813 status = gss_unwrap_req_decode(decode, rqstp, p, obj);
1da177e4
LT		 1814out:
1815 gss_put_ctx(ctx);
632f0d05
CL		 1816 dprintk("RPC: %5u %s returning %d\n",
1817 task->tk_pid, __func__, status);
1da177e4
LT		 1818 return status;
1819}
cca5172a 1820
f1c0a861 1821static const struct rpc_authops authgss_ops = {
1da177e4
LT		 1822 .owner = THIS_MODULE,
1823 .au_flavor = RPC_AUTH_GSS,
1da177e4 1824 .au_name = "RPCSEC_GSS",
1da177e4
LT		 1825 .create = gss_create,
1826 .destroy = gss_destroy,
1827 .lookup_cred = gss_lookup_cred,
80df9d20 1828 .crcreate = gss_create_cred,
6a1a1e34 1829 .list_pseudoflavors = gss_mech_list_pseudoflavors,
9568c5e9 1830 .info2flavor = gss_mech_info2flavor,
a77c806f 1831 .flavor2info = gss_mech_flavor2info,
1da177e4
LT		 1832};
1833
f1c0a861 1834static const struct rpc_credops gss_credops = {
1da177e4
LT		 1835 .cr_name = "AUTH_GSS",
1836 .crdestroy = gss_destroy_cred,
fba3bad4 1837 .cr_init = gss_cred_init,
5c691044 1838 .crbind = rpcauth_generic_bind_cred,
1da177e4
LT		 1839 .crmatch = gss_match,
1840 .crmarshal = gss_marshal,
1841 .crrefresh = gss_refresh,
1842 .crvalidate = gss_validate,
1843 .crwrap_req = gss_wrap_req,
1844 .crunwrap_resp = gss_unwrap_resp,
1845};
1846
0df7fb74
TM		 1847static const struct rpc_credops gss_nullops = {
1848 .cr_name = "AUTH_GSS",
6dcd3926 1849 .crdestroy = gss_destroy_nullcred,
5c691044 1850 .crbind = rpcauth_generic_bind_cred,
0df7fb74
TM		 1851 .crmatch = gss_match,
1852 .crmarshal = gss_marshal,
1853 .crrefresh = gss_refresh_null,
1854 .crvalidate = gss_validate,
1855 .crwrap_req = gss_wrap_req,
1856 .crunwrap_resp = gss_unwrap_resp,
1857};
1858
b693ba4a 1859static const struct rpc_pipe_ops gss_upcall_ops_v0 = {
c1225158 1860 .upcall = rpc_pipe_generic_upcall,
34769fc4
BF		 1861 .downcall = gss_pipe_downcall,
1862 .destroy_msg = gss_pipe_destroy_msg,
1863 .open_pipe = gss_pipe_open_v0,
1864 .release_pipe = gss_pipe_release,
1865};
1866
b693ba4a 1867static const struct rpc_pipe_ops gss_upcall_ops_v1 = {
c1225158 1868 .upcall = rpc_pipe_generic_upcall,
1da177e4
LT		 1869 .downcall = gss_pipe_downcall,
1870 .destroy_msg = gss_pipe_destroy_msg,
34769fc4 1871 .open_pipe = gss_pipe_open_v1,
1da177e4
LT		 1872 .release_pipe = gss_pipe_release,
1873};
1874
a1db410d
SK		 1875static __net_init int rpcsec_gss_init_net(struct net *net)
1876{
1877 return gss_svc_init_net(net);
1878}
1879
1880static __net_exit void rpcsec_gss_exit_net(struct net *net)
1881{
1882 gss_svc_shutdown_net(net);
1883}
1884
1885static struct pernet_operations rpcsec_gss_net_ops = {
1886 .init = rpcsec_gss_init_net,
1887 .exit = rpcsec_gss_exit_net,
1888};
1889
1da177e4
LT		 1890/*
1891 * Initialize RPCSEC_GSS module
1892 */
1893static int __init init_rpcsec_gss(void)
1894{
1895 int err = 0;
1896
1897 err = rpcauth_register(&authgss_ops);
1898 if (err)
1899 goto out;
1900 err = gss_svc_init();
1901 if (err)
1902 goto out_unregister;
a1db410d
SK		 1903 err = register_pernet_subsys(&rpcsec_gss_net_ops);
1904 if (err)
1905 goto out_svc_exit;
79a3f20b 1906 rpc_init_wait_queue(&pipe_version_rpc_waitqueue, "gss pipe version");
1da177e4 1907 return 0;
a1db410d
SK		 1908out_svc_exit:
1909 gss_svc_shutdown();
1da177e4
LT		 1910out_unregister:
1911 rpcauth_unregister(&authgss_ops);
1912out:
1913 return err;
1914}
1915
1916static void __exit exit_rpcsec_gss(void)
1917{
a1db410d 1918 unregister_pernet_subsys(&rpcsec_gss_net_ops);
1da177e4
LT		 1919 gss_svc_shutdown();
1920 rpcauth_unregister(&authgss_ops);
bf12691d 1921 rcu_barrier(); /* Wait for completion of call_rcu()'s */
1da177e4
LT		 1922}
1923
71afa85e 1924MODULE_ALIAS("rpc-auth-6");
1da177e4 1925MODULE_LICENSE("GPL");
126e216a
TM		 1926module_param_named(expired_cred_retry_delay,
1927 gss_expired_cred_retry_delay,
1928 uint, 0644);
1929MODULE_PARM_DESC(expired_cred_retry_delay, "Timeout (in seconds) until "
1930 "the RPC engine retries an expired credential");
1931
1da177e4
LT		 1932module_init(init_rpcsec_gss)
1933module_exit(exit_rpcsec_gss)
Linux kernel - Deliverables
This page took 0.74072 seconds and 5 git commands to generate.