net/sunrpc/auth_gss/gss_mech_switch.c

   1 /*
   2  *  linux/net/sunrpc/gss_mech_switch.c
   3  *
   4  *  Copyright (c) 2001 The Regents of the University of Michigan.
   5  *  All rights reserved.
   6  *
   7  *  J. Bruce Fields   <bfields@umich.edu>
   8  *
   9  *  Redistribution and use in source and binary forms, with or without
  10  *  modification, are permitted provided that the following conditions
  11  *  are met:
  12  *
  13  *  1. Redistributions of source code must retain the above copyright
  14  *     notice, this list of conditions and the following disclaimer.
  15  *  2. Redistributions in binary form must reproduce the above copyright
  16  *     notice, this list of conditions and the following disclaimer in the
  17  *     documentation and/or other materials provided with the distribution.
  18  *  3. Neither the name of the University nor the names of its
  19  *     contributors may be used to endorse or promote products derived
  20  *     from this software without specific prior written permission.
  21  *
  22  *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
  23  *  WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
  24  *  MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  25  *  DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
  26  *  FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  27  *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
  28  *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
  29  *  BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  30  *  LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  31  *  NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  32  *  SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  33  *
  34  */
  35
  36 #include <linux/types.h>
  37 #include <linux/slab.h>
  38 #include <linux/module.h>
  39 #include <linux/oid_registry.h>
  40 #include <linux/sunrpc/msg_prot.h>
  41 #include <linux/sunrpc/gss_asn1.h>
  42 #include <linux/sunrpc/auth_gss.h>
  43 #include <linux/sunrpc/svcauth_gss.h>
  44 #include <linux/sunrpc/gss_err.h>
  45 #include <linux/sunrpc/sched.h>
  46 #include <linux/sunrpc/gss_api.h>
  47 #include <linux/sunrpc/clnt.h>
  48
  49 #ifdef RPC_DEBUG
  50 # define RPCDBG_FACILITY        RPCDBG_AUTH
  51 #endif
  52
  53 static LIST_HEAD(registered_mechs);
  54 static DEFINE_SPINLOCK(registered_mechs_lock);
  55
  56 static void
  57 gss_mech_free(struct gss_api_mech *gm)
  58 {
  59         struct pf_desc *pf;
  60         int i;
  61
  62         for (i = 0; i < gm->gm_pf_num; i++) {
  63                 pf = &gm->gm_pfs[i];
  64                 kfree(pf->auth_domain_name);
  65                 pf->auth_domain_name = NULL;
  66         }
  67 }
  68
  69 static inline char *
  70 make_auth_domain_name(char *name)
  71 {
  72         static char     *prefix = "gss/";
  73         char            *new;
  74
  75         new = kmalloc(strlen(name) + strlen(prefix) + 1, GFP_KERNEL);
  76         if (new) {
  77                 strcpy(new, prefix);
  78                 strcat(new, name);
  79         }
  80         return new;
  81 }
  82
  83 static int
  84 gss_mech_svc_setup(struct gss_api_mech *gm)
  85 {
  86         struct pf_desc *pf;
  87         int i, status;
  88
  89         for (i = 0; i < gm->gm_pf_num; i++) {
  90                 pf = &gm->gm_pfs[i];
  91                 pf->auth_domain_name = make_auth_domain_name(pf->name);
  92                 status = -ENOMEM;
  93                 if (pf->auth_domain_name == NULL)
  94                         goto out;
  95                 status = svcauth_gss_register_pseudoflavor(pf->pseudoflavor,
  96                                                         pf->auth_domain_name);
  97                 if (status)
  98                         goto out;
  99         }
 100         return 0;
 101 out:
 102         gss_mech_free(gm);
 103         return status;
 104 }
 105
 106 /**
 107  * gss_mech_register - register a GSS mechanism
 108  * @gm: GSS mechanism handle
 109  *
 110  * Returns zero if successful, or a negative errno.
 111  */
 112 int gss_mech_register(struct gss_api_mech *gm)
 113 {
 114         int status;
 115
 116         status = gss_mech_svc_setup(gm);
 117         if (status)
 118                 return status;
 119         spin_lock(&registered_mechs_lock);
 120         list_add(&gm->gm_list, &registered_mechs);
 121         spin_unlock(&registered_mechs_lock);
 122         dprintk("RPC:       registered gss mechanism %s\n", gm->gm_name);
 123         return 0;
 124 }
 125 EXPORT_SYMBOL_GPL(gss_mech_register);
 126
 127 /**
 128  * gss_mech_unregister - release a GSS mechanism
 129  * @gm: GSS mechanism handle
 130  *
 131  */
 132 void gss_mech_unregister(struct gss_api_mech *gm)
 133 {
 134         spin_lock(&registered_mechs_lock);
 135         list_del(&gm->gm_list);
 136         spin_unlock(&registered_mechs_lock);
 137         dprintk("RPC:       unregistered gss mechanism %s\n", gm->gm_name);
 138         gss_mech_free(gm);
 139 }
 140 EXPORT_SYMBOL_GPL(gss_mech_unregister);
 141
 142 static struct gss_api_mech *gss_mech_get(struct gss_api_mech *gm)
 143 {
 144         __module_get(gm->gm_owner);
 145         return gm;
 146 }
 147
 148 static struct gss_api_mech *
 149 _gss_mech_get_by_name(const char *name)
 150 {
 151         struct gss_api_mech     *pos, *gm = NULL;
 152
 153         spin_lock(&registered_mechs_lock);
 154         list_for_each_entry(pos, &registered_mechs, gm_list) {
 155                 if (0 == strcmp(name, pos->gm_name)) {
 156                         if (try_module_get(pos->gm_owner))
 157                                 gm = pos;
 158                         break;
 159                 }
 160         }
 161         spin_unlock(&registered_mechs_lock);
 162         return gm;
 163
 164 }
 165
 166 struct gss_api_mech * gss_mech_get_by_name(const char *name)
 167 {
 168         struct gss_api_mech *gm = NULL;
 169
 170         gm = _gss_mech_get_by_name(name);
 171         if (!gm) {
 172                 request_module("rpc-auth-gss-%s", name);
 173                 gm = _gss_mech_get_by_name(name);
 174         }
 175         return gm;
 176 }
 177
 178 struct gss_api_mech *gss_mech_get_by_OID(struct rpcsec_gss_oid *obj)
 179 {
 180         struct gss_api_mech     *pos, *gm = NULL;
 181         char buf[32];
 182
 183         if (sprint_oid(obj->data, obj->len, buf, sizeof(buf)) < 0)
 184                 return NULL;
 185         dprintk("RPC:       %s(%s)\n", __func__, buf);
 186         request_module("rpc-auth-gss-%s", buf);
 187
 188         spin_lock(&registered_mechs_lock);
 189         list_for_each_entry(pos, &registered_mechs, gm_list) {
 190                 if (obj->len == pos->gm_oid.len) {
 191                         if (0 == memcmp(obj->data, pos->gm_oid.data, obj->len)) {
 192                                 if (try_module_get(pos->gm_owner))
 193                                         gm = pos;
 194                                 break;
 195                         }
 196                 }
 197         }
 198         spin_unlock(&registered_mechs_lock);
 199         return gm;
 200 }
 201
 202 static inline int
 203 mech_supports_pseudoflavor(struct gss_api_mech *gm, u32 pseudoflavor)
 204 {
 205         int i;
 206
 207         for (i = 0; i < gm->gm_pf_num; i++) {
 208                 if (gm->gm_pfs[i].pseudoflavor == pseudoflavor)
 209                         return 1;
 210         }
 211         return 0;
 212 }
 213
 214 static struct gss_api_mech *_gss_mech_get_by_pseudoflavor(u32 pseudoflavor)
 215 {
 216         struct gss_api_mech *gm = NULL, *pos;
 217
 218         spin_lock(&registered_mechs_lock);
 219         list_for_each_entry(pos, &registered_mechs, gm_list) {
 220                 if (!mech_supports_pseudoflavor(pos, pseudoflavor)) {
 221                         module_put(pos->gm_owner);
 222                         continue;
 223                 }
 224                 if (try_module_get(pos->gm_owner))
 225                         gm = pos;
 226                 break;
 227         }
 228         spin_unlock(&registered_mechs_lock);
 229         return gm;
 230 }
 231
 232 struct gss_api_mech *
 233 gss_mech_get_by_pseudoflavor(u32 pseudoflavor)
 234 {
 235         struct gss_api_mech *gm;
 236
 237         gm = _gss_mech_get_by_pseudoflavor(pseudoflavor);
 238
 239         if (!gm) {
 240                 request_module("rpc-auth-gss-%u", pseudoflavor);
 241                 gm = _gss_mech_get_by_pseudoflavor(pseudoflavor);
 242         }
 243         return gm;
 244 }
 245
 246 /**
 247  * gss_mech_list_pseudoflavors - Discover registered GSS pseudoflavors
 248  * @array: array to fill in
 249  * @size: size of "array"
 250  *
 251  * Returns the number of array items filled in, or a negative errno.
 252  *
 253  * The returned array is not sorted by any policy.  Callers should not
 254  * rely on the order of the items in the returned array.
 255  */
 256 int gss_mech_list_pseudoflavors(rpc_authflavor_t *array_ptr, int size)
 257 {
 258         struct gss_api_mech *pos = NULL;
 259         int j, i = 0;
 260
 261         spin_lock(&registered_mechs_lock);
 262         list_for_each_entry(pos, &registered_mechs, gm_list) {
 263                 for (j = 0; j < pos->gm_pf_num; j++) {
 264                         if (i >= size) {
 265                                 spin_unlock(&registered_mechs_lock);
 266                                 return -ENOMEM;
 267                         }
 268                         array_ptr[i++] = pos->gm_pfs[j].pseudoflavor;
 269                 }
 270         }
 271         spin_unlock(&registered_mechs_lock);
 272         return i;
 273 }
 274
 275 /**
 276  * gss_svc_to_pseudoflavor - map a GSS service number to a pseudoflavor
 277  * @gm: GSS mechanism handle
 278  * @qop: GSS quality-of-protection value
 279  * @service: GSS service value
 280  *
 281  * Returns a matching security flavor, or RPC_AUTH_MAXFLAVOR if none is found.
 282  */
 283 rpc_authflavor_t gss_svc_to_pseudoflavor(struct gss_api_mech *gm, u32 qop,
 284                                          u32 service)
 285 {
 286         int i;
 287
 288         for (i = 0; i < gm->gm_pf_num; i++) {
 289                 if (gm->gm_pfs[i].qop == qop &&
 290                     gm->gm_pfs[i].service == service) {
 291                         return gm->gm_pfs[i].pseudoflavor;
 292                 }
 293         }
 294         return RPC_AUTH_MAXFLAVOR;
 295 }
 296
 297 /**
 298  * gss_mech_info2flavor - look up a pseudoflavor given a GSS tuple
 299  * @info: a GSS mech OID, quality of protection, and service value
 300  *
 301  * Returns a matching pseudoflavor, or RPC_AUTH_MAXFLAVOR if the tuple is
 302  * not supported.
 303  */
 304 rpc_authflavor_t gss_mech_info2flavor(struct rpcsec_gss_info *info)
 305 {
 306         rpc_authflavor_t pseudoflavor;
 307         struct gss_api_mech *gm;
 308
 309         gm = gss_mech_get_by_OID(&info->oid);
 310         if (gm == NULL)
 311                 return RPC_AUTH_MAXFLAVOR;
 312
 313         pseudoflavor = gss_svc_to_pseudoflavor(gm, info->qop, info->service);
 314
 315         gss_mech_put(gm);
 316         return pseudoflavor;
 317 }
 318
 319 /**
 320  * gss_mech_flavor2info - look up a GSS tuple for a given pseudoflavor
 321  * @pseudoflavor: GSS pseudoflavor to match
 322  * @info: rpcsec_gss_info structure to fill in
 323  *
 324  * Returns zero and fills in "info" if pseudoflavor matches a
 325  * supported mechanism.  Otherwise a negative errno is returned.
 326  */
 327 int gss_mech_flavor2info(rpc_authflavor_t pseudoflavor,
 328                          struct rpcsec_gss_info *info)
 329 {
 330         struct gss_api_mech *gm;
 331         int i;
 332
 333         gm = gss_mech_get_by_pseudoflavor(pseudoflavor);
 334         if (gm == NULL)
 335                 return -ENOENT;
 336
 337         for (i = 0; i < gm->gm_pf_num; i++) {
 338                 if (gm->gm_pfs[i].pseudoflavor == pseudoflavor) {
 339                         memcpy(info->oid.data, gm->gm_oid.data, gm->gm_oid.len);
 340                         info->oid.len = gm->gm_oid.len;
 341                         info->qop = gm->gm_pfs[i].qop;
 342                         info->service = gm->gm_pfs[i].service;
 343                         gss_mech_put(gm);
 344                         return 0;
 345                 }
 346         }
 347
 348         gss_mech_put(gm);
 349         return -ENOENT;
 350 }
 351
 352 u32
 353 gss_pseudoflavor_to_service(struct gss_api_mech *gm, u32 pseudoflavor)
 354 {
 355         int i;
 356
 357         for (i = 0; i < gm->gm_pf_num; i++) {
 358                 if (gm->gm_pfs[i].pseudoflavor == pseudoflavor)
 359                         return gm->gm_pfs[i].service;
 360         }
 361         return 0;
 362 }
 363
 364 char *
 365 gss_service_to_auth_domain_name(struct gss_api_mech *gm, u32 service)
 366 {
 367         int i;
 368
 369         for (i = 0; i < gm->gm_pf_num; i++) {
 370                 if (gm->gm_pfs[i].service == service)
 371                         return gm->gm_pfs[i].auth_domain_name;
 372         }
 373         return NULL;
 374 }
 375
 376 void
 377 gss_mech_put(struct gss_api_mech * gm)
 378 {
 379         if (gm)
 380                 module_put(gm->gm_owner);
 381 }
 382
 383 /* The mech could probably be determined from the token instead, but it's just
 384  * as easy for now to pass it in. */
 385 int
 386 gss_import_sec_context(const void *input_token, size_t bufsize,
 387                        struct gss_api_mech      *mech,
 388                        struct gss_ctx           **ctx_id,
 389                        time_t                   *endtime,
 390                        gfp_t gfp_mask)
 391 {
 392         if (!(*ctx_id = kzalloc(sizeof(**ctx_id), gfp_mask)))
 393                 return -ENOMEM;
 394         (*ctx_id)->mech_type = gss_mech_get(mech);
 395
 396         return mech->gm_ops->gss_import_sec_context(input_token, bufsize,
 397                                                 *ctx_id, endtime, gfp_mask);
 398 }
 399
 400 /* gss_get_mic: compute a mic over message and return mic_token. */
 401
 402 u32
 403 gss_get_mic(struct gss_ctx      *context_handle,
 404             struct xdr_buf      *message,
 405             struct xdr_netobj   *mic_token)
 406 {
 407          return context_handle->mech_type->gm_ops
 408                 ->gss_get_mic(context_handle,
 409                               message,
 410                               mic_token);
 411 }
 412
 413 /* gss_verify_mic: check whether the provided mic_token verifies message. */
 414
 415 u32
 416 gss_verify_mic(struct gss_ctx           *context_handle,
 417                struct xdr_buf           *message,
 418                struct xdr_netobj        *mic_token)
 419 {
 420         return context_handle->mech_type->gm_ops
 421                 ->gss_verify_mic(context_handle,
 422                                  message,
 423                                  mic_token);
 424 }
 425
 426 /*
 427  * This function is called from both the client and server code.
 428  * Each makes guarantees about how much "slack" space is available
 429  * for the underlying function in "buf"'s head and tail while
 430  * performing the wrap.
 431  *
 432  * The client and server code allocate RPC_MAX_AUTH_SIZE extra
 433  * space in both the head and tail which is available for use by
 434  * the wrap function.
 435  *
 436  * Underlying functions should verify they do not use more than
 437  * RPC_MAX_AUTH_SIZE of extra space in either the head or tail
 438  * when performing the wrap.
 439  */
 440 u32
 441 gss_wrap(struct gss_ctx *ctx_id,
 442          int            offset,
 443          struct xdr_buf *buf,
 444          struct page    **inpages)
 445 {
 446         return ctx_id->mech_type->gm_ops
 447                 ->gss_wrap(ctx_id, offset, buf, inpages);
 448 }
 449
 450 u32
 451 gss_unwrap(struct gss_ctx       *ctx_id,
 452            int                  offset,
 453            struct xdr_buf       *buf)
 454 {
 455         return ctx_id->mech_type->gm_ops
 456                 ->gss_unwrap(ctx_id, offset, buf);
 457 }
 458
 459
 460 /* gss_delete_sec_context: free all resources associated with context_handle.
 461  * Note this differs from the RFC 2744-specified prototype in that we don't
 462  * bother returning an output token, since it would never be used anyway. */
 463
 464 u32
 465 gss_delete_sec_context(struct gss_ctx   **context_handle)
 466 {
 467         dprintk("RPC:       gss_delete_sec_context deleting %p\n",
 468                         *context_handle);
 469
 470         if (!*context_handle)
 471                 return GSS_S_NO_CONTEXT;
 472         if ((*context_handle)->internal_ctx_id)
 473                 (*context_handle)->mech_type->gm_ops
 474                         ->gss_delete_sec_context((*context_handle)
 475                                                         ->internal_ctx_id);
 476         gss_mech_put((*context_handle)->mech_type);
 477         kfree(*context_handle);
 478         *context_handle=NULL;
 479         return GSS_S_COMPLETE;
 480 }