1 /* 2 * linux/net/sunrpc/gss_mech_switch.c 3 * 4 * Copyright (c) 2001 The Regents of the University of Michigan. 5 * All rights reserved. 6 * 7 * J. Bruce Fields <bfields@umich.edu> 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its 19 * contributors may be used to endorse or promote products derived 20 * from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 23 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 24 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 27 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 28 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 29 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 30 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 31 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 32 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 * 34 */ 35 36 #include <linux/types.h> 37 #include <linux/slab.h> 38 #include <linux/module.h> 39 #include <linux/oid_registry.h> 40 #include <linux/sunrpc/msg_prot.h> 41 #include <linux/sunrpc/gss_asn1.h> 42 #include <linux/sunrpc/auth_gss.h> 43 #include <linux/sunrpc/svcauth_gss.h> 44 #include <linux/sunrpc/gss_err.h> 45 #include <linux/sunrpc/sched.h> 46 #include <linux/sunrpc/gss_api.h> 47 #include <linux/sunrpc/clnt.h> 48 49 #ifdef RPC_DEBUG 50 # define RPCDBG_FACILITY RPCDBG_AUTH 51 #endif 52 53 static LIST_HEAD(registered_mechs); 54 static DEFINE_SPINLOCK(registered_mechs_lock); 55 56 static void 57 gss_mech_free(struct gss_api_mech *gm) 58 { 59 struct pf_desc *pf; 60 int i; 61 62 for (i = 0; i < gm->gm_pf_num; i++) { 63 pf = &gm->gm_pfs[i]; 64 kfree(pf->auth_domain_name); 65 pf->auth_domain_name = NULL; 66 } 67 } 68 69 static inline char * 70 make_auth_domain_name(char *name) 71 { 72 static char *prefix = "gss/"; 73 char *new; 74 75 new = kmalloc(strlen(name) + strlen(prefix) + 1, GFP_KERNEL); 76 if (new) { 77 strcpy(new, prefix); 78 strcat(new, name); 79 } 80 return new; 81 } 82 83 static int 84 gss_mech_svc_setup(struct gss_api_mech *gm) 85 { 86 struct pf_desc *pf; 87 int i, status; 88 89 for (i = 0; i < gm->gm_pf_num; i++) { 90 pf = &gm->gm_pfs[i]; 91 pf->auth_domain_name = make_auth_domain_name(pf->name); 92 status = -ENOMEM; 93 if (pf->auth_domain_name == NULL) 94 goto out; 95 status = svcauth_gss_register_pseudoflavor(pf->pseudoflavor, 96 pf->auth_domain_name); 97 if (status) 98 goto out; 99 } 100 return 0; 101 out: 102 gss_mech_free(gm); 103 return status; 104 } 105 106 /** 107 * gss_mech_register - register a GSS mechanism 108 * @gm: GSS mechanism handle 109 * 110 * Returns zero if successful, or a negative errno. 111 */ 112 int gss_mech_register(struct gss_api_mech *gm) 113 { 114 int status; 115 116 status = gss_mech_svc_setup(gm); 117 if (status) 118 return status; 119 spin_lock(®istered_mechs_lock); 120 list_add(&gm->gm_list, ®istered_mechs); 121 spin_unlock(®istered_mechs_lock); 122 dprintk("RPC: registered gss mechanism %s\n", gm->gm_name); 123 return 0; 124 } 125 EXPORT_SYMBOL_GPL(gss_mech_register); 126 127 /** 128 * gss_mech_unregister - release a GSS mechanism 129 * @gm: GSS mechanism handle 130 * 131 */ 132 void gss_mech_unregister(struct gss_api_mech *gm) 133 { 134 spin_lock(®istered_mechs_lock); 135 list_del(&gm->gm_list); 136 spin_unlock(®istered_mechs_lock); 137 dprintk("RPC: unregistered gss mechanism %s\n", gm->gm_name); 138 gss_mech_free(gm); 139 } 140 EXPORT_SYMBOL_GPL(gss_mech_unregister); 141 142 struct gss_api_mech *gss_mech_get(struct gss_api_mech *gm) 143 { 144 __module_get(gm->gm_owner); 145 return gm; 146 } 147 EXPORT_SYMBOL(gss_mech_get); 148 149 static struct gss_api_mech * 150 _gss_mech_get_by_name(const char *name) 151 { 152 struct gss_api_mech *pos, *gm = NULL; 153 154 spin_lock(®istered_mechs_lock); 155 list_for_each_entry(pos, ®istered_mechs, gm_list) { 156 if (0 == strcmp(name, pos->gm_name)) { 157 if (try_module_get(pos->gm_owner)) 158 gm = pos; 159 break; 160 } 161 } 162 spin_unlock(®istered_mechs_lock); 163 return gm; 164 165 } 166 167 struct gss_api_mech * gss_mech_get_by_name(const char *name) 168 { 169 struct gss_api_mech *gm = NULL; 170 171 gm = _gss_mech_get_by_name(name); 172 if (!gm) { 173 request_module("rpc-auth-gss-%s", name); 174 gm = _gss_mech_get_by_name(name); 175 } 176 return gm; 177 } 178 179 struct gss_api_mech *gss_mech_get_by_OID(struct rpcsec_gss_oid *obj) 180 { 181 struct gss_api_mech *pos, *gm = NULL; 182 char buf[32]; 183 184 if (sprint_oid(obj->data, obj->len, buf, sizeof(buf)) < 0) 185 return NULL; 186 dprintk("RPC: %s(%s)\n", __func__, buf); 187 request_module("rpc-auth-gss-%s", buf); 188 189 spin_lock(®istered_mechs_lock); 190 list_for_each_entry(pos, ®istered_mechs, gm_list) { 191 if (obj->len == pos->gm_oid.len) { 192 if (0 == memcmp(obj->data, pos->gm_oid.data, obj->len)) { 193 if (try_module_get(pos->gm_owner)) 194 gm = pos; 195 break; 196 } 197 } 198 } 199 spin_unlock(®istered_mechs_lock); 200 return gm; 201 } 202 203 static inline int 204 mech_supports_pseudoflavor(struct gss_api_mech *gm, u32 pseudoflavor) 205 { 206 int i; 207 208 for (i = 0; i < gm->gm_pf_num; i++) { 209 if (gm->gm_pfs[i].pseudoflavor == pseudoflavor) 210 return 1; 211 } 212 return 0; 213 } 214 215 static struct gss_api_mech *_gss_mech_get_by_pseudoflavor(u32 pseudoflavor) 216 { 217 struct gss_api_mech *gm = NULL, *pos; 218 219 spin_lock(®istered_mechs_lock); 220 list_for_each_entry(pos, ®istered_mechs, gm_list) { 221 if (!mech_supports_pseudoflavor(pos, pseudoflavor)) { 222 module_put(pos->gm_owner); 223 continue; 224 } 225 if (try_module_get(pos->gm_owner)) 226 gm = pos; 227 break; 228 } 229 spin_unlock(®istered_mechs_lock); 230 return gm; 231 } 232 233 struct gss_api_mech * 234 gss_mech_get_by_pseudoflavor(u32 pseudoflavor) 235 { 236 struct gss_api_mech *gm; 237 238 gm = _gss_mech_get_by_pseudoflavor(pseudoflavor); 239 240 if (!gm) { 241 request_module("rpc-auth-gss-%u", pseudoflavor); 242 gm = _gss_mech_get_by_pseudoflavor(pseudoflavor); 243 } 244 return gm; 245 } 246 247 /** 248 * gss_mech_list_pseudoflavors - Discover registered GSS pseudoflavors 249 * @array: array to fill in 250 * @size: size of "array" 251 * 252 * Returns the number of array items filled in, or a negative errno. 253 * 254 * The returned array is not sorted by any policy. Callers should not 255 * rely on the order of the items in the returned array. 256 */ 257 int gss_mech_list_pseudoflavors(rpc_authflavor_t *array_ptr, int size) 258 { 259 struct gss_api_mech *pos = NULL; 260 int j, i = 0; 261 262 spin_lock(®istered_mechs_lock); 263 list_for_each_entry(pos, ®istered_mechs, gm_list) { 264 for (j = 0; j < pos->gm_pf_num; j++) { 265 if (i >= size) { 266 spin_unlock(®istered_mechs_lock); 267 return -ENOMEM; 268 } 269 array_ptr[i++] = pos->gm_pfs[j].pseudoflavor; 270 } 271 } 272 spin_unlock(®istered_mechs_lock); 273 return i; 274 } 275 276 /** 277 * gss_svc_to_pseudoflavor - map a GSS service number to a pseudoflavor 278 * @gm: GSS mechanism handle 279 * @qop: GSS quality-of-protection value 280 * @service: GSS service value 281 * 282 * Returns a matching security flavor, or RPC_AUTH_MAXFLAVOR if none is found. 283 */ 284 rpc_authflavor_t gss_svc_to_pseudoflavor(struct gss_api_mech *gm, u32 qop, 285 u32 service) 286 { 287 int i; 288 289 for (i = 0; i < gm->gm_pf_num; i++) { 290 if (gm->gm_pfs[i].qop == qop && 291 gm->gm_pfs[i].service == service) { 292 return gm->gm_pfs[i].pseudoflavor; 293 } 294 } 295 return RPC_AUTH_MAXFLAVOR; 296 } 297 298 /** 299 * gss_mech_info2flavor - look up a pseudoflavor given a GSS tuple 300 * @info: a GSS mech OID, quality of protection, and service value 301 * 302 * Returns a matching pseudoflavor, or RPC_AUTH_MAXFLAVOR if the tuple is 303 * not supported. 304 */ 305 rpc_authflavor_t gss_mech_info2flavor(struct rpcsec_gss_info *info) 306 { 307 rpc_authflavor_t pseudoflavor; 308 struct gss_api_mech *gm; 309 310 gm = gss_mech_get_by_OID(&info->oid); 311 if (gm == NULL) 312 return RPC_AUTH_MAXFLAVOR; 313 314 pseudoflavor = gss_svc_to_pseudoflavor(gm, info->qop, info->service); 315 316 gss_mech_put(gm); 317 return pseudoflavor; 318 } 319 320 /** 321 * gss_mech_flavor2info - look up a GSS tuple for a given pseudoflavor 322 * @pseudoflavor: GSS pseudoflavor to match 323 * @info: rpcsec_gss_info structure to fill in 324 * 325 * Returns zero and fills in "info" if pseudoflavor matches a 326 * supported mechanism. Otherwise a negative errno is returned. 327 */ 328 int gss_mech_flavor2info(rpc_authflavor_t pseudoflavor, 329 struct rpcsec_gss_info *info) 330 { 331 struct gss_api_mech *gm; 332 int i; 333 334 gm = gss_mech_get_by_pseudoflavor(pseudoflavor); 335 if (gm == NULL) 336 return -ENOENT; 337 338 for (i = 0; i < gm->gm_pf_num; i++) { 339 if (gm->gm_pfs[i].pseudoflavor == pseudoflavor) { 340 memcpy(info->oid.data, gm->gm_oid.data, gm->gm_oid.len); 341 info->oid.len = gm->gm_oid.len; 342 info->qop = gm->gm_pfs[i].qop; 343 info->service = gm->gm_pfs[i].service; 344 gss_mech_put(gm); 345 return 0; 346 } 347 } 348 349 gss_mech_put(gm); 350 return -ENOENT; 351 } 352 353 u32 354 gss_pseudoflavor_to_service(struct gss_api_mech *gm, u32 pseudoflavor) 355 { 356 int i; 357 358 for (i = 0; i < gm->gm_pf_num; i++) { 359 if (gm->gm_pfs[i].pseudoflavor == pseudoflavor) 360 return gm->gm_pfs[i].service; 361 } 362 return 0; 363 } 364 EXPORT_SYMBOL(gss_pseudoflavor_to_service); 365 366 char * 367 gss_service_to_auth_domain_name(struct gss_api_mech *gm, u32 service) 368 { 369 int i; 370 371 for (i = 0; i < gm->gm_pf_num; i++) { 372 if (gm->gm_pfs[i].service == service) 373 return gm->gm_pfs[i].auth_domain_name; 374 } 375 return NULL; 376 } 377 378 void 379 gss_mech_put(struct gss_api_mech * gm) 380 { 381 if (gm) 382 module_put(gm->gm_owner); 383 } 384 EXPORT_SYMBOL(gss_mech_put); 385 386 /* The mech could probably be determined from the token instead, but it's just 387 * as easy for now to pass it in. */ 388 int 389 gss_import_sec_context(const void *input_token, size_t bufsize, 390 struct gss_api_mech *mech, 391 struct gss_ctx **ctx_id, 392 time_t *endtime, 393 gfp_t gfp_mask) 394 { 395 if (!(*ctx_id = kzalloc(sizeof(**ctx_id), gfp_mask))) 396 return -ENOMEM; 397 (*ctx_id)->mech_type = gss_mech_get(mech); 398 399 return mech->gm_ops->gss_import_sec_context(input_token, bufsize, 400 *ctx_id, endtime, gfp_mask); 401 } 402 403 /* gss_get_mic: compute a mic over message and return mic_token. */ 404 405 u32 406 gss_get_mic(struct gss_ctx *context_handle, 407 struct xdr_buf *message, 408 struct xdr_netobj *mic_token) 409 { 410 return context_handle->mech_type->gm_ops 411 ->gss_get_mic(context_handle, 412 message, 413 mic_token); 414 } 415 416 /* gss_verify_mic: check whether the provided mic_token verifies message. */ 417 418 u32 419 gss_verify_mic(struct gss_ctx *context_handle, 420 struct xdr_buf *message, 421 struct xdr_netobj *mic_token) 422 { 423 return context_handle->mech_type->gm_ops 424 ->gss_verify_mic(context_handle, 425 message, 426 mic_token); 427 } 428 429 /* 430 * This function is called from both the client and server code. 431 * Each makes guarantees about how much "slack" space is available 432 * for the underlying function in "buf"'s head and tail while 433 * performing the wrap. 434 * 435 * The client and server code allocate RPC_MAX_AUTH_SIZE extra 436 * space in both the head and tail which is available for use by 437 * the wrap function. 438 * 439 * Underlying functions should verify they do not use more than 440 * RPC_MAX_AUTH_SIZE of extra space in either the head or tail 441 * when performing the wrap. 442 */ 443 u32 444 gss_wrap(struct gss_ctx *ctx_id, 445 int offset, 446 struct xdr_buf *buf, 447 struct page **inpages) 448 { 449 return ctx_id->mech_type->gm_ops 450 ->gss_wrap(ctx_id, offset, buf, inpages); 451 } 452 453 u32 454 gss_unwrap(struct gss_ctx *ctx_id, 455 int offset, 456 struct xdr_buf *buf) 457 { 458 return ctx_id->mech_type->gm_ops 459 ->gss_unwrap(ctx_id, offset, buf); 460 } 461 462 463 /* gss_delete_sec_context: free all resources associated with context_handle. 464 * Note this differs from the RFC 2744-specified prototype in that we don't 465 * bother returning an output token, since it would never be used anyway. */ 466 467 u32 468 gss_delete_sec_context(struct gss_ctx **context_handle) 469 { 470 dprintk("RPC: gss_delete_sec_context deleting %p\n", 471 *context_handle); 472 473 if (!*context_handle) 474 return GSS_S_NO_CONTEXT; 475 if ((*context_handle)->internal_ctx_id) 476 (*context_handle)->mech_type->gm_ops 477 ->gss_delete_sec_context((*context_handle) 478 ->internal_ctx_id); 479 gss_mech_put((*context_handle)->mech_type); 480 kfree(*context_handle); 481 *context_handle=NULL; 482 return GSS_S_COMPLETE; 483 } 484