1 /* 2 * linux/net/sunrpc/gss_mech_switch.c 3 * 4 * Copyright (c) 2001 The Regents of the University of Michigan. 5 * All rights reserved. 6 * 7 * J. Bruce Fields <bfields@umich.edu> 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. Neither the name of the University nor the names of its 19 * contributors may be used to endorse or promote products derived 20 * from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED 23 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 24 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 25 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 27 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 28 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR 29 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 30 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 31 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 32 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 * 34 */ 35 36 #include <linux/types.h> 37 #include <linux/slab.h> 38 #include <linux/module.h> 39 #include <linux/oid_registry.h> 40 #include <linux/sunrpc/msg_prot.h> 41 #include <linux/sunrpc/gss_asn1.h> 42 #include <linux/sunrpc/auth_gss.h> 43 #include <linux/sunrpc/svcauth_gss.h> 44 #include <linux/sunrpc/gss_err.h> 45 #include <linux/sunrpc/sched.h> 46 #include <linux/sunrpc/gss_api.h> 47 #include <linux/sunrpc/clnt.h> 48 49 #if IS_ENABLED(CONFIG_SUNRPC_DEBUG) 50 # define RPCDBG_FACILITY RPCDBG_AUTH 51 #endif 52 53 static LIST_HEAD(registered_mechs); 54 static DEFINE_SPINLOCK(registered_mechs_lock); 55 56 static void 57 gss_mech_free(struct gss_api_mech *gm) 58 { 59 struct pf_desc *pf; 60 int i; 61 62 for (i = 0; i < gm->gm_pf_num; i++) { 63 pf = &gm->gm_pfs[i]; 64 kfree(pf->auth_domain_name); 65 pf->auth_domain_name = NULL; 66 } 67 } 68 69 static inline char * 70 make_auth_domain_name(char *name) 71 { 72 static char *prefix = "gss/"; 73 char *new; 74 75 new = kmalloc(strlen(name) + strlen(prefix) + 1, GFP_KERNEL); 76 if (new) { 77 strcpy(new, prefix); 78 strcat(new, name); 79 } 80 return new; 81 } 82 83 static int 84 gss_mech_svc_setup(struct gss_api_mech *gm) 85 { 86 struct pf_desc *pf; 87 int i, status; 88 89 for (i = 0; i < gm->gm_pf_num; i++) { 90 pf = &gm->gm_pfs[i]; 91 pf->auth_domain_name = make_auth_domain_name(pf->name); 92 status = -ENOMEM; 93 if (pf->auth_domain_name == NULL) 94 goto out; 95 status = svcauth_gss_register_pseudoflavor(pf->pseudoflavor, 96 pf->auth_domain_name); 97 if (status) 98 goto out; 99 } 100 return 0; 101 out: 102 gss_mech_free(gm); 103 return status; 104 } 105 106 /** 107 * gss_mech_register - register a GSS mechanism 108 * @gm: GSS mechanism handle 109 * 110 * Returns zero if successful, or a negative errno. 111 */ 112 int gss_mech_register(struct gss_api_mech *gm) 113 { 114 int status; 115 116 status = gss_mech_svc_setup(gm); 117 if (status) 118 return status; 119 spin_lock(®istered_mechs_lock); 120 list_add_rcu(&gm->gm_list, ®istered_mechs); 121 spin_unlock(®istered_mechs_lock); 122 dprintk("RPC: registered gss mechanism %s\n", gm->gm_name); 123 return 0; 124 } 125 EXPORT_SYMBOL_GPL(gss_mech_register); 126 127 /** 128 * gss_mech_unregister - release a GSS mechanism 129 * @gm: GSS mechanism handle 130 * 131 */ 132 void gss_mech_unregister(struct gss_api_mech *gm) 133 { 134 spin_lock(®istered_mechs_lock); 135 list_del_rcu(&gm->gm_list); 136 spin_unlock(®istered_mechs_lock); 137 dprintk("RPC: unregistered gss mechanism %s\n", gm->gm_name); 138 gss_mech_free(gm); 139 } 140 EXPORT_SYMBOL_GPL(gss_mech_unregister); 141 142 struct gss_api_mech *gss_mech_get(struct gss_api_mech *gm) 143 { 144 __module_get(gm->gm_owner); 145 return gm; 146 } 147 EXPORT_SYMBOL(gss_mech_get); 148 149 static struct gss_api_mech * 150 _gss_mech_get_by_name(const char *name) 151 { 152 struct gss_api_mech *pos, *gm = NULL; 153 154 rcu_read_lock(); 155 list_for_each_entry_rcu(pos, ®istered_mechs, gm_list) { 156 if (0 == strcmp(name, pos->gm_name)) { 157 if (try_module_get(pos->gm_owner)) 158 gm = pos; 159 break; 160 } 161 } 162 rcu_read_unlock(); 163 return gm; 164 165 } 166 167 struct gss_api_mech * gss_mech_get_by_name(const char *name) 168 { 169 struct gss_api_mech *gm = NULL; 170 171 gm = _gss_mech_get_by_name(name); 172 if (!gm) { 173 request_module("rpc-auth-gss-%s", name); 174 gm = _gss_mech_get_by_name(name); 175 } 176 return gm; 177 } 178 179 struct gss_api_mech *gss_mech_get_by_OID(struct rpcsec_gss_oid *obj) 180 { 181 struct gss_api_mech *pos, *gm = NULL; 182 char buf[32]; 183 184 if (sprint_oid(obj->data, obj->len, buf, sizeof(buf)) < 0) 185 return NULL; 186 dprintk("RPC: %s(%s)\n", __func__, buf); 187 request_module("rpc-auth-gss-%s", buf); 188 189 rcu_read_lock(); 190 list_for_each_entry_rcu(pos, ®istered_mechs, gm_list) { 191 if (obj->len == pos->gm_oid.len) { 192 if (0 == memcmp(obj->data, pos->gm_oid.data, obj->len)) { 193 if (try_module_get(pos->gm_owner)) 194 gm = pos; 195 break; 196 } 197 } 198 } 199 rcu_read_unlock(); 200 return gm; 201 } 202 203 static inline int 204 mech_supports_pseudoflavor(struct gss_api_mech *gm, u32 pseudoflavor) 205 { 206 int i; 207 208 for (i = 0; i < gm->gm_pf_num; i++) { 209 if (gm->gm_pfs[i].pseudoflavor == pseudoflavor) 210 return 1; 211 } 212 return 0; 213 } 214 215 static struct gss_api_mech *_gss_mech_get_by_pseudoflavor(u32 pseudoflavor) 216 { 217 struct gss_api_mech *gm = NULL, *pos; 218 219 rcu_read_lock(); 220 list_for_each_entry_rcu(pos, ®istered_mechs, gm_list) { 221 if (!mech_supports_pseudoflavor(pos, pseudoflavor)) 222 continue; 223 if (try_module_get(pos->gm_owner)) 224 gm = pos; 225 break; 226 } 227 rcu_read_unlock(); 228 return gm; 229 } 230 231 struct gss_api_mech * 232 gss_mech_get_by_pseudoflavor(u32 pseudoflavor) 233 { 234 struct gss_api_mech *gm; 235 236 gm = _gss_mech_get_by_pseudoflavor(pseudoflavor); 237 238 if (!gm) { 239 request_module("rpc-auth-gss-%u", pseudoflavor); 240 gm = _gss_mech_get_by_pseudoflavor(pseudoflavor); 241 } 242 return gm; 243 } 244 245 /** 246 * gss_mech_list_pseudoflavors - Discover registered GSS pseudoflavors 247 * @array_ptr: array to fill in 248 * @size: size of "array" 249 * 250 * Returns the number of array items filled in, or a negative errno. 251 * 252 * The returned array is not sorted by any policy. Callers should not 253 * rely on the order of the items in the returned array. 254 */ 255 int gss_mech_list_pseudoflavors(rpc_authflavor_t *array_ptr, int size) 256 { 257 struct gss_api_mech *pos = NULL; 258 int j, i = 0; 259 260 rcu_read_lock(); 261 list_for_each_entry_rcu(pos, ®istered_mechs, gm_list) { 262 for (j = 0; j < pos->gm_pf_num; j++) { 263 if (i >= size) { 264 spin_unlock(®istered_mechs_lock); 265 return -ENOMEM; 266 } 267 array_ptr[i++] = pos->gm_pfs[j].pseudoflavor; 268 } 269 } 270 rcu_read_unlock(); 271 return i; 272 } 273 274 /** 275 * gss_svc_to_pseudoflavor - map a GSS service number to a pseudoflavor 276 * @gm: GSS mechanism handle 277 * @qop: GSS quality-of-protection value 278 * @service: GSS service value 279 * 280 * Returns a matching security flavor, or RPC_AUTH_MAXFLAVOR if none is found. 281 */ 282 rpc_authflavor_t gss_svc_to_pseudoflavor(struct gss_api_mech *gm, u32 qop, 283 u32 service) 284 { 285 int i; 286 287 for (i = 0; i < gm->gm_pf_num; i++) { 288 if (gm->gm_pfs[i].qop == qop && 289 gm->gm_pfs[i].service == service) { 290 return gm->gm_pfs[i].pseudoflavor; 291 } 292 } 293 return RPC_AUTH_MAXFLAVOR; 294 } 295 296 /** 297 * gss_mech_info2flavor - look up a pseudoflavor given a GSS tuple 298 * @info: a GSS mech OID, quality of protection, and service value 299 * 300 * Returns a matching pseudoflavor, or RPC_AUTH_MAXFLAVOR if the tuple is 301 * not supported. 302 */ 303 rpc_authflavor_t gss_mech_info2flavor(struct rpcsec_gss_info *info) 304 { 305 rpc_authflavor_t pseudoflavor; 306 struct gss_api_mech *gm; 307 308 gm = gss_mech_get_by_OID(&info->oid); 309 if (gm == NULL) 310 return RPC_AUTH_MAXFLAVOR; 311 312 pseudoflavor = gss_svc_to_pseudoflavor(gm, info->qop, info->service); 313 314 gss_mech_put(gm); 315 return pseudoflavor; 316 } 317 318 /** 319 * gss_mech_flavor2info - look up a GSS tuple for a given pseudoflavor 320 * @pseudoflavor: GSS pseudoflavor to match 321 * @info: rpcsec_gss_info structure to fill in 322 * 323 * Returns zero and fills in "info" if pseudoflavor matches a 324 * supported mechanism. Otherwise a negative errno is returned. 325 */ 326 int gss_mech_flavor2info(rpc_authflavor_t pseudoflavor, 327 struct rpcsec_gss_info *info) 328 { 329 struct gss_api_mech *gm; 330 int i; 331 332 gm = gss_mech_get_by_pseudoflavor(pseudoflavor); 333 if (gm == NULL) 334 return -ENOENT; 335 336 for (i = 0; i < gm->gm_pf_num; i++) { 337 if (gm->gm_pfs[i].pseudoflavor == pseudoflavor) { 338 memcpy(info->oid.data, gm->gm_oid.data, gm->gm_oid.len); 339 info->oid.len = gm->gm_oid.len; 340 info->qop = gm->gm_pfs[i].qop; 341 info->service = gm->gm_pfs[i].service; 342 gss_mech_put(gm); 343 return 0; 344 } 345 } 346 347 gss_mech_put(gm); 348 return -ENOENT; 349 } 350 351 u32 352 gss_pseudoflavor_to_service(struct gss_api_mech *gm, u32 pseudoflavor) 353 { 354 int i; 355 356 for (i = 0; i < gm->gm_pf_num; i++) { 357 if (gm->gm_pfs[i].pseudoflavor == pseudoflavor) 358 return gm->gm_pfs[i].service; 359 } 360 return 0; 361 } 362 EXPORT_SYMBOL(gss_pseudoflavor_to_service); 363 364 bool 365 gss_pseudoflavor_to_datatouch(struct gss_api_mech *gm, u32 pseudoflavor) 366 { 367 int i; 368 369 for (i = 0; i < gm->gm_pf_num; i++) { 370 if (gm->gm_pfs[i].pseudoflavor == pseudoflavor) 371 return gm->gm_pfs[i].datatouch; 372 } 373 return false; 374 } 375 376 char * 377 gss_service_to_auth_domain_name(struct gss_api_mech *gm, u32 service) 378 { 379 int i; 380 381 for (i = 0; i < gm->gm_pf_num; i++) { 382 if (gm->gm_pfs[i].service == service) 383 return gm->gm_pfs[i].auth_domain_name; 384 } 385 return NULL; 386 } 387 388 void 389 gss_mech_put(struct gss_api_mech * gm) 390 { 391 if (gm) 392 module_put(gm->gm_owner); 393 } 394 EXPORT_SYMBOL(gss_mech_put); 395 396 /* The mech could probably be determined from the token instead, but it's just 397 * as easy for now to pass it in. */ 398 int 399 gss_import_sec_context(const void *input_token, size_t bufsize, 400 struct gss_api_mech *mech, 401 struct gss_ctx **ctx_id, 402 time_t *endtime, 403 gfp_t gfp_mask) 404 { 405 if (!(*ctx_id = kzalloc(sizeof(**ctx_id), gfp_mask))) 406 return -ENOMEM; 407 (*ctx_id)->mech_type = gss_mech_get(mech); 408 409 return mech->gm_ops->gss_import_sec_context(input_token, bufsize, 410 *ctx_id, endtime, gfp_mask); 411 } 412 413 /* gss_get_mic: compute a mic over message and return mic_token. */ 414 415 u32 416 gss_get_mic(struct gss_ctx *context_handle, 417 struct xdr_buf *message, 418 struct xdr_netobj *mic_token) 419 { 420 return context_handle->mech_type->gm_ops 421 ->gss_get_mic(context_handle, 422 message, 423 mic_token); 424 } 425 426 /* gss_verify_mic: check whether the provided mic_token verifies message. */ 427 428 u32 429 gss_verify_mic(struct gss_ctx *context_handle, 430 struct xdr_buf *message, 431 struct xdr_netobj *mic_token) 432 { 433 return context_handle->mech_type->gm_ops 434 ->gss_verify_mic(context_handle, 435 message, 436 mic_token); 437 } 438 439 /* 440 * This function is called from both the client and server code. 441 * Each makes guarantees about how much "slack" space is available 442 * for the underlying function in "buf"'s head and tail while 443 * performing the wrap. 444 * 445 * The client and server code allocate RPC_MAX_AUTH_SIZE extra 446 * space in both the head and tail which is available for use by 447 * the wrap function. 448 * 449 * Underlying functions should verify they do not use more than 450 * RPC_MAX_AUTH_SIZE of extra space in either the head or tail 451 * when performing the wrap. 452 */ 453 u32 454 gss_wrap(struct gss_ctx *ctx_id, 455 int offset, 456 struct xdr_buf *buf, 457 struct page **inpages) 458 { 459 return ctx_id->mech_type->gm_ops 460 ->gss_wrap(ctx_id, offset, buf, inpages); 461 } 462 463 u32 464 gss_unwrap(struct gss_ctx *ctx_id, 465 int offset, 466 struct xdr_buf *buf) 467 { 468 return ctx_id->mech_type->gm_ops 469 ->gss_unwrap(ctx_id, offset, buf); 470 } 471 472 473 /* gss_delete_sec_context: free all resources associated with context_handle. 474 * Note this differs from the RFC 2744-specified prototype in that we don't 475 * bother returning an output token, since it would never be used anyway. */ 476 477 u32 478 gss_delete_sec_context(struct gss_ctx **context_handle) 479 { 480 dprintk("RPC: gss_delete_sec_context deleting %p\n", 481 *context_handle); 482 483 if (!*context_handle) 484 return GSS_S_NO_CONTEXT; 485 if ((*context_handle)->internal_ctx_id) 486 (*context_handle)->mech_type->gm_ops 487 ->gss_delete_sec_context((*context_handle) 488 ->internal_ctx_id); 489 gss_mech_put((*context_handle)->mech_type); 490 kfree(*context_handle); 491 *context_handle=NULL; 492 return GSS_S_COMPLETE; 493 } 494