1 /* 2 * GSS Proxy upcall module 3 * 4 * Copyright (C) 2012 Simo Sorce <simo@redhat.com> 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation; either version 2 of the License, or 9 * (at your option) any later version. 10 * 11 * This program is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, write to the Free Software 18 * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. 19 */ 20 21 #include <linux/sunrpc/svcauth.h> 22 #include "gss_rpc_xdr.h" 23 24 static int gssx_enc_bool(struct xdr_stream *xdr, int v) 25 { 26 __be32 *p; 27 28 p = xdr_reserve_space(xdr, 4); 29 if (unlikely(p == NULL)) 30 return -ENOSPC; 31 *p = v ? xdr_one : xdr_zero; 32 return 0; 33 } 34 35 static int gssx_dec_bool(struct xdr_stream *xdr, u32 *v) 36 { 37 __be32 *p; 38 39 p = xdr_inline_decode(xdr, 4); 40 if (unlikely(p == NULL)) 41 return -ENOSPC; 42 *v = be32_to_cpu(*p); 43 return 0; 44 } 45 46 static int gssx_enc_buffer(struct xdr_stream *xdr, 47 gssx_buffer *buf) 48 { 49 __be32 *p; 50 51 p = xdr_reserve_space(xdr, sizeof(u32) + buf->len); 52 if (!p) 53 return -ENOSPC; 54 xdr_encode_opaque(p, buf->data, buf->len); 55 return 0; 56 } 57 58 static int gssx_enc_in_token(struct xdr_stream *xdr, 59 struct gssp_in_token *in) 60 { 61 __be32 *p; 62 63 p = xdr_reserve_space(xdr, 4); 64 if (!p) 65 return -ENOSPC; 66 *p = cpu_to_be32(in->page_len); 67 68 /* all we need to do is to write pages */ 69 xdr_write_pages(xdr, in->pages, in->page_base, in->page_len); 70 71 return 0; 72 } 73 74 75 static int gssx_dec_buffer(struct xdr_stream *xdr, 76 gssx_buffer *buf) 77 { 78 u32 length; 79 __be32 *p; 80 81 p = xdr_inline_decode(xdr, 4); 82 if (unlikely(p == NULL)) 83 return -ENOSPC; 84 85 length = be32_to_cpup(p); 86 p = xdr_inline_decode(xdr, length); 87 if (unlikely(p == NULL)) 88 return -ENOSPC; 89 90 if (buf->len == 0) { 91 /* we intentionally are not interested in this buffer */ 92 return 0; 93 } 94 if (length > buf->len) 95 return -ENOSPC; 96 97 if (!buf->data) { 98 buf->data = kmemdup(p, length, GFP_KERNEL); 99 if (!buf->data) 100 return -ENOMEM; 101 } else { 102 memcpy(buf->data, p, length); 103 } 104 buf->len = length; 105 return 0; 106 } 107 108 static int gssx_enc_option(struct xdr_stream *xdr, 109 struct gssx_option *opt) 110 { 111 int err; 112 113 err = gssx_enc_buffer(xdr, &opt->option); 114 if (err) 115 return err; 116 err = gssx_enc_buffer(xdr, &opt->value); 117 return err; 118 } 119 120 static int gssx_dec_option(struct xdr_stream *xdr, 121 struct gssx_option *opt) 122 { 123 int err; 124 125 err = gssx_dec_buffer(xdr, &opt->option); 126 if (err) 127 return err; 128 err = gssx_dec_buffer(xdr, &opt->value); 129 return err; 130 } 131 132 static int dummy_enc_opt_array(struct xdr_stream *xdr, 133 struct gssx_option_array *oa) 134 { 135 __be32 *p; 136 137 if (oa->count != 0) 138 return -EINVAL; 139 140 p = xdr_reserve_space(xdr, 4); 141 if (!p) 142 return -ENOSPC; 143 *p = 0; 144 145 return 0; 146 } 147 148 static int dummy_dec_opt_array(struct xdr_stream *xdr, 149 struct gssx_option_array *oa) 150 { 151 struct gssx_option dummy; 152 u32 count, i; 153 __be32 *p; 154 155 p = xdr_inline_decode(xdr, 4); 156 if (unlikely(p == NULL)) 157 return -ENOSPC; 158 count = be32_to_cpup(p++); 159 memset(&dummy, 0, sizeof(dummy)); 160 for (i = 0; i < count; i++) { 161 gssx_dec_option(xdr, &dummy); 162 } 163 164 oa->count = 0; 165 oa->data = NULL; 166 return 0; 167 } 168 169 static int get_host_u32(struct xdr_stream *xdr, u32 *res) 170 { 171 __be32 *p; 172 173 p = xdr_inline_decode(xdr, 4); 174 if (!p) 175 return -EINVAL; 176 /* Contents of linux creds are all host-endian: */ 177 memcpy(res, p, sizeof(u32)); 178 return 0; 179 } 180 181 static int gssx_dec_linux_creds(struct xdr_stream *xdr, 182 struct svc_cred *creds) 183 { 184 u32 length; 185 __be32 *p; 186 u32 tmp; 187 u32 N; 188 int i, err; 189 190 p = xdr_inline_decode(xdr, 4); 191 if (unlikely(p == NULL)) 192 return -ENOSPC; 193 194 length = be32_to_cpup(p); 195 196 if (length > (3 + NGROUPS_MAX) * sizeof(u32)) 197 return -ENOSPC; 198 199 /* uid */ 200 err = get_host_u32(xdr, &tmp); 201 if (err) 202 return err; 203 creds->cr_uid = make_kuid(&init_user_ns, tmp); 204 205 /* gid */ 206 err = get_host_u32(xdr, &tmp); 207 if (err) 208 return err; 209 creds->cr_gid = make_kgid(&init_user_ns, tmp); 210 211 /* number of additional gid's */ 212 err = get_host_u32(xdr, &tmp); 213 if (err) 214 return err; 215 N = tmp; 216 if ((3 + N) * sizeof(u32) != length) 217 return -EINVAL; 218 creds->cr_group_info = groups_alloc(N); 219 if (creds->cr_group_info == NULL) 220 return -ENOMEM; 221 222 /* gid's */ 223 for (i = 0; i < N; i++) { 224 kgid_t kgid; 225 err = get_host_u32(xdr, &tmp); 226 if (err) 227 goto out_free_groups; 228 err = -EINVAL; 229 kgid = make_kgid(&init_user_ns, tmp); 230 if (!gid_valid(kgid)) 231 goto out_free_groups; 232 GROUP_AT(creds->cr_group_info, i) = kgid; 233 } 234 235 return 0; 236 out_free_groups: 237 groups_free(creds->cr_group_info); 238 return err; 239 } 240 241 static int gssx_dec_option_array(struct xdr_stream *xdr, 242 struct gssx_option_array *oa) 243 { 244 struct svc_cred *creds; 245 u32 count, i; 246 __be32 *p; 247 int err; 248 249 p = xdr_inline_decode(xdr, 4); 250 if (unlikely(p == NULL)) 251 return -ENOSPC; 252 count = be32_to_cpup(p++); 253 if (!count) 254 return 0; 255 256 /* we recognize only 1 currently: CREDS_VALUE */ 257 oa->count = 1; 258 259 oa->data = kmalloc(sizeof(struct gssx_option), GFP_KERNEL); 260 if (!oa->data) 261 return -ENOMEM; 262 263 creds = kmalloc(sizeof(struct svc_cred), GFP_KERNEL); 264 if (!creds) { 265 kfree(oa->data); 266 return -ENOMEM; 267 } 268 269 oa->data[0].option.data = CREDS_VALUE; 270 oa->data[0].option.len = sizeof(CREDS_VALUE); 271 oa->data[0].value.data = (void *)creds; 272 oa->data[0].value.len = 0; 273 274 for (i = 0; i < count; i++) { 275 gssx_buffer dummy = { 0, NULL }; 276 u32 length; 277 278 /* option buffer */ 279 p = xdr_inline_decode(xdr, 4); 280 if (unlikely(p == NULL)) 281 return -ENOSPC; 282 283 length = be32_to_cpup(p); 284 p = xdr_inline_decode(xdr, length); 285 if (unlikely(p == NULL)) 286 return -ENOSPC; 287 288 if (length == sizeof(CREDS_VALUE) && 289 memcmp(p, CREDS_VALUE, sizeof(CREDS_VALUE)) == 0) { 290 /* We have creds here. parse them */ 291 err = gssx_dec_linux_creds(xdr, creds); 292 if (err) 293 return err; 294 oa->data[0].value.len = 1; /* presence */ 295 } else { 296 /* consume uninteresting buffer */ 297 err = gssx_dec_buffer(xdr, &dummy); 298 if (err) 299 return err; 300 } 301 } 302 return 0; 303 } 304 305 static int gssx_dec_status(struct xdr_stream *xdr, 306 struct gssx_status *status) 307 { 308 __be32 *p; 309 int err; 310 311 /* status->major_status */ 312 p = xdr_inline_decode(xdr, 8); 313 if (unlikely(p == NULL)) 314 return -ENOSPC; 315 p = xdr_decode_hyper(p, &status->major_status); 316 317 /* status->mech */ 318 err = gssx_dec_buffer(xdr, &status->mech); 319 if (err) 320 return err; 321 322 /* status->minor_status */ 323 p = xdr_inline_decode(xdr, 8); 324 if (unlikely(p == NULL)) 325 return -ENOSPC; 326 p = xdr_decode_hyper(p, &status->minor_status); 327 328 /* status->major_status_string */ 329 err = gssx_dec_buffer(xdr, &status->major_status_string); 330 if (err) 331 return err; 332 333 /* status->minor_status_string */ 334 err = gssx_dec_buffer(xdr, &status->minor_status_string); 335 if (err) 336 return err; 337 338 /* status->server_ctx */ 339 err = gssx_dec_buffer(xdr, &status->server_ctx); 340 if (err) 341 return err; 342 343 /* we assume we have no options for now, so simply consume them */ 344 /* status->options */ 345 err = dummy_dec_opt_array(xdr, &status->options); 346 347 return err; 348 } 349 350 static int gssx_enc_call_ctx(struct xdr_stream *xdr, 351 struct gssx_call_ctx *ctx) 352 { 353 struct gssx_option opt; 354 __be32 *p; 355 int err; 356 357 /* ctx->locale */ 358 err = gssx_enc_buffer(xdr, &ctx->locale); 359 if (err) 360 return err; 361 362 /* ctx->server_ctx */ 363 err = gssx_enc_buffer(xdr, &ctx->server_ctx); 364 if (err) 365 return err; 366 367 /* we always want to ask for lucid contexts */ 368 /* ctx->options */ 369 p = xdr_reserve_space(xdr, 4); 370 *p = cpu_to_be32(2); 371 372 /* we want a lucid_v1 context */ 373 opt.option.data = LUCID_OPTION; 374 opt.option.len = sizeof(LUCID_OPTION); 375 opt.value.data = LUCID_VALUE; 376 opt.value.len = sizeof(LUCID_VALUE); 377 err = gssx_enc_option(xdr, &opt); 378 379 /* ..and user creds */ 380 opt.option.data = CREDS_OPTION; 381 opt.option.len = sizeof(CREDS_OPTION); 382 opt.value.data = CREDS_VALUE; 383 opt.value.len = sizeof(CREDS_VALUE); 384 err = gssx_enc_option(xdr, &opt); 385 386 return err; 387 } 388 389 static int gssx_dec_name_attr(struct xdr_stream *xdr, 390 struct gssx_name_attr *attr) 391 { 392 int err; 393 394 /* attr->attr */ 395 err = gssx_dec_buffer(xdr, &attr->attr); 396 if (err) 397 return err; 398 399 /* attr->value */ 400 err = gssx_dec_buffer(xdr, &attr->value); 401 if (err) 402 return err; 403 404 /* attr->extensions */ 405 err = dummy_dec_opt_array(xdr, &attr->extensions); 406 407 return err; 408 } 409 410 static int dummy_enc_nameattr_array(struct xdr_stream *xdr, 411 struct gssx_name_attr_array *naa) 412 { 413 __be32 *p; 414 415 if (naa->count != 0) 416 return -EINVAL; 417 418 p = xdr_reserve_space(xdr, 4); 419 if (!p) 420 return -ENOSPC; 421 *p = 0; 422 423 return 0; 424 } 425 426 static int dummy_dec_nameattr_array(struct xdr_stream *xdr, 427 struct gssx_name_attr_array *naa) 428 { 429 struct gssx_name_attr dummy = { .attr = {.len = 0} }; 430 u32 count, i; 431 __be32 *p; 432 433 p = xdr_inline_decode(xdr, 4); 434 if (unlikely(p == NULL)) 435 return -ENOSPC; 436 count = be32_to_cpup(p++); 437 for (i = 0; i < count; i++) { 438 gssx_dec_name_attr(xdr, &dummy); 439 } 440 441 naa->count = 0; 442 naa->data = NULL; 443 return 0; 444 } 445 446 static struct xdr_netobj zero_netobj = {}; 447 448 static struct gssx_name_attr_array zero_name_attr_array = {}; 449 450 static struct gssx_option_array zero_option_array = {}; 451 452 static int gssx_enc_name(struct xdr_stream *xdr, 453 struct gssx_name *name) 454 { 455 int err; 456 457 /* name->display_name */ 458 err = gssx_enc_buffer(xdr, &name->display_name); 459 if (err) 460 return err; 461 462 /* name->name_type */ 463 err = gssx_enc_buffer(xdr, &zero_netobj); 464 if (err) 465 return err; 466 467 /* name->exported_name */ 468 err = gssx_enc_buffer(xdr, &zero_netobj); 469 if (err) 470 return err; 471 472 /* name->exported_composite_name */ 473 err = gssx_enc_buffer(xdr, &zero_netobj); 474 if (err) 475 return err; 476 477 /* leave name_attributes empty for now, will add once we have any 478 * to pass up at all */ 479 /* name->name_attributes */ 480 err = dummy_enc_nameattr_array(xdr, &zero_name_attr_array); 481 if (err) 482 return err; 483 484 /* leave options empty for now, will add once we have any options 485 * to pass up at all */ 486 /* name->extensions */ 487 err = dummy_enc_opt_array(xdr, &zero_option_array); 488 489 return err; 490 } 491 492 493 static int gssx_dec_name(struct xdr_stream *xdr, 494 struct gssx_name *name) 495 { 496 struct xdr_netobj dummy_netobj = { .len = 0 }; 497 struct gssx_name_attr_array dummy_name_attr_array = { .count = 0 }; 498 struct gssx_option_array dummy_option_array = { .count = 0 }; 499 int err; 500 501 /* name->display_name */ 502 err = gssx_dec_buffer(xdr, &name->display_name); 503 if (err) 504 return err; 505 506 /* name->name_type */ 507 err = gssx_dec_buffer(xdr, &dummy_netobj); 508 if (err) 509 return err; 510 511 /* name->exported_name */ 512 err = gssx_dec_buffer(xdr, &dummy_netobj); 513 if (err) 514 return err; 515 516 /* name->exported_composite_name */ 517 err = gssx_dec_buffer(xdr, &dummy_netobj); 518 if (err) 519 return err; 520 521 /* we assume we have no attributes for now, so simply consume them */ 522 /* name->name_attributes */ 523 err = dummy_dec_nameattr_array(xdr, &dummy_name_attr_array); 524 if (err) 525 return err; 526 527 /* we assume we have no options for now, so simply consume them */ 528 /* name->extensions */ 529 err = dummy_dec_opt_array(xdr, &dummy_option_array); 530 531 return err; 532 } 533 534 static int dummy_enc_credel_array(struct xdr_stream *xdr, 535 struct gssx_cred_element_array *cea) 536 { 537 __be32 *p; 538 539 if (cea->count != 0) 540 return -EINVAL; 541 542 p = xdr_reserve_space(xdr, 4); 543 if (!p) 544 return -ENOSPC; 545 *p = 0; 546 547 return 0; 548 } 549 550 static int gssx_enc_cred(struct xdr_stream *xdr, 551 struct gssx_cred *cred) 552 { 553 int err; 554 555 /* cred->desired_name */ 556 err = gssx_enc_name(xdr, &cred->desired_name); 557 if (err) 558 return err; 559 560 /* cred->elements */ 561 err = dummy_enc_credel_array(xdr, &cred->elements); 562 if (err) 563 return err; 564 565 /* cred->cred_handle_reference */ 566 err = gssx_enc_buffer(xdr, &cred->cred_handle_reference); 567 if (err) 568 return err; 569 570 /* cred->needs_release */ 571 err = gssx_enc_bool(xdr, cred->needs_release); 572 573 return err; 574 } 575 576 static int gssx_enc_ctx(struct xdr_stream *xdr, 577 struct gssx_ctx *ctx) 578 { 579 __be32 *p; 580 int err; 581 582 /* ctx->exported_context_token */ 583 err = gssx_enc_buffer(xdr, &ctx->exported_context_token); 584 if (err) 585 return err; 586 587 /* ctx->state */ 588 err = gssx_enc_buffer(xdr, &ctx->state); 589 if (err) 590 return err; 591 592 /* ctx->need_release */ 593 err = gssx_enc_bool(xdr, ctx->need_release); 594 if (err) 595 return err; 596 597 /* ctx->mech */ 598 err = gssx_enc_buffer(xdr, &ctx->mech); 599 if (err) 600 return err; 601 602 /* ctx->src_name */ 603 err = gssx_enc_name(xdr, &ctx->src_name); 604 if (err) 605 return err; 606 607 /* ctx->targ_name */ 608 err = gssx_enc_name(xdr, &ctx->targ_name); 609 if (err) 610 return err; 611 612 /* ctx->lifetime */ 613 p = xdr_reserve_space(xdr, 8+8); 614 if (!p) 615 return -ENOSPC; 616 p = xdr_encode_hyper(p, ctx->lifetime); 617 618 /* ctx->ctx_flags */ 619 p = xdr_encode_hyper(p, ctx->ctx_flags); 620 621 /* ctx->locally_initiated */ 622 err = gssx_enc_bool(xdr, ctx->locally_initiated); 623 if (err) 624 return err; 625 626 /* ctx->open */ 627 err = gssx_enc_bool(xdr, ctx->open); 628 if (err) 629 return err; 630 631 /* leave options empty for now, will add once we have any options 632 * to pass up at all */ 633 /* ctx->options */ 634 err = dummy_enc_opt_array(xdr, &ctx->options); 635 636 return err; 637 } 638 639 static int gssx_dec_ctx(struct xdr_stream *xdr, 640 struct gssx_ctx *ctx) 641 { 642 __be32 *p; 643 int err; 644 645 /* ctx->exported_context_token */ 646 err = gssx_dec_buffer(xdr, &ctx->exported_context_token); 647 if (err) 648 return err; 649 650 /* ctx->state */ 651 err = gssx_dec_buffer(xdr, &ctx->state); 652 if (err) 653 return err; 654 655 /* ctx->need_release */ 656 err = gssx_dec_bool(xdr, &ctx->need_release); 657 if (err) 658 return err; 659 660 /* ctx->mech */ 661 err = gssx_dec_buffer(xdr, &ctx->mech); 662 if (err) 663 return err; 664 665 /* ctx->src_name */ 666 err = gssx_dec_name(xdr, &ctx->src_name); 667 if (err) 668 return err; 669 670 /* ctx->targ_name */ 671 err = gssx_dec_name(xdr, &ctx->targ_name); 672 if (err) 673 return err; 674 675 /* ctx->lifetime */ 676 p = xdr_inline_decode(xdr, 8+8); 677 if (unlikely(p == NULL)) 678 return -ENOSPC; 679 p = xdr_decode_hyper(p, &ctx->lifetime); 680 681 /* ctx->ctx_flags */ 682 p = xdr_decode_hyper(p, &ctx->ctx_flags); 683 684 /* ctx->locally_initiated */ 685 err = gssx_dec_bool(xdr, &ctx->locally_initiated); 686 if (err) 687 return err; 688 689 /* ctx->open */ 690 err = gssx_dec_bool(xdr, &ctx->open); 691 if (err) 692 return err; 693 694 /* we assume we have no options for now, so simply consume them */ 695 /* ctx->options */ 696 err = dummy_dec_opt_array(xdr, &ctx->options); 697 698 return err; 699 } 700 701 static int gssx_enc_cb(struct xdr_stream *xdr, struct gssx_cb *cb) 702 { 703 __be32 *p; 704 int err; 705 706 /* cb->initiator_addrtype */ 707 p = xdr_reserve_space(xdr, 8); 708 if (!p) 709 return -ENOSPC; 710 p = xdr_encode_hyper(p, cb->initiator_addrtype); 711 712 /* cb->initiator_address */ 713 err = gssx_enc_buffer(xdr, &cb->initiator_address); 714 if (err) 715 return err; 716 717 /* cb->acceptor_addrtype */ 718 p = xdr_reserve_space(xdr, 8); 719 if (!p) 720 return -ENOSPC; 721 p = xdr_encode_hyper(p, cb->acceptor_addrtype); 722 723 /* cb->acceptor_address */ 724 err = gssx_enc_buffer(xdr, &cb->acceptor_address); 725 if (err) 726 return err; 727 728 /* cb->application_data */ 729 err = gssx_enc_buffer(xdr, &cb->application_data); 730 731 return err; 732 } 733 734 void gssx_enc_accept_sec_context(struct rpc_rqst *req, 735 struct xdr_stream *xdr, 736 struct gssx_arg_accept_sec_context *arg) 737 { 738 int err; 739 740 err = gssx_enc_call_ctx(xdr, &arg->call_ctx); 741 if (err) 742 goto done; 743 744 /* arg->context_handle */ 745 if (arg->context_handle) 746 err = gssx_enc_ctx(xdr, arg->context_handle); 747 else 748 err = gssx_enc_bool(xdr, 0); 749 if (err) 750 goto done; 751 752 /* arg->cred_handle */ 753 if (arg->cred_handle) 754 err = gssx_enc_cred(xdr, arg->cred_handle); 755 else 756 err = gssx_enc_bool(xdr, 0); 757 if (err) 758 goto done; 759 760 /* arg->input_token */ 761 err = gssx_enc_in_token(xdr, &arg->input_token); 762 if (err) 763 goto done; 764 765 /* arg->input_cb */ 766 if (arg->input_cb) 767 err = gssx_enc_cb(xdr, arg->input_cb); 768 else 769 err = gssx_enc_bool(xdr, 0); 770 if (err) 771 goto done; 772 773 err = gssx_enc_bool(xdr, arg->ret_deleg_cred); 774 if (err) 775 goto done; 776 777 /* leave options empty for now, will add once we have any options 778 * to pass up at all */ 779 /* arg->options */ 780 err = dummy_enc_opt_array(xdr, &arg->options); 781 782 xdr_inline_pages(&req->rq_rcv_buf, 783 PAGE_SIZE/2 /* pretty arbitrary */, 784 arg->pages, 0 /* page base */, arg->npages * PAGE_SIZE); 785 done: 786 if (err) 787 dprintk("RPC: gssx_enc_accept_sec_context: %d\n", err); 788 } 789 790 int gssx_dec_accept_sec_context(struct rpc_rqst *rqstp, 791 struct xdr_stream *xdr, 792 struct gssx_res_accept_sec_context *res) 793 { 794 u32 value_follows; 795 int err; 796 797 /* res->status */ 798 err = gssx_dec_status(xdr, &res->status); 799 if (err) 800 return err; 801 802 /* res->context_handle */ 803 err = gssx_dec_bool(xdr, &value_follows); 804 if (err) 805 return err; 806 if (value_follows) { 807 err = gssx_dec_ctx(xdr, res->context_handle); 808 if (err) 809 return err; 810 } else { 811 res->context_handle = NULL; 812 } 813 814 /* res->output_token */ 815 err = gssx_dec_bool(xdr, &value_follows); 816 if (err) 817 return err; 818 if (value_follows) { 819 err = gssx_dec_buffer(xdr, res->output_token); 820 if (err) 821 return err; 822 } else { 823 res->output_token = NULL; 824 } 825 826 /* res->delegated_cred_handle */ 827 err = gssx_dec_bool(xdr, &value_follows); 828 if (err) 829 return err; 830 if (value_follows) { 831 /* we do not support upcall servers sending this data. */ 832 return -EINVAL; 833 } 834 835 /* res->options */ 836 err = gssx_dec_option_array(xdr, &res->options); 837 838 return err; 839 } 840