1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * linux/net/sunrpc/auth_unix.c 4 * 5 * UNIX-style authentication; no AUTH_SHORT support 6 * 7 * Copyright (C) 1996, Olaf Kirch <okir@monad.swb.de> 8 */ 9 10 #include <linux/slab.h> 11 #include <linux/types.h> 12 #include <linux/sched.h> 13 #include <linux/module.h> 14 #include <linux/mempool.h> 15 #include <linux/sunrpc/clnt.h> 16 #include <linux/sunrpc/auth.h> 17 #include <linux/user_namespace.h> 18 19 20 #if IS_ENABLED(CONFIG_SUNRPC_DEBUG) 21 # define RPCDBG_FACILITY RPCDBG_AUTH 22 #endif 23 24 static struct rpc_auth unix_auth; 25 static const struct rpc_credops unix_credops; 26 static mempool_t *unix_pool; 27 28 static struct rpc_auth * 29 unx_create(const struct rpc_auth_create_args *args, struct rpc_clnt *clnt) 30 { 31 refcount_inc(&unix_auth.au_count); 32 return &unix_auth; 33 } 34 35 static void 36 unx_destroy(struct rpc_auth *auth) 37 { 38 } 39 40 /* 41 * Lookup AUTH_UNIX creds for current process 42 */ 43 static struct rpc_cred * 44 unx_lookup_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags) 45 { 46 gfp_t gfp = GFP_KERNEL; 47 struct rpc_cred *ret; 48 49 if (flags & RPCAUTH_LOOKUP_ASYNC) 50 gfp = GFP_NOWAIT | __GFP_NOWARN; 51 ret = mempool_alloc(unix_pool, gfp); 52 if (!ret) 53 return ERR_PTR(-ENOMEM); 54 rpcauth_init_cred(ret, acred, auth, &unix_credops); 55 ret->cr_flags = 1UL << RPCAUTH_CRED_UPTODATE; 56 return ret; 57 } 58 59 static void 60 unx_free_cred_callback(struct rcu_head *head) 61 { 62 struct rpc_cred *rpc_cred = container_of(head, struct rpc_cred, cr_rcu); 63 64 put_cred(rpc_cred->cr_cred); 65 mempool_free(rpc_cred, unix_pool); 66 } 67 68 static void 69 unx_destroy_cred(struct rpc_cred *cred) 70 { 71 call_rcu(&cred->cr_rcu, unx_free_cred_callback); 72 } 73 74 /* 75 * Match credentials against current the auth_cred. 76 */ 77 static int 78 unx_match(struct auth_cred *acred, struct rpc_cred *cred, int flags) 79 { 80 unsigned int groups = 0; 81 unsigned int i; 82 83 if (cred->cr_cred == acred->cred) 84 return 1; 85 86 if (!uid_eq(cred->cr_cred->fsuid, acred->cred->fsuid) || !gid_eq(cred->cr_cred->fsgid, acred->cred->fsgid)) 87 return 0; 88 89 if (acred->cred->group_info != NULL) 90 groups = acred->cred->group_info->ngroups; 91 if (groups > UNX_NGROUPS) 92 groups = UNX_NGROUPS; 93 if (cred->cr_cred->group_info == NULL) 94 return groups == 0; 95 if (groups != cred->cr_cred->group_info->ngroups) 96 return 0; 97 98 for (i = 0; i < groups ; i++) 99 if (!gid_eq(cred->cr_cred->group_info->gid[i], acred->cred->group_info->gid[i])) 100 return 0; 101 return 1; 102 } 103 104 /* 105 * Marshal credentials. 106 * Maybe we should keep a cached credential for performance reasons. 107 */ 108 static int 109 unx_marshal(struct rpc_task *task, struct xdr_stream *xdr) 110 { 111 struct rpc_clnt *clnt = task->tk_client; 112 struct rpc_cred *cred = task->tk_rqstp->rq_cred; 113 __be32 *p, *cred_len, *gidarr_len; 114 int i; 115 struct group_info *gi = cred->cr_cred->group_info; 116 struct user_namespace *userns = clnt->cl_cred ? 117 clnt->cl_cred->user_ns : &init_user_ns; 118 119 /* Credential */ 120 121 p = xdr_reserve_space(xdr, 3 * sizeof(*p)); 122 if (!p) 123 goto marshal_failed; 124 *p++ = rpc_auth_unix; 125 cred_len = p++; 126 *p++ = xdr_zero; /* stamp */ 127 if (xdr_stream_encode_opaque(xdr, clnt->cl_nodename, 128 clnt->cl_nodelen) < 0) 129 goto marshal_failed; 130 p = xdr_reserve_space(xdr, 3 * sizeof(*p)); 131 if (!p) 132 goto marshal_failed; 133 *p++ = cpu_to_be32(from_kuid_munged(userns, cred->cr_cred->fsuid)); 134 *p++ = cpu_to_be32(from_kgid_munged(userns, cred->cr_cred->fsgid)); 135 136 gidarr_len = p++; 137 if (gi) 138 for (i = 0; i < UNX_NGROUPS && i < gi->ngroups; i++) 139 *p++ = cpu_to_be32(from_kgid_munged(userns, gi->gid[i])); 140 *gidarr_len = cpu_to_be32(p - gidarr_len - 1); 141 *cred_len = cpu_to_be32((p - cred_len - 1) << 2); 142 p = xdr_reserve_space(xdr, (p - gidarr_len - 1) << 2); 143 if (!p) 144 goto marshal_failed; 145 146 /* Verifier */ 147 148 p = xdr_reserve_space(xdr, 2 * sizeof(*p)); 149 if (!p) 150 goto marshal_failed; 151 *p++ = rpc_auth_null; 152 *p = xdr_zero; 153 154 return 0; 155 156 marshal_failed: 157 return -EMSGSIZE; 158 } 159 160 /* 161 * Refresh credentials. This is a no-op for AUTH_UNIX 162 */ 163 static int 164 unx_refresh(struct rpc_task *task) 165 { 166 set_bit(RPCAUTH_CRED_UPTODATE, &task->tk_rqstp->rq_cred->cr_flags); 167 return 0; 168 } 169 170 static int 171 unx_validate(struct rpc_task *task, struct xdr_stream *xdr) 172 { 173 struct rpc_auth *auth = task->tk_rqstp->rq_cred->cr_auth; 174 __be32 *p; 175 u32 size; 176 177 p = xdr_inline_decode(xdr, 2 * sizeof(*p)); 178 if (!p) 179 return -EIO; 180 switch (*p++) { 181 case rpc_auth_null: 182 case rpc_auth_unix: 183 case rpc_auth_short: 184 break; 185 default: 186 return -EIO; 187 } 188 size = be32_to_cpup(p); 189 if (size > RPC_MAX_AUTH_SIZE) 190 return -EIO; 191 p = xdr_inline_decode(xdr, size); 192 if (!p) 193 return -EIO; 194 195 auth->au_verfsize = XDR_QUADLEN(size) + 2; 196 auth->au_rslack = XDR_QUADLEN(size) + 2; 197 auth->au_ralign = XDR_QUADLEN(size) + 2; 198 return 0; 199 } 200 201 int __init rpc_init_authunix(void) 202 { 203 unix_pool = mempool_create_kmalloc_pool(16, sizeof(struct rpc_cred)); 204 return unix_pool ? 0 : -ENOMEM; 205 } 206 207 void rpc_destroy_authunix(void) 208 { 209 mempool_destroy(unix_pool); 210 } 211 212 const struct rpc_authops authunix_ops = { 213 .owner = THIS_MODULE, 214 .au_flavor = RPC_AUTH_UNIX, 215 .au_name = "UNIX", 216 .create = unx_create, 217 .destroy = unx_destroy, 218 .lookup_cred = unx_lookup_cred, 219 }; 220 221 static 222 struct rpc_auth unix_auth = { 223 .au_cslack = UNX_CALLSLACK, 224 .au_rslack = NUL_REPLYSLACK, 225 .au_verfsize = NUL_REPLYSLACK, 226 .au_ops = &authunix_ops, 227 .au_flavor = RPC_AUTH_UNIX, 228 .au_count = REFCOUNT_INIT(1), 229 }; 230 231 static 232 const struct rpc_credops unix_credops = { 233 .cr_name = "AUTH_UNIX", 234 .crdestroy = unx_destroy_cred, 235 .crmatch = unx_match, 236 .crmarshal = unx_marshal, 237 .crwrap_req = rpcauth_wrap_req_encode, 238 .crrefresh = unx_refresh, 239 .crvalidate = unx_validate, 240 .crunwrap_resp = rpcauth_unwrap_resp_decode, 241 }; 242