1 #include <linux/types.h> 2 #include <linux/sched.h> 3 #include <linux/module.h> 4 #include <linux/sunrpc/types.h> 5 #include <linux/sunrpc/xdr.h> 6 #include <linux/sunrpc/svcsock.h> 7 #include <linux/sunrpc/svcauth.h> 8 #include <linux/sunrpc/gss_api.h> 9 #include <linux/sunrpc/addr.h> 10 #include <linux/err.h> 11 #include <linux/seq_file.h> 12 #include <linux/hash.h> 13 #include <linux/string.h> 14 #include <linux/slab.h> 15 #include <net/sock.h> 16 #include <net/ipv6.h> 17 #include <linux/kernel.h> 18 #include <linux/user_namespace.h> 19 #define RPCDBG_FACILITY RPCDBG_AUTH 20 21 22 #include "netns.h" 23 24 /* 25 * AUTHUNIX and AUTHNULL credentials are both handled here. 26 * AUTHNULL is treated just like AUTHUNIX except that the uid/gid 27 * are always nobody (-2). i.e. we do the same IP address checks for 28 * AUTHNULL as for AUTHUNIX, and that is done here. 29 */ 30 31 32 struct unix_domain { 33 struct auth_domain h; 34 /* other stuff later */ 35 }; 36 37 extern struct auth_ops svcauth_null; 38 extern struct auth_ops svcauth_unix; 39 40 static void svcauth_unix_domain_release_rcu(struct rcu_head *head) 41 { 42 struct auth_domain *dom = container_of(head, struct auth_domain, rcu_head); 43 struct unix_domain *ud = container_of(dom, struct unix_domain, h); 44 45 kfree(dom->name); 46 kfree(ud); 47 } 48 49 static void svcauth_unix_domain_release(struct auth_domain *dom) 50 { 51 call_rcu(&dom->rcu_head, svcauth_unix_domain_release_rcu); 52 } 53 54 struct auth_domain *unix_domain_find(char *name) 55 { 56 struct auth_domain *rv; 57 struct unix_domain *new = NULL; 58 59 rv = auth_domain_find(name); 60 while(1) { 61 if (rv) { 62 if (new && rv != &new->h) 63 svcauth_unix_domain_release(&new->h); 64 65 if (rv->flavour != &svcauth_unix) { 66 auth_domain_put(rv); 67 return NULL; 68 } 69 return rv; 70 } 71 72 new = kmalloc(sizeof(*new), GFP_KERNEL); 73 if (new == NULL) 74 return NULL; 75 kref_init(&new->h.ref); 76 new->h.name = kstrdup(name, GFP_KERNEL); 77 if (new->h.name == NULL) { 78 kfree(new); 79 return NULL; 80 } 81 new->h.flavour = &svcauth_unix; 82 rv = auth_domain_lookup(name, &new->h); 83 } 84 } 85 EXPORT_SYMBOL_GPL(unix_domain_find); 86 87 88 /************************************************** 89 * cache for IP address to unix_domain 90 * as needed by AUTH_UNIX 91 */ 92 #define IP_HASHBITS 8 93 #define IP_HASHMAX (1<<IP_HASHBITS) 94 95 struct ip_map { 96 struct cache_head h; 97 char m_class[8]; /* e.g. "nfsd" */ 98 struct in6_addr m_addr; 99 struct unix_domain *m_client; 100 struct rcu_head m_rcu; 101 }; 102 103 static void ip_map_put(struct kref *kref) 104 { 105 struct cache_head *item = container_of(kref, struct cache_head, ref); 106 struct ip_map *im = container_of(item, struct ip_map,h); 107 108 if (test_bit(CACHE_VALID, &item->flags) && 109 !test_bit(CACHE_NEGATIVE, &item->flags)) 110 auth_domain_put(&im->m_client->h); 111 kfree_rcu(im, m_rcu); 112 } 113 114 static inline int hash_ip6(const struct in6_addr *ip) 115 { 116 return hash_32(ipv6_addr_hash(ip), IP_HASHBITS); 117 } 118 static int ip_map_match(struct cache_head *corig, struct cache_head *cnew) 119 { 120 struct ip_map *orig = container_of(corig, struct ip_map, h); 121 struct ip_map *new = container_of(cnew, struct ip_map, h); 122 return strcmp(orig->m_class, new->m_class) == 0 && 123 ipv6_addr_equal(&orig->m_addr, &new->m_addr); 124 } 125 static void ip_map_init(struct cache_head *cnew, struct cache_head *citem) 126 { 127 struct ip_map *new = container_of(cnew, struct ip_map, h); 128 struct ip_map *item = container_of(citem, struct ip_map, h); 129 130 strcpy(new->m_class, item->m_class); 131 new->m_addr = item->m_addr; 132 } 133 static void update(struct cache_head *cnew, struct cache_head *citem) 134 { 135 struct ip_map *new = container_of(cnew, struct ip_map, h); 136 struct ip_map *item = container_of(citem, struct ip_map, h); 137 138 kref_get(&item->m_client->h.ref); 139 new->m_client = item->m_client; 140 } 141 static struct cache_head *ip_map_alloc(void) 142 { 143 struct ip_map *i = kmalloc(sizeof(*i), GFP_KERNEL); 144 if (i) 145 return &i->h; 146 else 147 return NULL; 148 } 149 150 static void ip_map_request(struct cache_detail *cd, 151 struct cache_head *h, 152 char **bpp, int *blen) 153 { 154 char text_addr[40]; 155 struct ip_map *im = container_of(h, struct ip_map, h); 156 157 if (ipv6_addr_v4mapped(&(im->m_addr))) { 158 snprintf(text_addr, 20, "%pI4", &im->m_addr.s6_addr32[3]); 159 } else { 160 snprintf(text_addr, 40, "%pI6", &im->m_addr); 161 } 162 qword_add(bpp, blen, im->m_class); 163 qword_add(bpp, blen, text_addr); 164 (*bpp)[-1] = '\n'; 165 } 166 167 static struct ip_map *__ip_map_lookup(struct cache_detail *cd, char *class, struct in6_addr *addr); 168 static int __ip_map_update(struct cache_detail *cd, struct ip_map *ipm, struct unix_domain *udom, time_t expiry); 169 170 static int ip_map_parse(struct cache_detail *cd, 171 char *mesg, int mlen) 172 { 173 /* class ipaddress [domainname] */ 174 /* should be safe just to use the start of the input buffer 175 * for scratch: */ 176 char *buf = mesg; 177 int len; 178 char class[8]; 179 union { 180 struct sockaddr sa; 181 struct sockaddr_in s4; 182 struct sockaddr_in6 s6; 183 } address; 184 struct sockaddr_in6 sin6; 185 int err; 186 187 struct ip_map *ipmp; 188 struct auth_domain *dom; 189 time_t expiry; 190 191 if (mesg[mlen-1] != '\n') 192 return -EINVAL; 193 mesg[mlen-1] = 0; 194 195 /* class */ 196 len = qword_get(&mesg, class, sizeof(class)); 197 if (len <= 0) return -EINVAL; 198 199 /* ip address */ 200 len = qword_get(&mesg, buf, mlen); 201 if (len <= 0) return -EINVAL; 202 203 if (rpc_pton(cd->net, buf, len, &address.sa, sizeof(address)) == 0) 204 return -EINVAL; 205 switch (address.sa.sa_family) { 206 case AF_INET: 207 /* Form a mapped IPv4 address in sin6 */ 208 sin6.sin6_family = AF_INET6; 209 ipv6_addr_set_v4mapped(address.s4.sin_addr.s_addr, 210 &sin6.sin6_addr); 211 break; 212 #if IS_ENABLED(CONFIG_IPV6) 213 case AF_INET6: 214 memcpy(&sin6, &address.s6, sizeof(sin6)); 215 break; 216 #endif 217 default: 218 return -EINVAL; 219 } 220 221 expiry = get_expiry(&mesg); 222 if (expiry ==0) 223 return -EINVAL; 224 225 /* domainname, or empty for NEGATIVE */ 226 len = qword_get(&mesg, buf, mlen); 227 if (len < 0) return -EINVAL; 228 229 if (len) { 230 dom = unix_domain_find(buf); 231 if (dom == NULL) 232 return -ENOENT; 233 } else 234 dom = NULL; 235 236 /* IPv6 scope IDs are ignored for now */ 237 ipmp = __ip_map_lookup(cd, class, &sin6.sin6_addr); 238 if (ipmp) { 239 err = __ip_map_update(cd, ipmp, 240 container_of(dom, struct unix_domain, h), 241 expiry); 242 } else 243 err = -ENOMEM; 244 245 if (dom) 246 auth_domain_put(dom); 247 248 cache_flush(); 249 return err; 250 } 251 252 static int ip_map_show(struct seq_file *m, 253 struct cache_detail *cd, 254 struct cache_head *h) 255 { 256 struct ip_map *im; 257 struct in6_addr addr; 258 char *dom = "-no-domain-"; 259 260 if (h == NULL) { 261 seq_puts(m, "#class IP domain\n"); 262 return 0; 263 } 264 im = container_of(h, struct ip_map, h); 265 /* class addr domain */ 266 addr = im->m_addr; 267 268 if (test_bit(CACHE_VALID, &h->flags) && 269 !test_bit(CACHE_NEGATIVE, &h->flags)) 270 dom = im->m_client->h.name; 271 272 if (ipv6_addr_v4mapped(&addr)) { 273 seq_printf(m, "%s %pI4 %s\n", 274 im->m_class, &addr.s6_addr32[3], dom); 275 } else { 276 seq_printf(m, "%s %pI6 %s\n", im->m_class, &addr, dom); 277 } 278 return 0; 279 } 280 281 282 static struct ip_map *__ip_map_lookup(struct cache_detail *cd, char *class, 283 struct in6_addr *addr) 284 { 285 struct ip_map ip; 286 struct cache_head *ch; 287 288 strcpy(ip.m_class, class); 289 ip.m_addr = *addr; 290 ch = sunrpc_cache_lookup_rcu(cd, &ip.h, 291 hash_str(class, IP_HASHBITS) ^ 292 hash_ip6(addr)); 293 294 if (ch) 295 return container_of(ch, struct ip_map, h); 296 else 297 return NULL; 298 } 299 300 static inline struct ip_map *ip_map_lookup(struct net *net, char *class, 301 struct in6_addr *addr) 302 { 303 struct sunrpc_net *sn; 304 305 sn = net_generic(net, sunrpc_net_id); 306 return __ip_map_lookup(sn->ip_map_cache, class, addr); 307 } 308 309 static int __ip_map_update(struct cache_detail *cd, struct ip_map *ipm, 310 struct unix_domain *udom, time_t expiry) 311 { 312 struct ip_map ip; 313 struct cache_head *ch; 314 315 ip.m_client = udom; 316 ip.h.flags = 0; 317 if (!udom) 318 set_bit(CACHE_NEGATIVE, &ip.h.flags); 319 ip.h.expiry_time = expiry; 320 ch = sunrpc_cache_update(cd, &ip.h, &ipm->h, 321 hash_str(ipm->m_class, IP_HASHBITS) ^ 322 hash_ip6(&ipm->m_addr)); 323 if (!ch) 324 return -ENOMEM; 325 cache_put(ch, cd); 326 return 0; 327 } 328 329 static inline int ip_map_update(struct net *net, struct ip_map *ipm, 330 struct unix_domain *udom, time_t expiry) 331 { 332 struct sunrpc_net *sn; 333 334 sn = net_generic(net, sunrpc_net_id); 335 return __ip_map_update(sn->ip_map_cache, ipm, udom, expiry); 336 } 337 338 void svcauth_unix_purge(struct net *net) 339 { 340 struct sunrpc_net *sn; 341 342 sn = net_generic(net, sunrpc_net_id); 343 cache_purge(sn->ip_map_cache); 344 } 345 EXPORT_SYMBOL_GPL(svcauth_unix_purge); 346 347 static inline struct ip_map * 348 ip_map_cached_get(struct svc_xprt *xprt) 349 { 350 struct ip_map *ipm = NULL; 351 struct sunrpc_net *sn; 352 353 if (test_bit(XPT_CACHE_AUTH, &xprt->xpt_flags)) { 354 spin_lock(&xprt->xpt_lock); 355 ipm = xprt->xpt_auth_cache; 356 if (ipm != NULL) { 357 sn = net_generic(xprt->xpt_net, sunrpc_net_id); 358 if (cache_is_expired(sn->ip_map_cache, &ipm->h)) { 359 /* 360 * The entry has been invalidated since it was 361 * remembered, e.g. by a second mount from the 362 * same IP address. 363 */ 364 xprt->xpt_auth_cache = NULL; 365 spin_unlock(&xprt->xpt_lock); 366 cache_put(&ipm->h, sn->ip_map_cache); 367 return NULL; 368 } 369 cache_get(&ipm->h); 370 } 371 spin_unlock(&xprt->xpt_lock); 372 } 373 return ipm; 374 } 375 376 static inline void 377 ip_map_cached_put(struct svc_xprt *xprt, struct ip_map *ipm) 378 { 379 if (test_bit(XPT_CACHE_AUTH, &xprt->xpt_flags)) { 380 spin_lock(&xprt->xpt_lock); 381 if (xprt->xpt_auth_cache == NULL) { 382 /* newly cached, keep the reference */ 383 xprt->xpt_auth_cache = ipm; 384 ipm = NULL; 385 } 386 spin_unlock(&xprt->xpt_lock); 387 } 388 if (ipm) { 389 struct sunrpc_net *sn; 390 391 sn = net_generic(xprt->xpt_net, sunrpc_net_id); 392 cache_put(&ipm->h, sn->ip_map_cache); 393 } 394 } 395 396 void 397 svcauth_unix_info_release(struct svc_xprt *xpt) 398 { 399 struct ip_map *ipm; 400 401 ipm = xpt->xpt_auth_cache; 402 if (ipm != NULL) { 403 struct sunrpc_net *sn; 404 405 sn = net_generic(xpt->xpt_net, sunrpc_net_id); 406 cache_put(&ipm->h, sn->ip_map_cache); 407 } 408 } 409 410 /**************************************************************************** 411 * auth.unix.gid cache 412 * simple cache to map a UID to a list of GIDs 413 * because AUTH_UNIX aka AUTH_SYS has a max of UNX_NGROUPS 414 */ 415 #define GID_HASHBITS 8 416 #define GID_HASHMAX (1<<GID_HASHBITS) 417 418 struct unix_gid { 419 struct cache_head h; 420 kuid_t uid; 421 struct group_info *gi; 422 struct rcu_head rcu; 423 }; 424 425 static int unix_gid_hash(kuid_t uid) 426 { 427 return hash_long(from_kuid(&init_user_ns, uid), GID_HASHBITS); 428 } 429 430 static void unix_gid_put(struct kref *kref) 431 { 432 struct cache_head *item = container_of(kref, struct cache_head, ref); 433 struct unix_gid *ug = container_of(item, struct unix_gid, h); 434 if (test_bit(CACHE_VALID, &item->flags) && 435 !test_bit(CACHE_NEGATIVE, &item->flags)) 436 put_group_info(ug->gi); 437 kfree_rcu(ug, rcu); 438 } 439 440 static int unix_gid_match(struct cache_head *corig, struct cache_head *cnew) 441 { 442 struct unix_gid *orig = container_of(corig, struct unix_gid, h); 443 struct unix_gid *new = container_of(cnew, struct unix_gid, h); 444 return uid_eq(orig->uid, new->uid); 445 } 446 static void unix_gid_init(struct cache_head *cnew, struct cache_head *citem) 447 { 448 struct unix_gid *new = container_of(cnew, struct unix_gid, h); 449 struct unix_gid *item = container_of(citem, struct unix_gid, h); 450 new->uid = item->uid; 451 } 452 static void unix_gid_update(struct cache_head *cnew, struct cache_head *citem) 453 { 454 struct unix_gid *new = container_of(cnew, struct unix_gid, h); 455 struct unix_gid *item = container_of(citem, struct unix_gid, h); 456 457 get_group_info(item->gi); 458 new->gi = item->gi; 459 } 460 static struct cache_head *unix_gid_alloc(void) 461 { 462 struct unix_gid *g = kmalloc(sizeof(*g), GFP_KERNEL); 463 if (g) 464 return &g->h; 465 else 466 return NULL; 467 } 468 469 static void unix_gid_request(struct cache_detail *cd, 470 struct cache_head *h, 471 char **bpp, int *blen) 472 { 473 char tuid[20]; 474 struct unix_gid *ug = container_of(h, struct unix_gid, h); 475 476 snprintf(tuid, 20, "%u", from_kuid(&init_user_ns, ug->uid)); 477 qword_add(bpp, blen, tuid); 478 (*bpp)[-1] = '\n'; 479 } 480 481 static struct unix_gid *unix_gid_lookup(struct cache_detail *cd, kuid_t uid); 482 483 static int unix_gid_parse(struct cache_detail *cd, 484 char *mesg, int mlen) 485 { 486 /* uid expiry Ngid gid0 gid1 ... gidN-1 */ 487 int id; 488 kuid_t uid; 489 int gids; 490 int rv; 491 int i; 492 int err; 493 time_t expiry; 494 struct unix_gid ug, *ugp; 495 496 if (mesg[mlen - 1] != '\n') 497 return -EINVAL; 498 mesg[mlen-1] = 0; 499 500 rv = get_int(&mesg, &id); 501 if (rv) 502 return -EINVAL; 503 uid = make_kuid(current_user_ns(), id); 504 ug.uid = uid; 505 506 expiry = get_expiry(&mesg); 507 if (expiry == 0) 508 return -EINVAL; 509 510 rv = get_int(&mesg, &gids); 511 if (rv || gids < 0 || gids > 8192) 512 return -EINVAL; 513 514 ug.gi = groups_alloc(gids); 515 if (!ug.gi) 516 return -ENOMEM; 517 518 for (i = 0 ; i < gids ; i++) { 519 int gid; 520 kgid_t kgid; 521 rv = get_int(&mesg, &gid); 522 err = -EINVAL; 523 if (rv) 524 goto out; 525 kgid = make_kgid(current_user_ns(), gid); 526 if (!gid_valid(kgid)) 527 goto out; 528 ug.gi->gid[i] = kgid; 529 } 530 531 groups_sort(ug.gi); 532 ugp = unix_gid_lookup(cd, uid); 533 if (ugp) { 534 struct cache_head *ch; 535 ug.h.flags = 0; 536 ug.h.expiry_time = expiry; 537 ch = sunrpc_cache_update(cd, 538 &ug.h, &ugp->h, 539 unix_gid_hash(uid)); 540 if (!ch) 541 err = -ENOMEM; 542 else { 543 err = 0; 544 cache_put(ch, cd); 545 } 546 } else 547 err = -ENOMEM; 548 out: 549 if (ug.gi) 550 put_group_info(ug.gi); 551 return err; 552 } 553 554 static int unix_gid_show(struct seq_file *m, 555 struct cache_detail *cd, 556 struct cache_head *h) 557 { 558 struct user_namespace *user_ns = m->file->f_cred->user_ns; 559 struct unix_gid *ug; 560 int i; 561 int glen; 562 563 if (h == NULL) { 564 seq_puts(m, "#uid cnt: gids...\n"); 565 return 0; 566 } 567 ug = container_of(h, struct unix_gid, h); 568 if (test_bit(CACHE_VALID, &h->flags) && 569 !test_bit(CACHE_NEGATIVE, &h->flags)) 570 glen = ug->gi->ngroups; 571 else 572 glen = 0; 573 574 seq_printf(m, "%u %d:", from_kuid_munged(user_ns, ug->uid), glen); 575 for (i = 0; i < glen; i++) 576 seq_printf(m, " %d", from_kgid_munged(user_ns, ug->gi->gid[i])); 577 seq_printf(m, "\n"); 578 return 0; 579 } 580 581 static const struct cache_detail unix_gid_cache_template = { 582 .owner = THIS_MODULE, 583 .hash_size = GID_HASHMAX, 584 .name = "auth.unix.gid", 585 .cache_put = unix_gid_put, 586 .cache_request = unix_gid_request, 587 .cache_parse = unix_gid_parse, 588 .cache_show = unix_gid_show, 589 .match = unix_gid_match, 590 .init = unix_gid_init, 591 .update = unix_gid_update, 592 .alloc = unix_gid_alloc, 593 }; 594 595 int unix_gid_cache_create(struct net *net) 596 { 597 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); 598 struct cache_detail *cd; 599 int err; 600 601 cd = cache_create_net(&unix_gid_cache_template, net); 602 if (IS_ERR(cd)) 603 return PTR_ERR(cd); 604 err = cache_register_net(cd, net); 605 if (err) { 606 cache_destroy_net(cd, net); 607 return err; 608 } 609 sn->unix_gid_cache = cd; 610 return 0; 611 } 612 613 void unix_gid_cache_destroy(struct net *net) 614 { 615 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); 616 struct cache_detail *cd = sn->unix_gid_cache; 617 618 sn->unix_gid_cache = NULL; 619 cache_purge(cd); 620 cache_unregister_net(cd, net); 621 cache_destroy_net(cd, net); 622 } 623 624 static struct unix_gid *unix_gid_lookup(struct cache_detail *cd, kuid_t uid) 625 { 626 struct unix_gid ug; 627 struct cache_head *ch; 628 629 ug.uid = uid; 630 ch = sunrpc_cache_lookup_rcu(cd, &ug.h, unix_gid_hash(uid)); 631 if (ch) 632 return container_of(ch, struct unix_gid, h); 633 else 634 return NULL; 635 } 636 637 static struct group_info *unix_gid_find(kuid_t uid, struct svc_rqst *rqstp) 638 { 639 struct unix_gid *ug; 640 struct group_info *gi; 641 int ret; 642 struct sunrpc_net *sn = net_generic(rqstp->rq_xprt->xpt_net, 643 sunrpc_net_id); 644 645 ug = unix_gid_lookup(sn->unix_gid_cache, uid); 646 if (!ug) 647 return ERR_PTR(-EAGAIN); 648 ret = cache_check(sn->unix_gid_cache, &ug->h, &rqstp->rq_chandle); 649 switch (ret) { 650 case -ENOENT: 651 return ERR_PTR(-ENOENT); 652 case -ETIMEDOUT: 653 return ERR_PTR(-ESHUTDOWN); 654 case 0: 655 gi = get_group_info(ug->gi); 656 cache_put(&ug->h, sn->unix_gid_cache); 657 return gi; 658 default: 659 return ERR_PTR(-EAGAIN); 660 } 661 } 662 663 int 664 svcauth_unix_set_client(struct svc_rqst *rqstp) 665 { 666 struct sockaddr_in *sin; 667 struct sockaddr_in6 *sin6, sin6_storage; 668 struct ip_map *ipm; 669 struct group_info *gi; 670 struct svc_cred *cred = &rqstp->rq_cred; 671 struct svc_xprt *xprt = rqstp->rq_xprt; 672 struct net *net = xprt->xpt_net; 673 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); 674 675 switch (rqstp->rq_addr.ss_family) { 676 case AF_INET: 677 sin = svc_addr_in(rqstp); 678 sin6 = &sin6_storage; 679 ipv6_addr_set_v4mapped(sin->sin_addr.s_addr, &sin6->sin6_addr); 680 break; 681 case AF_INET6: 682 sin6 = svc_addr_in6(rqstp); 683 break; 684 default: 685 BUG(); 686 } 687 688 rqstp->rq_client = NULL; 689 if (rqstp->rq_proc == 0) 690 return SVC_OK; 691 692 ipm = ip_map_cached_get(xprt); 693 if (ipm == NULL) 694 ipm = __ip_map_lookup(sn->ip_map_cache, rqstp->rq_server->sv_program->pg_class, 695 &sin6->sin6_addr); 696 697 if (ipm == NULL) 698 return SVC_DENIED; 699 700 switch (cache_check(sn->ip_map_cache, &ipm->h, &rqstp->rq_chandle)) { 701 default: 702 BUG(); 703 case -ETIMEDOUT: 704 return SVC_CLOSE; 705 case -EAGAIN: 706 return SVC_DROP; 707 case -ENOENT: 708 return SVC_DENIED; 709 case 0: 710 rqstp->rq_client = &ipm->m_client->h; 711 kref_get(&rqstp->rq_client->ref); 712 ip_map_cached_put(xprt, ipm); 713 break; 714 } 715 716 gi = unix_gid_find(cred->cr_uid, rqstp); 717 switch (PTR_ERR(gi)) { 718 case -EAGAIN: 719 return SVC_DROP; 720 case -ESHUTDOWN: 721 return SVC_CLOSE; 722 case -ENOENT: 723 break; 724 default: 725 put_group_info(cred->cr_group_info); 726 cred->cr_group_info = gi; 727 } 728 return SVC_OK; 729 } 730 731 EXPORT_SYMBOL_GPL(svcauth_unix_set_client); 732 733 static int 734 svcauth_null_accept(struct svc_rqst *rqstp, __be32 *authp) 735 { 736 struct kvec *argv = &rqstp->rq_arg.head[0]; 737 struct kvec *resv = &rqstp->rq_res.head[0]; 738 struct svc_cred *cred = &rqstp->rq_cred; 739 740 if (argv->iov_len < 3*4) 741 return SVC_GARBAGE; 742 743 if (svc_getu32(argv) != 0) { 744 dprintk("svc: bad null cred\n"); 745 *authp = rpc_autherr_badcred; 746 return SVC_DENIED; 747 } 748 if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) || svc_getu32(argv) != 0) { 749 dprintk("svc: bad null verf\n"); 750 *authp = rpc_autherr_badverf; 751 return SVC_DENIED; 752 } 753 754 /* Signal that mapping to nobody uid/gid is required */ 755 cred->cr_uid = INVALID_UID; 756 cred->cr_gid = INVALID_GID; 757 cred->cr_group_info = groups_alloc(0); 758 if (cred->cr_group_info == NULL) 759 return SVC_CLOSE; /* kmalloc failure - client must retry */ 760 761 /* Put NULL verifier */ 762 svc_putnl(resv, RPC_AUTH_NULL); 763 svc_putnl(resv, 0); 764 765 rqstp->rq_cred.cr_flavor = RPC_AUTH_NULL; 766 return SVC_OK; 767 } 768 769 static int 770 svcauth_null_release(struct svc_rqst *rqstp) 771 { 772 if (rqstp->rq_client) 773 auth_domain_put(rqstp->rq_client); 774 rqstp->rq_client = NULL; 775 if (rqstp->rq_cred.cr_group_info) 776 put_group_info(rqstp->rq_cred.cr_group_info); 777 rqstp->rq_cred.cr_group_info = NULL; 778 779 return 0; /* don't drop */ 780 } 781 782 783 struct auth_ops svcauth_null = { 784 .name = "null", 785 .owner = THIS_MODULE, 786 .flavour = RPC_AUTH_NULL, 787 .accept = svcauth_null_accept, 788 .release = svcauth_null_release, 789 .set_client = svcauth_unix_set_client, 790 }; 791 792 793 static int 794 svcauth_unix_accept(struct svc_rqst *rqstp, __be32 *authp) 795 { 796 struct kvec *argv = &rqstp->rq_arg.head[0]; 797 struct kvec *resv = &rqstp->rq_res.head[0]; 798 struct svc_cred *cred = &rqstp->rq_cred; 799 struct user_namespace *userns; 800 u32 slen, i; 801 int len = argv->iov_len; 802 803 if ((len -= 3*4) < 0) 804 return SVC_GARBAGE; 805 806 svc_getu32(argv); /* length */ 807 svc_getu32(argv); /* time stamp */ 808 slen = XDR_QUADLEN(svc_getnl(argv)); /* machname length */ 809 if (slen > 64 || (len -= (slen + 3)*4) < 0) 810 goto badcred; 811 argv->iov_base = (void*)((__be32*)argv->iov_base + slen); /* skip machname */ 812 argv->iov_len -= slen*4; 813 /* 814 * Note: we skip uid_valid()/gid_valid() checks here for 815 * backwards compatibility with clients that use -1 id's. 816 * Instead, -1 uid or gid is later mapped to the 817 * (export-specific) anonymous id by nfsd_setuser. 818 * Supplementary gid's will be left alone. 819 */ 820 userns = (rqstp->rq_xprt && rqstp->rq_xprt->xpt_cred) ? 821 rqstp->rq_xprt->xpt_cred->user_ns : &init_user_ns; 822 cred->cr_uid = make_kuid(userns, svc_getnl(argv)); /* uid */ 823 cred->cr_gid = make_kgid(userns, svc_getnl(argv)); /* gid */ 824 slen = svc_getnl(argv); /* gids length */ 825 if (slen > UNX_NGROUPS || (len -= (slen + 2)*4) < 0) 826 goto badcred; 827 cred->cr_group_info = groups_alloc(slen); 828 if (cred->cr_group_info == NULL) 829 return SVC_CLOSE; 830 for (i = 0; i < slen; i++) { 831 kgid_t kgid = make_kgid(userns, svc_getnl(argv)); 832 cred->cr_group_info->gid[i] = kgid; 833 } 834 groups_sort(cred->cr_group_info); 835 if (svc_getu32(argv) != htonl(RPC_AUTH_NULL) || svc_getu32(argv) != 0) { 836 *authp = rpc_autherr_badverf; 837 return SVC_DENIED; 838 } 839 840 /* Put NULL verifier */ 841 svc_putnl(resv, RPC_AUTH_NULL); 842 svc_putnl(resv, 0); 843 844 rqstp->rq_cred.cr_flavor = RPC_AUTH_UNIX; 845 return SVC_OK; 846 847 badcred: 848 *authp = rpc_autherr_badcred; 849 return SVC_DENIED; 850 } 851 852 static int 853 svcauth_unix_release(struct svc_rqst *rqstp) 854 { 855 /* Verifier (such as it is) is already in place. 856 */ 857 if (rqstp->rq_client) 858 auth_domain_put(rqstp->rq_client); 859 rqstp->rq_client = NULL; 860 if (rqstp->rq_cred.cr_group_info) 861 put_group_info(rqstp->rq_cred.cr_group_info); 862 rqstp->rq_cred.cr_group_info = NULL; 863 864 return 0; 865 } 866 867 868 struct auth_ops svcauth_unix = { 869 .name = "unix", 870 .owner = THIS_MODULE, 871 .flavour = RPC_AUTH_UNIX, 872 .accept = svcauth_unix_accept, 873 .release = svcauth_unix_release, 874 .domain_release = svcauth_unix_domain_release, 875 .set_client = svcauth_unix_set_client, 876 }; 877 878 static const struct cache_detail ip_map_cache_template = { 879 .owner = THIS_MODULE, 880 .hash_size = IP_HASHMAX, 881 .name = "auth.unix.ip", 882 .cache_put = ip_map_put, 883 .cache_request = ip_map_request, 884 .cache_parse = ip_map_parse, 885 .cache_show = ip_map_show, 886 .match = ip_map_match, 887 .init = ip_map_init, 888 .update = update, 889 .alloc = ip_map_alloc, 890 }; 891 892 int ip_map_cache_create(struct net *net) 893 { 894 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); 895 struct cache_detail *cd; 896 int err; 897 898 cd = cache_create_net(&ip_map_cache_template, net); 899 if (IS_ERR(cd)) 900 return PTR_ERR(cd); 901 err = cache_register_net(cd, net); 902 if (err) { 903 cache_destroy_net(cd, net); 904 return err; 905 } 906 sn->ip_map_cache = cd; 907 return 0; 908 } 909 910 void ip_map_cache_destroy(struct net *net) 911 { 912 struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); 913 struct cache_detail *cd = sn->ip_map_cache; 914 915 sn->ip_map_cache = NULL; 916 cache_purge(cd); 917 cache_unregister_net(cd, net); 918 cache_destroy_net(cd, net); 919 } 920