/net/sunrpc/auth_gss/gss_mech_switch.c

  1// SPDX-License-Identifier: BSD-3-Clause
  2/*
  3 *  linux/net/sunrpc/gss_mech_switch.c
  4 *
  5 *  Copyright (c) 2001 The Regents of the University of Michigan.
  6 *  All rights reserved.
  7 *
  8 *  J. Bruce Fields   <bfields@umich.edu>
  9 */
 10
 11#include <linux/types.h>
 12#include <linux/slab.h>
 13#include <linux/module.h>
 14#include <linux/oid_registry.h>
 15#include <linux/sunrpc/msg_prot.h>
 16#include <linux/sunrpc/gss_asn1.h>
 17#include <linux/sunrpc/auth_gss.h>
 18#include <linux/sunrpc/svcauth_gss.h>
 19#include <linux/sunrpc/gss_err.h>
 20#include <linux/sunrpc/sched.h>
 21#include <linux/sunrpc/gss_api.h>
 22#include <linux/sunrpc/clnt.h>
 23#include <trace/events/rpcgss.h>
 24
 25#if IS_ENABLED(CONFIG_SUNRPC_DEBUG)
 26# define RPCDBG_FACILITY        RPCDBG_AUTH
 27#endif
 28
 29static LIST_HEAD(registered_mechs);
 30static DEFINE_SPINLOCK(registered_mechs_lock);
 31
 32static void
 33gss_mech_free(struct gss_api_mech *gm)
 34{
 35	struct pf_desc *pf;
 36	int i;
 37
 38	for (i = 0; i < gm->gm_pf_num; i++) {
 39		pf = &gm->gm_pfs[i];
 40		kfree(pf->auth_domain_name);
 41		pf->auth_domain_name = NULL;
 42	}
 43}
 44
 45static inline char *
 46make_auth_domain_name(char *name)
 47{
 48	static char	*prefix = "gss/";
 49	char		*new;
 50
 51	new = kmalloc(strlen(name) + strlen(prefix) + 1, GFP_KERNEL);
 52	if (new) {
 53		strcpy(new, prefix);
 54		strcat(new, name);
 55	}
 56	return new;
 57}
 58
 59static int
 60gss_mech_svc_setup(struct gss_api_mech *gm)
 61{
 62	struct pf_desc *pf;
 63	int i, status;
 64
 65	for (i = 0; i < gm->gm_pf_num; i++) {
 66		pf = &gm->gm_pfs[i];
 67		pf->auth_domain_name = make_auth_domain_name(pf->name);
 68		status = -ENOMEM;
 69		if (pf->auth_domain_name == NULL)
 70			goto out;
 71		status = svcauth_gss_register_pseudoflavor(pf->pseudoflavor,
 72							pf->auth_domain_name);
 73		if (status)
 74			goto out;
 75	}
 76	return 0;
 77out:
 78	gss_mech_free(gm);
 79	return status;
 80}
 81
 82/**
 83 * gss_mech_register - register a GSS mechanism
 84 * @gm: GSS mechanism handle
 85 *
 86 * Returns zero if successful, or a negative errno.
 87 */
 88int gss_mech_register(struct gss_api_mech *gm)
 89{
 90	int status;
 91
 92	status = gss_mech_svc_setup(gm);
 93	if (status)
 94		return status;
 95	spin_lock(&registered_mechs_lock);
 96	list_add_rcu(&gm->gm_list, &registered_mechs);
 97	spin_unlock(&registered_mechs_lock);
 98	dprintk("RPC:       registered gss mechanism %s\n", gm->gm_name);
 99	return 0;
100}
101EXPORT_SYMBOL_GPL(gss_mech_register);
102
103/**
104 * gss_mech_unregister - release a GSS mechanism
105 * @gm: GSS mechanism handle
106 *
107 */
108void gss_mech_unregister(struct gss_api_mech *gm)
109{
110	spin_lock(&registered_mechs_lock);
111	list_del_rcu(&gm->gm_list);
112	spin_unlock(&registered_mechs_lock);
113	dprintk("RPC:       unregistered gss mechanism %s\n", gm->gm_name);
114	gss_mech_free(gm);
115}
116EXPORT_SYMBOL_GPL(gss_mech_unregister);
117
118struct gss_api_mech *gss_mech_get(struct gss_api_mech *gm)
119{
120	__module_get(gm->gm_owner);
121	return gm;
122}
123EXPORT_SYMBOL(gss_mech_get);
124
125static struct gss_api_mech *
126_gss_mech_get_by_name(const char *name)
127{
128	struct gss_api_mech	*pos, *gm = NULL;
129
130	rcu_read_lock();
131	list_for_each_entry_rcu(pos, &registered_mechs, gm_list) {
132		if (0 == strcmp(name, pos->gm_name)) {
133			if (try_module_get(pos->gm_owner))
134				gm = pos;
135			break;
136		}
137	}
138	rcu_read_unlock();
139	return gm;
140
141}
142
143struct gss_api_mech * gss_mech_get_by_name(const char *name)
144{
145	struct gss_api_mech *gm = NULL;
146
147	gm = _gss_mech_get_by_name(name);
148	if (!gm) {
149		request_module("rpc-auth-gss-%s", name);
150		gm = _gss_mech_get_by_name(name);
151	}
152	return gm;
153}
154
155struct gss_api_mech *gss_mech_get_by_OID(struct rpcsec_gss_oid *obj)
156{
157	struct gss_api_mech	*pos, *gm = NULL;
158	char buf[32];
159
160	if (sprint_oid(obj->data, obj->len, buf, sizeof(buf)) < 0)
161		return NULL;
162	request_module("rpc-auth-gss-%s", buf);
163
164	rcu_read_lock();
165	list_for_each_entry_rcu(pos, &registered_mechs, gm_list) {
166		if (obj->len == pos->gm_oid.len) {
167			if (0 == memcmp(obj->data, pos->gm_oid.data, obj->len)) {
168				if (try_module_get(pos->gm_owner))
169					gm = pos;
170				break;
171			}
172		}
173	}
174	rcu_read_unlock();
175	if (!gm)
176		trace_rpcgss_oid_to_mech(buf);
177	return gm;
178}
179
180static inline int
181mech_supports_pseudoflavor(struct gss_api_mech *gm, u32 pseudoflavor)
182{
183	int i;
184
185	for (i = 0; i < gm->gm_pf_num; i++) {
186		if (gm->gm_pfs[i].pseudoflavor == pseudoflavor)
187			return 1;
188	}
189	return 0;
190}
191
192static struct gss_api_mech *_gss_mech_get_by_pseudoflavor(u32 pseudoflavor)
193{
194	struct gss_api_mech *gm = NULL, *pos;
195
196	rcu_read_lock();
197	list_for_each_entry_rcu(pos, &registered_mechs, gm_list) {
198		if (!mech_supports_pseudoflavor(pos, pseudoflavor))
199			continue;
200		if (try_module_get(pos->gm_owner))
201			gm = pos;
202		break;
203	}
204	rcu_read_unlock();
205	return gm;
206}
207
208struct gss_api_mech *
209gss_mech_get_by_pseudoflavor(u32 pseudoflavor)
210{
211	struct gss_api_mech *gm;
212
213	gm = _gss_mech_get_by_pseudoflavor(pseudoflavor);
214
215	if (!gm) {
216		request_module("rpc-auth-gss-%u", pseudoflavor);
217		gm = _gss_mech_get_by_pseudoflavor(pseudoflavor);
218	}
219	return gm;
220}
221
222/**
223 * gss_svc_to_pseudoflavor - map a GSS service number to a pseudoflavor
224 * @gm: GSS mechanism handle
225 * @qop: GSS quality-of-protection value
226 * @service: GSS service value
227 *
228 * Returns a matching security flavor, or RPC_AUTH_MAXFLAVOR if none is found.
229 */
230rpc_authflavor_t gss_svc_to_pseudoflavor(struct gss_api_mech *gm, u32 qop,
231					 u32 service)
232{
233	int i;
234
235	for (i = 0; i < gm->gm_pf_num; i++) {
236		if (gm->gm_pfs[i].qop == qop &&
237		    gm->gm_pfs[i].service == service) {
238			return gm->gm_pfs[i].pseudoflavor;
239		}
240	}
241	return RPC_AUTH_MAXFLAVOR;
242}
243
244/**
245 * gss_mech_info2flavor - look up a pseudoflavor given a GSS tuple
246 * @info: a GSS mech OID, quality of protection, and service value
247 *
248 * Returns a matching pseudoflavor, or RPC_AUTH_MAXFLAVOR if the tuple is
249 * not supported.
250 */
251rpc_authflavor_t gss_mech_info2flavor(struct rpcsec_gss_info *info)
252{
253	rpc_authflavor_t pseudoflavor;
254	struct gss_api_mech *gm;
255
256	gm = gss_mech_get_by_OID(&info->oid);
257	if (gm == NULL)
258		return RPC_AUTH_MAXFLAVOR;
259
260	pseudoflavor = gss_svc_to_pseudoflavor(gm, info->qop, info->service);
261
262	gss_mech_put(gm);
263	return pseudoflavor;
264}
265
266/**
267 * gss_mech_flavor2info - look up a GSS tuple for a given pseudoflavor
268 * @pseudoflavor: GSS pseudoflavor to match
269 * @info: rpcsec_gss_info structure to fill in
270 *
271 * Returns zero and fills in "info" if pseudoflavor matches a
272 * supported mechanism.  Otherwise a negative errno is returned.
273 */
274int gss_mech_flavor2info(rpc_authflavor_t pseudoflavor,
275			 struct rpcsec_gss_info *info)
276{
277	struct gss_api_mech *gm;
278	int i;
279
280	gm = gss_mech_get_by_pseudoflavor(pseudoflavor);
281	if (gm == NULL)
282		return -ENOENT;
283
284	for (i = 0; i < gm->gm_pf_num; i++) {
285		if (gm->gm_pfs[i].pseudoflavor == pseudoflavor) {
286			memcpy(info->oid.data, gm->gm_oid.data, gm->gm_oid.len);
287			info->oid.len = gm->gm_oid.len;
288			info->qop = gm->gm_pfs[i].qop;
289			info->service = gm->gm_pfs[i].service;
290			gss_mech_put(gm);
291			return 0;
292		}
293	}
294
295	gss_mech_put(gm);
296	return -ENOENT;
297}
298
299u32
300gss_pseudoflavor_to_service(struct gss_api_mech *gm, u32 pseudoflavor)
301{
302	int i;
303
304	for (i = 0; i < gm->gm_pf_num; i++) {
305		if (gm->gm_pfs[i].pseudoflavor == pseudoflavor)
306			return gm->gm_pfs[i].service;
307	}
308	return 0;
309}
310EXPORT_SYMBOL(gss_pseudoflavor_to_service);
311
312bool
313gss_pseudoflavor_to_datatouch(struct gss_api_mech *gm, u32 pseudoflavor)
314{
315	int i;
316
317	for (i = 0; i < gm->gm_pf_num; i++) {
318		if (gm->gm_pfs[i].pseudoflavor == pseudoflavor)
319			return gm->gm_pfs[i].datatouch;
320	}
321	return false;
322}
323
324char *
325gss_service_to_auth_domain_name(struct gss_api_mech *gm, u32 service)
326{
327	int i;
328
329	for (i = 0; i < gm->gm_pf_num; i++) {
330		if (gm->gm_pfs[i].service == service)
331			return gm->gm_pfs[i].auth_domain_name;
332	}
333	return NULL;
334}
335
336void
337gss_mech_put(struct gss_api_mech * gm)
338{
339	if (gm)
340		module_put(gm->gm_owner);
341}
342EXPORT_SYMBOL(gss_mech_put);
343
344/* The mech could probably be determined from the token instead, but it's just
345 * as easy for now to pass it in. */
346int
347gss_import_sec_context(const void *input_token, size_t bufsize,
348		       struct gss_api_mech	*mech,
349		       struct gss_ctx		**ctx_id,
350		       time64_t			*endtime,
351		       gfp_t gfp_mask)
352{
353	if (!(*ctx_id = kzalloc(sizeof(**ctx_id), gfp_mask)))
354		return -ENOMEM;
355	(*ctx_id)->mech_type = gss_mech_get(mech);
356
357	return mech->gm_ops->gss_import_sec_context(input_token, bufsize,
358						*ctx_id, endtime, gfp_mask);
359}
360
361/* gss_get_mic: compute a mic over message and return mic_token. */
362
363u32
364gss_get_mic(struct gss_ctx	*context_handle,
365	    struct xdr_buf	*message,
366	    struct xdr_netobj	*mic_token)
367{
368	 return context_handle->mech_type->gm_ops
369		->gss_get_mic(context_handle,
370			      message,
371			      mic_token);
372}
373
374/* gss_verify_mic: check whether the provided mic_token verifies message. */
375
376u32
377gss_verify_mic(struct gss_ctx		*context_handle,
378	       struct xdr_buf		*message,
379	       struct xdr_netobj	*mic_token)
380{
381	return context_handle->mech_type->gm_ops
382		->gss_verify_mic(context_handle,
383				 message,
384				 mic_token);
385}
386
387/*
388 * This function is called from both the client and server code.
389 * Each makes guarantees about how much "slack" space is available
390 * for the underlying function in "buf"'s head and tail while
391 * performing the wrap.
392 *
393 * The client and server code allocate RPC_MAX_AUTH_SIZE extra
394 * space in both the head and tail which is available for use by
395 * the wrap function.
396 *
397 * Underlying functions should verify they do not use more than
398 * RPC_MAX_AUTH_SIZE of extra space in either the head or tail
399 * when performing the wrap.
400 */
401u32
402gss_wrap(struct gss_ctx	*ctx_id,
403	 int		offset,
404	 struct xdr_buf	*buf,
405	 struct page	**inpages)
406{
407	return ctx_id->mech_type->gm_ops
408		->gss_wrap(ctx_id, offset, buf, inpages);
409}
410
411u32
412gss_unwrap(struct gss_ctx	*ctx_id,
413	   int			offset,
414	   struct xdr_buf	*buf)
415{
416	return ctx_id->mech_type->gm_ops
417		->gss_unwrap(ctx_id, offset, buf);
418}
419
420
421/* gss_delete_sec_context: free all resources associated with context_handle.
422 * Note this differs from the RFC 2744-specified prototype in that we don't
423 * bother returning an output token, since it would never be used anyway. */
424
425u32
426gss_delete_sec_context(struct gss_ctx	**context_handle)
427{
428	dprintk("RPC:       gss_delete_sec_context deleting %p\n",
429			*context_handle);
430
431	if (!*context_handle)
432		return GSS_S_NO_CONTEXT;
433	if ((*context_handle)->internal_ctx_id)
434		(*context_handle)->mech_type->gm_ops
435			->gss_delete_sec_context((*context_handle)
436							->internal_ctx_id);
437	gss_mech_put((*context_handle)->mech_type);
438	kfree(*context_handle);
439	*context_handle=NULL;
440	return GSS_S_COMPLETE;
441}