1 // SPDX-License-Identifier: GPL-2.0 <<
2 /* 1 /*
3 * linux/net/sunrpc/auth_unix.c 2 * linux/net/sunrpc/auth_unix.c
4 * 3 *
5 * UNIX-style authentication; no AUTH_SHORT su 4 * UNIX-style authentication; no AUTH_SHORT support
6 * 5 *
7 * Copyright (C) 1996, Olaf Kirch <okir@monad. 6 * Copyright (C) 1996, Olaf Kirch <okir@monad.swb.de>
8 */ 7 */
9 8
10 #include <linux/slab.h> <<
11 #include <linux/types.h> 9 #include <linux/types.h>
12 #include <linux/sched.h> 10 #include <linux/sched.h>
13 #include <linux/module.h> 11 #include <linux/module.h>
14 #include <linux/mempool.h> !! 12 #include <linux/socket.h>
>> 13 #include <linux/in.h>
15 #include <linux/sunrpc/clnt.h> 14 #include <linux/sunrpc/clnt.h>
16 #include <linux/sunrpc/auth.h> 15 #include <linux/sunrpc/auth.h>
17 #include <linux/user_namespace.h> <<
18 16
>> 17 #define NFS_NGROUPS 16
19 18
20 #if IS_ENABLED(CONFIG_SUNRPC_DEBUG) !! 19 struct unx_cred {
>> 20 struct rpc_cred uc_base;
>> 21 gid_t uc_gid;
>> 22 uid_t uc_puid; /* process uid */
>> 23 gid_t uc_pgid; /* process gid */
>> 24 gid_t uc_gids[NFS_NGROUPS];
>> 25 };
>> 26 #define uc_uid uc_base.cr_uid
>> 27 #define uc_count uc_base.cr_count
>> 28 #define uc_flags uc_base.cr_flags
>> 29 #define uc_expire uc_base.cr_expire
>> 30
>> 31 #define UNX_CRED_EXPIRE (60 * HZ)
>> 32
>> 33 #define UNX_WRITESLACK (21 + (UNX_MAXNODENAME >> 2))
>> 34
>> 35 #ifdef RPC_DEBUG
21 # define RPCDBG_FACILITY RPCDBG_AUTH 36 # define RPCDBG_FACILITY RPCDBG_AUTH
22 #endif 37 #endif
23 38
24 static struct rpc_auth unix_auth; !! 39 static struct rpc_credops unix_credops;
25 static const struct rpc_credops unix_credops; <<
26 static mempool_t *unix_pool; <<
27 40
28 static struct rpc_auth * 41 static struct rpc_auth *
29 unx_create(const struct rpc_auth_create_args * !! 42 unx_create(struct rpc_clnt *clnt, rpc_authflavor_t flavor)
30 { 43 {
31 refcount_inc(&unix_auth.au_count); !! 44 struct rpc_auth *auth;
32 return &unix_auth; !! 45
>> 46 dprintk("RPC: creating UNIX authenticator for client %p\n", clnt);
>> 47 if (!(auth = (struct rpc_auth *) kmalloc(sizeof(*auth), GFP_KERNEL)))
>> 48 return NULL;
>> 49 auth->au_cslack = UNX_WRITESLACK;
>> 50 auth->au_rslack = 2; /* assume AUTH_NULL verf */
>> 51 auth->au_expire = UNX_CRED_EXPIRE;
>> 52 auth->au_ops = &authunix_ops;
>> 53
>> 54 rpcauth_init_credcache(auth);
>> 55
>> 56 return auth;
33 } 57 }
34 58
35 static void 59 static void
36 unx_destroy(struct rpc_auth *auth) 60 unx_destroy(struct rpc_auth *auth)
37 { 61 {
>> 62 dprintk("RPC: destroying UNIX authenticator %p\n", auth);
>> 63 rpcauth_free_credcache(auth);
38 } 64 }
39 65
40 /* !! 66 static struct rpc_cred *
41 * Lookup AUTH_UNIX creds for current process !! 67 unx_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags)
42 */ <<
43 static struct rpc_cred *unx_lookup_cred(struct <<
44 struct <<
45 { 68 {
46 struct rpc_cred *ret; !! 69 struct unx_cred *cred;
>> 70 int i;
47 71
48 ret = kmalloc(sizeof(*ret), rpc_task_g !! 72 dprintk("RPC: allocating UNIX cred for uid %d gid %d\n",
49 if (!ret) { !! 73 acred->uid, acred->gid);
50 if (!(flags & RPCAUTH_LOOKUP_A <<
51 return ERR_PTR(-ENOMEM <<
52 ret = mempool_alloc(unix_pool, <<
53 if (!ret) <<
54 return ERR_PTR(-ENOMEM <<
55 } <<
56 rpcauth_init_cred(ret, acred, auth, &u <<
57 ret->cr_flags = 1UL << RPCAUTH_CRED_UP <<
58 return ret; <<
59 } <<
60 74
61 static void !! 75 if (!(cred = (struct unx_cred *) kmalloc(sizeof(*cred), GFP_KERNEL)))
62 unx_free_cred_callback(struct rcu_head *head) !! 76 return NULL;
63 { <<
64 struct rpc_cred *rpc_cred = container_ <<
65 77
66 put_cred(rpc_cred->cr_cred); !! 78 atomic_set(&cred->uc_count, 0);
67 mempool_free(rpc_cred, unix_pool); !! 79 cred->uc_flags = RPCAUTH_CRED_UPTODATE;
>> 80 if (flags & RPC_TASK_ROOTCREDS) {
>> 81 cred->uc_uid = cred->uc_puid = 0;
>> 82 cred->uc_gid = cred->uc_pgid = 0;
>> 83 cred->uc_gids[0] = NOGROUP;
>> 84 } else {
>> 85 int groups = acred->ngroups;
>> 86 if (groups > NFS_NGROUPS)
>> 87 groups = NFS_NGROUPS;
>> 88
>> 89 cred->uc_uid = acred->uid;
>> 90 cred->uc_gid = acred->gid;
>> 91 cred->uc_puid = current->uid;
>> 92 cred->uc_pgid = current->gid;
>> 93 for (i = 0; i < groups; i++)
>> 94 cred->uc_gids[i] = (gid_t) acred->groups[i];
>> 95 if (i < NFS_NGROUPS)
>> 96 cred->uc_gids[i] = NOGROUP;
>> 97 }
>> 98 cred->uc_base.cr_ops = &unix_credops;
>> 99
>> 100 return (struct rpc_cred *) cred;
68 } 101 }
69 102
70 static void 103 static void
71 unx_destroy_cred(struct rpc_cred *cred) 104 unx_destroy_cred(struct rpc_cred *cred)
72 { 105 {
73 call_rcu(&cred->cr_rcu, unx_free_cred_ !! 106 kfree(cred);
74 } 107 }
75 108
76 /* 109 /*
77 * Match credentials against current the auth_ !! 110 * Match credentials against current process creds.
>> 111 * The root_override argument takes care of cases where the caller may
>> 112 * request root creds (e.g. for NFS swapping).
78 */ 113 */
79 static int 114 static int
80 unx_match(struct auth_cred *acred, struct rpc_ !! 115 unx_match(struct auth_cred *acred, struct rpc_cred *rcred, int taskflags)
81 { 116 {
82 unsigned int groups = 0; !! 117 struct unx_cred *cred = (struct unx_cred *) rcred;
83 unsigned int i; !! 118 int i;
84 <<
85 if (cred->cr_cred == acred->cred) <<
86 return 1; <<
87 <<
88 if (!uid_eq(cred->cr_cred->fsuid, acre <<
89 return 0; <<
90 119
91 if (acred->cred->group_info != NULL) !! 120 if (!(taskflags & RPC_TASK_ROOTCREDS)) {
92 groups = acred->cred->group_in !! 121 int groups;
93 if (groups > UNX_NGROUPS) <<
94 groups = UNX_NGROUPS; <<
95 if (cred->cr_cred->group_info == NULL) <<
96 return groups == 0; <<
97 if (groups != cred->cr_cred->group_inf <<
98 return 0; <<
99 122
100 for (i = 0; i < groups ; i++) !! 123 if (cred->uc_uid != acred->uid
101 if (!gid_eq(cred->cr_cred->gro !! 124 || cred->uc_gid != acred->gid
>> 125 || cred->uc_puid != current->uid
>> 126 || cred->uc_pgid != current->gid)
102 return 0; 127 return 0;
103 return 1; !! 128
>> 129 groups = acred->ngroups;
>> 130 if (groups > NFS_NGROUPS)
>> 131 groups = NFS_NGROUPS;
>> 132 for (i = 0; i < groups ; i++)
>> 133 if (cred->uc_gids[i] != (gid_t) acred->groups[i])
>> 134 return 0;
>> 135 return 1;
>> 136 }
>> 137 return (cred->uc_uid == 0 && cred->uc_puid == 0
>> 138 && cred->uc_gid == 0 && cred->uc_pgid == 0
>> 139 && cred->uc_gids[0] == (gid_t) NOGROUP);
104 } 140 }
105 141
106 /* 142 /*
107 * Marshal credentials. 143 * Marshal credentials.
108 * Maybe we should keep a cached credential fo 144 * Maybe we should keep a cached credential for performance reasons.
109 */ 145 */
110 static int !! 146 static u32 *
111 unx_marshal(struct rpc_task *task, struct xdr_ !! 147 unx_marshal(struct rpc_task *task, u32 *p, int ruid)
112 { 148 {
113 struct rpc_clnt *clnt = task->tk_clien 149 struct rpc_clnt *clnt = task->tk_client;
114 struct rpc_cred *cred = task->tk_rqstp !! 150 struct unx_cred *cred = (struct unx_cred *) task->tk_msg.rpc_cred;
115 __be32 *p, *cred_len, *gidarr !! 151 u32 *base, *hold;
116 int i; !! 152 int i, n;
117 struct group_info *gi = cred->cr_cred- !! 153
118 struct user_namespace *userns = clnt-> !! 154 *p++ = htonl(RPC_AUTH_UNIX);
119 clnt->cl_cred->user_ns : &init !! 155 base = p++;
120 !! 156 *p++ = htonl(jiffies/HZ);
121 /* Credential */ !! 157
122 !! 158 /*
123 p = xdr_reserve_space(xdr, 3 * sizeof( !! 159 * Copy the UTS nodename captured when the client was created.
124 if (!p) !! 160 */
125 goto marshal_failed; !! 161 n = clnt->cl_nodelen;
126 *p++ = rpc_auth_unix; !! 162 *p++ = htonl(n);
127 cred_len = p++; !! 163 memcpy(p, clnt->cl_nodename, n);
128 *p++ = xdr_zero; /* stamp */ !! 164 p += (n + 3) >> 2;
129 if (xdr_stream_encode_opaque(xdr, clnt !! 165
130 clnt->cl_ !! 166 /* Note: we don't use real uid if it involves raising privilege */
131 goto marshal_failed; !! 167 if (ruid && cred->uc_puid != 0 && cred->uc_pgid != 0) {
132 p = xdr_reserve_space(xdr, 3 * sizeof( !! 168 *p++ = htonl((u32) cred->uc_puid);
133 if (!p) !! 169 *p++ = htonl((u32) cred->uc_pgid);
134 goto marshal_failed; !! 170 } else {
135 *p++ = cpu_to_be32(from_kuid_munged(us !! 171 *p++ = htonl((u32) cred->uc_uid);
136 *p++ = cpu_to_be32(from_kgid_munged(us !! 172 *p++ = htonl((u32) cred->uc_gid);
137 !! 173 }
138 gidarr_len = p++; !! 174 hold = p++;
139 if (gi) !! 175 for (i = 0; i < 16 && cred->uc_gids[i] != (gid_t) NOGROUP; i++)
140 for (i = 0; i < UNX_NGROUPS && !! 176 *p++ = htonl((u32) cred->uc_gids[i]);
141 *p++ = cpu_to_be32(fro !! 177 *hold = htonl(p - hold - 1); /* gid array length */
142 *gidarr_len = cpu_to_be32(p - gidarr_l !! 178 *base = htonl((p - base - 1) << 2); /* cred length */
143 *cred_len = cpu_to_be32((p - cred_len <<
144 p = xdr_reserve_space(xdr, (p - gidarr <<
145 if (!p) <<
146 goto marshal_failed; <<
147 <<
148 /* Verifier */ <<
149 <<
150 p = xdr_reserve_space(xdr, 2 * sizeof( <<
151 if (!p) <<
152 goto marshal_failed; <<
153 *p++ = rpc_auth_null; <<
154 *p = xdr_zero; <<
155 179
156 return 0; !! 180 *p++ = htonl(RPC_AUTH_NULL);
>> 181 *p++ = htonl(0);
157 182
158 marshal_failed: !! 183 return p;
159 return -EMSGSIZE; <<
160 } 184 }
161 185
162 /* 186 /*
163 * Refresh credentials. This is a no-op for AU 187 * Refresh credentials. This is a no-op for AUTH_UNIX
164 */ 188 */
165 static int 189 static int
166 unx_refresh(struct rpc_task *task) 190 unx_refresh(struct rpc_task *task)
167 { 191 {
168 set_bit(RPCAUTH_CRED_UPTODATE, &task-> !! 192 task->tk_msg.rpc_cred->cr_flags |= RPCAUTH_CRED_UPTODATE;
169 return 0; !! 193 return task->tk_status = -EACCES;
170 } 194 }
171 195
172 static int !! 196 static u32 *
173 unx_validate(struct rpc_task *task, struct xdr !! 197 unx_validate(struct rpc_task *task, u32 *p)
174 { 198 {
175 struct rpc_auth *auth = task->tk_rqstp !! 199 rpc_authflavor_t flavor;
176 __be32 *p; !! 200 u32 size;
177 u32 size; !! 201
178 !! 202 flavor = ntohl(*p++);
179 p = xdr_inline_decode(xdr, 2 * sizeof( !! 203 if (flavor != RPC_AUTH_NULL &&
180 if (!p) !! 204 flavor != RPC_AUTH_UNIX &&
181 return -EIO; !! 205 flavor != RPC_AUTH_SHORT) {
182 switch (*p++) { !! 206 printk("RPC: bad verf flavor: %u\n", flavor);
183 case rpc_auth_null: !! 207 return NULL;
184 case rpc_auth_unix: <<
185 case rpc_auth_short: <<
186 break; <<
187 default: <<
188 return -EIO; <<
189 } 208 }
190 size = be32_to_cpup(p); <<
191 if (size > RPC_MAX_AUTH_SIZE) <<
192 return -EIO; <<
193 p = xdr_inline_decode(xdr, size); <<
194 if (!p) <<
195 return -EIO; <<
196 <<
197 auth->au_verfsize = XDR_QUADLEN(size) <<
198 auth->au_rslack = XDR_QUADLEN(size) + <<
199 auth->au_ralign = XDR_QUADLEN(size) + <<
200 return 0; <<
201 } <<
202 209
203 int __init rpc_init_authunix(void) !! 210 size = ntohl(*p++);
204 { !! 211 if (size > RPC_MAX_AUTH_SIZE) {
205 unix_pool = mempool_create_kmalloc_poo !! 212 printk("RPC: giant verf size: %u\n", size);
206 return unix_pool ? 0 : -ENOMEM; !! 213 return NULL;
207 } !! 214 }
>> 215 task->tk_auth->au_rslack = (size >> 2) + 2;
>> 216 p += (size >> 2);
208 217
209 void rpc_destroy_authunix(void) !! 218 return p;
210 { <<
211 mempool_destroy(unix_pool); <<
212 } 219 }
213 220
214 const struct rpc_authops authunix_ops = { !! 221 struct rpc_authops authunix_ops = {
215 .owner = THIS_MODULE, 222 .owner = THIS_MODULE,
216 .au_flavor = RPC_AUTH_UNIX, 223 .au_flavor = RPC_AUTH_UNIX,
>> 224 #ifdef RPC_DEBUG
217 .au_name = "UNIX", 225 .au_name = "UNIX",
>> 226 #endif
218 .create = unx_create, 227 .create = unx_create,
219 .destroy = unx_destroy, 228 .destroy = unx_destroy,
220 .lookup_cred = unx_lookup_cred, !! 229 .crcreate = unx_create_cred,
221 }; <<
222 <<
223 static <<
224 struct rpc_auth unix_auth = { <<
225 .au_cslack = UNX_CALLSLACK, <<
226 .au_rslack = NUL_REPLYSLACK, <<
227 .au_verfsize = NUL_REPLYSLACK, <<
228 .au_ops = &authunix_ops, <<
229 .au_flavor = RPC_AUTH_UNIX, <<
230 .au_count = REFCOUNT_INIT(1), <<
231 }; 230 };
232 231
233 static 232 static
234 const struct rpc_credops unix_credops = { !! 233 struct rpc_credops unix_credops = {
235 .cr_name = "AUTH_UNIX", <<
236 .crdestroy = unx_destroy_cred, 234 .crdestroy = unx_destroy_cred,
237 .crmatch = unx_match, 235 .crmatch = unx_match,
238 .crmarshal = unx_marshal, 236 .crmarshal = unx_marshal,
239 .crwrap_req = rpcauth_wrap_req_enc <<
240 .crrefresh = unx_refresh, 237 .crrefresh = unx_refresh,
241 .crvalidate = unx_validate, 238 .crvalidate = unx_validate,
242 .crunwrap_resp = rpcauth_unwrap_resp_ <<
243 }; 239 };
244 240
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.