From: <andros@netapp.com>
To: <anna.schumaker@netapp.com>
Cc: <bfieldses.org@netapp.com>, <linux-nfs@vger.kernel.org>,
Andy Adamson <andros@netapp.com>
Subject: [PATCH Version 3 07/16] SUNRPC AUTH_GSS RPCSEC_GSS_CREATE with label payload
Date: Fri, 23 Dec 2016 11:04:19 -0500 [thread overview]
Message-ID: <1482509068-24516-8-git-send-email-andros@netapp.com> (raw)
In-Reply-To: <1482509068-24516-1-git-send-email-andros@netapp.com>
From: Andy Adamson <andros@netapp.com>
Signed-off-by: Andy Adamson <andros@netapp.com>
---
include/linux/sunrpc/auth_gss.h | 54 ++++++++
net/sunrpc/auth_gss/auth_gss.c | 282 ++++++++++++++++++++++++++++++++++++++++
2 files changed, 336 insertions(+)
diff --git a/include/linux/sunrpc/auth_gss.h b/include/linux/sunrpc/auth_gss.h
index 4ab63a9..b2a5a61 100644
--- a/include/linux/sunrpc/auth_gss.h
+++ b/include/linux/sunrpc/auth_gss.h
@@ -93,6 +93,60 @@ struct gss_cred {
unsigned long gc_upcall_timestamp;
};
+/** GSS3 */
+enum gss3_type {
+ GSS3_LABEL = 0,
+ GSS3_PRIVS = 1,
+};
+
+struct gss3_chan_binding {
+ u32 cb_len;
+ void *cb_binding;
+};
+
+struct gss3_mp_auth {
+ u32 mp_handle_len;
+ void *mp_handle;
+ u32 *mp_mic_len;
+ void *mp_mic; /* header mic */
+};
+
+struct gss3_label {
+ u32 la_lfs;
+ u32 la_pi;
+ struct xdr_netobj la_label;
+};
+
+struct gss3_privs {
+ char *pr_name;
+ u32 pr_num;
+ void *pr_data;
+};
+
+struct gss3_assertion_u {
+ u32 au_type;
+ union {
+ struct gss3_label au_label;
+ struct gss3_privs au_privs;
+ } u;
+};
+
+struct gss3_create_args {
+ struct gss3_mp_auth *ca_mp_auth;
+ struct gss3_chan_binding *ca_chan_bind;
+ u32 ca_num;
+ struct gss3_assertion_u *ca_assertions;
+};
+
+struct gss3_create_res {
+ u32 cr_hlen;
+ void *cr_handle;
+ struct gss3_mp_auth *cr_mp_auth;
+ struct gss3_chan_binding *cr_chan_bind;
+ u32 cr_num;
+ struct gss3_assertion_u *cr_assertions;
+};
+
#endif /* __KERNEL__ */
#endif /* _LINUX_SUNRPC_AUTH_GSS_H */
diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c
index d11f421..e39c1af 100644
--- a/net/sunrpc/auth_gss/auth_gss.c
+++ b/net/sunrpc/auth_gss/auth_gss.c
@@ -52,9 +52,12 @@
#include <linux/sunrpc/gss_api.h>
#include <asm/uaccess.h>
#include <linux/hashtable.h>
+#include <linux/security.h>
#include "../netns.h"
+static int gss3_create_label(struct rpc_cred *cred);
+
static const struct rpc_authops authgss_ops;
static const struct rpc_credops gss_credops;
@@ -145,6 +148,8 @@ struct gss_auth {
set_bit(RPCAUTH_CRED_UPTODATE, &cred->cr_flags);
smp_mb__before_atomic();
clear_bit(RPCAUTH_CRED_NEW, &cred->cr_flags);
+ /* XXXX make void? check retunr ?? */
+ gss3_create_label(cred);
}
static const void *
@@ -1591,6 +1596,283 @@ static int gss_cred_is_negative_entry(struct rpc_cred *cred)
return 0;
}
+/**
+ * GSS3_createargs_maxsz and GSS3_createres_maxsz
+ * include no rgss3_assertion_u payload.
+ *
+ * GSS3_createargs_maxsz is currently for one label.
+ */
+#define GSS3_createargs_maxsz (1 /* empty ca_mp_auth */ + \
+ 1 /* empty ca_chan_bind */ + \
+ 1 /* ca_num */ + \
+ 1 /* au_type */)
+#define GSS3_labelargs_maxsz (1 /* la_lfs */ + \
+ 1 /* la_pi */ + \
+ 1 /* la_label.len */ + \
+ XDR_QUADLEN(1024) /* la_label.data */)
+#define GSS3_createres_maxsz (1 /* cr_hlen */ + \
+ XDR_QUADLEN(1024) /* cr_handle*/ + \
+ GSS3_createargs_maxsz)
+#define GSS3_labelres_maxsz GSS3_labelargs_maxsz
+
+#define GSS3_listargs_maxsz (1) /* dummy */
+#define GSS3_listres_maxsz (1) /* dummy */
+
+static void
+gss3_enc_label(struct rpc_rqst *req, struct xdr_stream *xdr,
+ const struct gss3_create_args *g3ca)
+{
+ struct gss3_label *gl;
+ __be32 *p;
+
+ gl = &g3ca->ca_assertions[0].u.au_label;
+
+ dprintk("RPC: %5u encoding GSSv3 label %s:%d\n", req->rq_task->tk_pid,
+ (char *)gl->la_label.data, gl->la_label.len);
+
+ p = xdr_reserve_space(xdr, GSS3_labelargs_maxsz << 2);
+ *p++ = cpu_to_be32(0); /* la_lfs */
+ *p++ = cpu_to_be32(0); /* la_pi */
+ p = xdr_encode_netobj(p, &gl->la_label);
+}
+
+static void
+gss3_enc_create(struct rpc_rqst *req, struct xdr_stream *xdr,
+ const struct gss3_create_args *g3ca)
+{
+ u32 type;
+ __be32 *p;
+
+ p = xdr_reserve_space(xdr, GSS3_createargs_maxsz << 2);
+ *p++ = cpu_to_be32(0); /* NULL ca_mp_auth */
+ *p++ = cpu_to_be32(0); /* NULL ca_chan_bind */
+ *p++ = cpu_to_be32(g3ca->ca_num);
+ /* the payload is a gss3_label */
+ type = cpu_to_be32(g3ca->ca_assertions->au_type);
+ *p++ = type;
+ switch (type) {
+ case GSS3_LABEL:
+ gss3_enc_label(req, xdr, g3ca);
+ break;
+ case GSS3_PRIVS:
+ default:
+ /* drop through to return */
+ pr_warn("RPC Unsupported gss3 create assertion %d\n", type);
+ }
+}
+
+static int
+gss3_dec_label(struct rpc_rqst *req, struct xdr_stream *xdr,
+ struct gss3_create_res *g3cr)
+{
+ struct gss3_label *gl;
+ struct gss3_assertion_u *g3a;
+ __be32 *p;
+
+ g3a = kzalloc(sizeof(*g3a), GFP_KERNEL);
+ if (!g3a)
+ goto out_err;
+
+ g3a->au_type = GSS3_LABEL;
+ gl = &g3a->u.au_label;
+
+ p = xdr_inline_decode(xdr, 12);
+ if (unlikely(!p))
+ goto out_overflow;
+
+ gl->la_lfs = be32_to_cpup(p++);
+ gl->la_pi = be32_to_cpup(p++);
+ gl->la_label.len = be32_to_cpup(p++);
+
+ p = xdr_inline_decode(xdr, gl->la_label.len);
+ if (unlikely(!p))
+ goto out_overflow;
+
+ gl->la_label.data = kmemdup(p, gl->la_label.len, GFP_KERNEL);
+ if (!gl->la_label.data)
+ goto out_free_assert;
+ /**
+ * Note: need to store the assertion with the child handle
+ * in the gss context cache.
+ */
+
+ g3cr->cr_assertions = g3a;
+
+ return 0;
+
+out_free_assert:
+ kfree(g3a);
+out_err:
+ return -EIO;
+out_overflow:
+ pr_warn("RPC %s End of receive buffer. Remaining len: %tu words.\n",
+ __func__, xdr->end - xdr->p);
+ goto out_free_assert;
+}
+
+static int
+gss3_dec_create(struct rpc_rqst *req, struct xdr_stream *xdr,
+ struct gss3_create_res *g3cr)
+{
+ u32 dummy, type;
+ __be32 *p;
+
+ p = xdr_inline_decode(xdr, 4);
+ if (unlikely(!p))
+ goto out_overflow;
+ g3cr->cr_hlen = be32_to_cpup(p++);
+
+ p = xdr_inline_decode(xdr, g3cr->cr_hlen + 16);
+ if (unlikely(!p))
+ goto out_overflow;
+
+ g3cr->cr_handle = kmemdup(p, g3cr->cr_hlen, GFP_KERNEL);
+ if (!g3cr->cr_handle)
+ goto out_err;
+
+ p += XDR_QUADLEN(g3cr->cr_hlen);
+
+ /* cr_mp_auth: not supported */
+ dummy = be32_to_cpup(p++);
+ if (dummy != 0) {
+ pr_warn("RPC gss3 create cr_mp_auth not supported\n");
+ goto out_free_handle;
+ }
+
+ /* cr_chan_bind: not supported */
+ dummy = be32_to_cpup(p++);
+ if (dummy != 0) {
+ pr_warn("RPC gss3 create cr_chan_bind not supported\n");
+ goto out_free_handle;
+ }
+
+ /* Support one label assertion */
+ g3cr->cr_num = be32_to_cpup(p++);
+ if (g3cr->cr_num != 1) {
+ pr_warn("RPC gss3 multiple assertions %d unspported\n",
+ g3cr->cr_num);
+ goto out_free_handle;
+ }
+
+ /* au_type */
+ type = be32_to_cpup(p++);
+ switch (type) {
+ case GSS3_LABEL:
+ if (gss3_dec_label(req, xdr, g3cr) != 0)
+ goto out_free_handle;
+ break;
+ case GSS3_PRIVS:
+ default:
+ pr_warn("RPC Unsupported gss3 create assertion %d\n", type);
+ goto out_free_handle;
+ }
+ return 0;
+
+out_free_handle:
+ kfree(g3cr->cr_handle);
+out_err:
+ return -EIO;
+out_overflow:
+ pr_warn("RPC %s End of receive buffer. Remaining len: %tu words.\n",
+ __func__, xdr->end - xdr->p);
+ goto out_err;
+}
+
+#define RPC_PROC_NULL 0
+
+struct rpc_procinfo gss3_label_assertion[] = {
+ [RPC_GSS_PROC_CREATE] = {
+ .p_proc = RPC_PROC_NULL,
+ .p_encode = (kxdreproc_t)gss3_enc_create,
+ .p_decode = (kxdrdproc_t)gss3_dec_create,
+ .p_arglen = GSS3_createargs_maxsz + GSS3_labelargs_maxsz,
+ .p_replen = GSS3_createres_maxsz + GSS3_labelres_maxsz,
+ .p_statidx = RPC_GSS_PROC_CREATE,
+ .p_timer = 0,
+ .p_name = "GSS_CREATE_LABEL",
+ },
+};
+
+/** GSSv3 RPC_GSS_PROC_CREATE operation
+ * Note: MUST use integrity or privacy security service.
+ * First pass; use rpc_gss_svc_none.
+ *
+ * scontext: returned from security_sid_to_scontext(u32 sid, char **scontext)
+ */
+static int
+gss3_create_label(struct rpc_cred *cred)
+{
+ struct gss_auth *gss_auth = container_of(cred->cr_auth, struct gss_auth,
+ rpc_auth);
+ struct gss_cl_ctx *ctx = gss_cred_get_ctx(cred);
+ struct rpc_task *task;
+ struct gss3_create_res cres = {
+ .cr_mp_auth = 0,
+ };
+ struct gss3_create_args *cargs = NULL;
+ struct gss3_label *gl;
+ int ret = -EINVAL;
+
+ if (!ctx)
+ goto out;
+ /**
+ * Take a reference to ensure the cred sticks around as we create
+ * a child context
+ * XXX does grabbing a reference to the context (gss_cred_get_ctx)
+ * also keep the cred from being removed?
+ * XXX do we need to keep this cred reference until the child context
+ * handle and associated assertion is removed?
+ */
+ get_rpccred(cred);
+
+ if (ctx->gc_v != RPC_GSS3_VERSION || !selinux_is_enabled())
+ goto out_err;
+
+ ret = -ENOMEM;
+ cargs = kzalloc(sizeof(*cargs), GFP_NOFS);
+ if (!cargs)
+ goto out_err;
+ cargs->ca_assertions = kzalloc(sizeof(*cargs->ca_assertions), GFP_NOFS);
+ if (!cargs->ca_assertions)
+ goto out_free_args;
+
+ /* NOTE: not setting la_lfs, la_pi. Do we even need them? */
+ cargs->ca_num = 1;
+ cargs->ca_assertions->au_type = GSS3_LABEL;
+ gl = &cargs->ca_assertions->u.au_label;
+
+ ret = security_current_sid_to_context((char **)&gl->la_label.data,
+ &gl->la_label.len);
+
+ ctx->gc_proc = RPC_GSS_PROC_CREATE;
+ cred->cr_ops = &gss_credops;
+
+ /* Want a sync rpc call */
+ task = rpc_call_null_payload(gss_auth->client, cred,
+ 0, cargs, &cres,
+ &gss3_label_assertion[RPC_GSS_PROC_CREATE]);
+ if (IS_ERR(task)) {
+ ret = PTR_ERR(task);
+ goto out_free_assert;
+ }
+ if (task->tk_status != 0) {
+ ret = task->tk_status;
+ goto out_free_assert;
+ }
+ rpc_put_task(task);
+
+out_free_assert:
+ kfree(cargs->ca_assertions);
+out_free_args:
+ kfree(cargs);
+out_err:
+ ctx->gc_proc = RPC_GSS_PROC_DATA;
+ gss_put_ctx(ctx);
+ put_rpccred(cred);
+out:
+ return ret;
+}
+
/*
* Refresh credentials. XXX - finish
*/
--
1.8.3.1
next prev parent reply other threads:[~2016-12-23 16:06 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-23 16:04 [PATCH Version 3 00/16] RFC: RPCSEC_GSS Version 3 prototype: Full Mode MAC andros
2016-12-23 16:04 ` [PATCH Version 3 01/16] SUNRPC handle unsupported RPC_GSS_SVC_CHANNEL_PROT andros
2016-12-23 18:31 ` kbuild test robot
2017-01-04 21:11 ` Anna Schumaker
2016-12-23 16:04 ` [PATCH Version 3 02/16] SUNRPC: add a null call with payload GSSv3 andros
2016-12-23 16:04 ` [PATCH Version 3 03/16] SELINUX export security_current_sid_to_context andros
2016-12-23 16:04 ` [PATCH Version 3 04/16] SUNRPC GSSv3: base definitions andros
2016-12-23 16:04 ` [PATCH Version 3 05/16] SUNRPC AUTH_GSS get RPCSEC_GSS version from gssd downcall andros
2016-12-23 16:04 ` [PATCH Version 3 06/16] SUNRPC AUTH_GSS gss3 reply verifier andros
2017-01-04 21:46 ` Anna Schumaker
2016-12-23 16:04 ` andros [this message]
2016-12-23 18:01 ` [PATCH Version 3 07/16] SUNRPC AUTH_GSS RPCSEC_GSS_CREATE with label payload kbuild test robot
2017-01-04 21:51 ` Anna Schumaker
2016-12-23 16:04 ` [PATCH Version 3 08/16] SUNRPC AUTH_GSS store and use gss3 label assertion andros
2016-12-23 16:04 ` [PATCH Version 3 09/16] SUNRPC AUTH_GSS free assertions andros
2016-12-23 16:04 ` [PATCH Version 3 10/16] SUNRPC: AUTH_GSS add RPC_GSS_PROC_CREATE case for wrap and unwrap andros
2016-12-23 16:04 ` [PATCH Version 3 11/16] SUNRPC SVCAUTH_GSS reap the rsc cache entry on RPC_GSS_PROC_DESTROY andros
2016-12-23 16:04 ` [PATCH Version 3 12/16] SUNRPC SVCAUTH_GSS allow RPCSEC_GSS version 1 or 3 andros
2016-12-23 16:04 ` [PATCH Version 3 13/16] SUNRPC SVCAUTH_GSS gss3 reply verifier andros
2016-12-23 16:04 ` [PATCH Version 3 14/16] SUNRPC SVCAUTH_GSS gss3 create label andros
2016-12-23 16:04 ` [PATCH Version 3 15/16] SUNRPC SVCAUTH_GSS set gss3 label on nfsd thread andros
2016-12-23 16:04 ` [PATCH Version 3 16/16] SUNRPC SVCAUTH_gss store gss3 child handles in parent rsc andros
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1482509068-24516-8-git-send-email-andros@netapp.com \
--to=andros@netapp.com \
--cc=anna.schumaker@netapp.com \
--cc=bfieldses.org@netapp.com \
--cc=linux-nfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.