Commit | Line | Data |
---|---|---|
e2f34481 NJ |
1 | // SPDX-License-Identifier: GPL-2.0-or-later |
2 | /* | |
3 | * Copyright (C) 2021 Samsung Electronics Co., Ltd. | |
4 | * Author(s): Namjae Jeon <linkinjeon@kernel.org> | |
5 | */ | |
6 | ||
7 | #include <linux/fs.h> | |
8 | ||
9 | #include "glob.h" | |
10 | #include "ndr.h" | |
11 | ||
cb5b047f HL |
12 | static inline char *ndr_get_field(struct ndr *n) |
13 | { | |
14 | return n->data + n->offset; | |
15 | } | |
e2f34481 | 16 | |
e2f34481 NJ |
17 | static int try_to_realloc_ndr_blob(struct ndr *n, size_t sz) |
18 | { | |
19 | char *data; | |
20 | ||
21 | data = krealloc(n->data, n->offset + sz + 1024, GFP_KERNEL); | |
22 | if (!data) | |
23 | return -ENOMEM; | |
24 | ||
25 | n->data = data; | |
26 | n->length += 1024; | |
27 | memset(n->data + n->offset, 0, 1024); | |
28 | return 0; | |
29 | } | |
30 | ||
303fff2b | 31 | static int ndr_write_int16(struct ndr *n, __u16 value) |
e2f34481 | 32 | { |
303fff2b NJ |
33 | if (n->length <= n->offset + sizeof(value)) { |
34 | int ret; | |
35 | ||
36 | ret = try_to_realloc_ndr_blob(n, sizeof(value)); | |
37 | if (ret) | |
38 | return ret; | |
39 | } | |
e2f34481 | 40 | |
cb5b047f | 41 | *(__le16 *)ndr_get_field(n) = cpu_to_le16(value); |
e2f34481 | 42 | n->offset += sizeof(value); |
303fff2b | 43 | return 0; |
e2f34481 NJ |
44 | } |
45 | ||
303fff2b | 46 | static int ndr_write_int32(struct ndr *n, __u32 value) |
e2f34481 | 47 | { |
303fff2b NJ |
48 | if (n->length <= n->offset + sizeof(value)) { |
49 | int ret; | |
50 | ||
51 | ret = try_to_realloc_ndr_blob(n, sizeof(value)); | |
52 | if (ret) | |
53 | return ret; | |
54 | } | |
e2f34481 | 55 | |
cb5b047f | 56 | *(__le32 *)ndr_get_field(n) = cpu_to_le32(value); |
e2f34481 | 57 | n->offset += sizeof(value); |
303fff2b | 58 | return 0; |
e2f34481 NJ |
59 | } |
60 | ||
303fff2b | 61 | static int ndr_write_int64(struct ndr *n, __u64 value) |
e2f34481 | 62 | { |
303fff2b NJ |
63 | if (n->length <= n->offset + sizeof(value)) { |
64 | int ret; | |
65 | ||
66 | ret = try_to_realloc_ndr_blob(n, sizeof(value)); | |
67 | if (ret) | |
68 | return ret; | |
69 | } | |
e2f34481 | 70 | |
cb5b047f | 71 | *(__le64 *)ndr_get_field(n) = cpu_to_le64(value); |
e2f34481 | 72 | n->offset += sizeof(value); |
303fff2b | 73 | return 0; |
e2f34481 NJ |
74 | } |
75 | ||
76 | static int ndr_write_bytes(struct ndr *n, void *value, size_t sz) | |
77 | { | |
303fff2b NJ |
78 | if (n->length <= n->offset + sz) { |
79 | int ret; | |
80 | ||
81 | ret = try_to_realloc_ndr_blob(n, sz); | |
82 | if (ret) | |
83 | return ret; | |
84 | } | |
e2f34481 | 85 | |
cb5b047f | 86 | memcpy(ndr_get_field(n), value, sz); |
e2f34481 NJ |
87 | n->offset += sz; |
88 | return 0; | |
89 | } | |
90 | ||
1d904eaf | 91 | static int ndr_write_string(struct ndr *n, char *value) |
e2f34481 | 92 | { |
1d904eaf HL |
93 | size_t sz; |
94 | ||
95 | sz = strlen(value) + 1; | |
303fff2b NJ |
96 | if (n->length <= n->offset + sz) { |
97 | int ret; | |
98 | ||
99 | ret = try_to_realloc_ndr_blob(n, sz); | |
100 | if (ret) | |
101 | return ret; | |
102 | } | |
e2f34481 | 103 | |
1d904eaf | 104 | memcpy(ndr_get_field(n), value, sz); |
e2f34481 | 105 | n->offset += sz; |
c2220322 | 106 | n->offset = ALIGN(n->offset, 2); |
e2f34481 NJ |
107 | return 0; |
108 | } | |
109 | ||
110 | static int ndr_read_string(struct ndr *n, void *value, size_t sz) | |
111 | { | |
303fff2b | 112 | int len; |
e2f34481 | 113 | |
303fff2b NJ |
114 | if (n->offset + sz > n->length) |
115 | return -EINVAL; | |
116 | ||
117 | len = strnlen(ndr_get_field(n), sz); | |
118 | if (value) | |
119 | memcpy(value, ndr_get_field(n), len); | |
e2f34481 NJ |
120 | len++; |
121 | n->offset += len; | |
c2220322 | 122 | n->offset = ALIGN(n->offset, 2); |
e2f34481 NJ |
123 | return 0; |
124 | } | |
125 | ||
126 | static int ndr_read_bytes(struct ndr *n, void *value, size_t sz) | |
127 | { | |
303fff2b NJ |
128 | if (n->offset + sz > n->length) |
129 | return -EINVAL; | |
130 | ||
131 | if (value) | |
132 | memcpy(value, ndr_get_field(n), sz); | |
e2f34481 NJ |
133 | n->offset += sz; |
134 | return 0; | |
135 | } | |
136 | ||
303fff2b | 137 | static int ndr_read_int16(struct ndr *n, __u16 *value) |
e2f34481 | 138 | { |
303fff2b NJ |
139 | if (n->offset + sizeof(__u16) > n->length) |
140 | return -EINVAL; | |
e2f34481 | 141 | |
303fff2b NJ |
142 | if (value) |
143 | *value = le16_to_cpu(*(__le16 *)ndr_get_field(n)); | |
e2f34481 | 144 | n->offset += sizeof(__u16); |
303fff2b | 145 | return 0; |
e2f34481 NJ |
146 | } |
147 | ||
303fff2b | 148 | static int ndr_read_int32(struct ndr *n, __u32 *value) |
e2f34481 | 149 | { |
303fff2b | 150 | if (n->offset + sizeof(__u32) > n->length) |
ef399469 | 151 | return -EINVAL; |
e2f34481 | 152 | |
303fff2b NJ |
153 | if (value) |
154 | *value = le32_to_cpu(*(__le32 *)ndr_get_field(n)); | |
e2f34481 | 155 | n->offset += sizeof(__u32); |
303fff2b | 156 | return 0; |
e2f34481 NJ |
157 | } |
158 | ||
303fff2b | 159 | static int ndr_read_int64(struct ndr *n, __u64 *value) |
e2f34481 | 160 | { |
303fff2b NJ |
161 | if (n->offset + sizeof(__u64) > n->length) |
162 | return -EINVAL; | |
e2f34481 | 163 | |
303fff2b NJ |
164 | if (value) |
165 | *value = le64_to_cpu(*(__le64 *)ndr_get_field(n)); | |
e2f34481 | 166 | n->offset += sizeof(__u64); |
303fff2b | 167 | return 0; |
e2f34481 NJ |
168 | } |
169 | ||
170 | int ndr_encode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da) | |
171 | { | |
172 | char hex_attr[12] = {0}; | |
303fff2b | 173 | int ret; |
e2f34481 NJ |
174 | |
175 | n->offset = 0; | |
176 | n->length = 1024; | |
177 | n->data = kzalloc(n->length, GFP_KERNEL); | |
178 | if (!n->data) | |
179 | return -ENOMEM; | |
180 | ||
181 | if (da->version == 3) { | |
182 | snprintf(hex_attr, 10, "0x%x", da->attr); | |
303fff2b | 183 | ret = ndr_write_string(n, hex_attr); |
e2f34481 | 184 | } else { |
303fff2b | 185 | ret = ndr_write_string(n, ""); |
e2f34481 | 186 | } |
303fff2b NJ |
187 | if (ret) |
188 | return ret; | |
189 | ||
190 | ret = ndr_write_int16(n, da->version); | |
191 | if (ret) | |
192 | return ret; | |
193 | ||
194 | ret = ndr_write_int32(n, da->version); | |
195 | if (ret) | |
196 | return ret; | |
197 | ||
198 | ret = ndr_write_int32(n, da->flags); | |
199 | if (ret) | |
200 | return ret; | |
201 | ||
202 | ret = ndr_write_int32(n, da->attr); | |
203 | if (ret) | |
204 | return ret; | |
e2f34481 | 205 | |
e2f34481 | 206 | if (da->version == 3) { |
303fff2b NJ |
207 | ret = ndr_write_int32(n, da->ea_size); |
208 | if (ret) | |
209 | return ret; | |
210 | ret = ndr_write_int64(n, da->size); | |
211 | if (ret) | |
212 | return ret; | |
213 | ret = ndr_write_int64(n, da->alloc_size); | |
64b39f4a | 214 | } else { |
303fff2b | 215 | ret = ndr_write_int64(n, da->itime); |
64b39f4a | 216 | } |
303fff2b NJ |
217 | if (ret) |
218 | return ret; | |
219 | ||
220 | ret = ndr_write_int64(n, da->create_time); | |
221 | if (ret) | |
222 | return ret; | |
223 | ||
e2f34481 | 224 | if (da->version == 3) |
303fff2b NJ |
225 | ret = ndr_write_int64(n, da->change_time); |
226 | return ret; | |
e2f34481 NJ |
227 | } |
228 | ||
229 | int ndr_decode_dos_attr(struct ndr *n, struct xattr_dos_attrib *da) | |
230 | { | |
303fff2b NJ |
231 | char hex_attr[12]; |
232 | unsigned int version2; | |
233 | int ret; | |
7d5d8d71 | 234 | |
e2f34481 | 235 | n->offset = 0; |
303fff2b NJ |
236 | ret = ndr_read_string(n, hex_attr, sizeof(hex_attr)); |
237 | if (ret) | |
238 | return ret; | |
239 | ||
240 | ret = ndr_read_int16(n, &da->version); | |
241 | if (ret) | |
242 | return ret; | |
e2f34481 NJ |
243 | |
244 | if (da->version != 3 && da->version != 4) { | |
a34dc4a9 | 245 | ksmbd_debug(VFS, "v%d version is not supported\n", da->version); |
e2f34481 NJ |
246 | return -EINVAL; |
247 | } | |
248 | ||
303fff2b NJ |
249 | ret = ndr_read_int32(n, &version2); |
250 | if (ret) | |
251 | return ret; | |
252 | ||
e2f34481 | 253 | if (da->version != version2) { |
a34dc4a9 | 254 | ksmbd_debug(VFS, "ndr version mismatched(version: %d, version2: %d)\n", |
bde1694a | 255 | da->version, version2); |
e2f34481 NJ |
256 | return -EINVAL; |
257 | } | |
258 | ||
303fff2b NJ |
259 | ret = ndr_read_int32(n, NULL); |
260 | if (ret) | |
261 | return ret; | |
262 | ||
263 | ret = ndr_read_int32(n, &da->attr); | |
264 | if (ret) | |
265 | return ret; | |
266 | ||
e2f34481 | 267 | if (da->version == 4) { |
303fff2b NJ |
268 | ret = ndr_read_int64(n, &da->itime); |
269 | if (ret) | |
270 | return ret; | |
271 | ||
272 | ret = ndr_read_int64(n, &da->create_time); | |
e2f34481 | 273 | } else { |
303fff2b NJ |
274 | ret = ndr_read_int32(n, NULL); |
275 | if (ret) | |
276 | return ret; | |
277 | ||
36bbeb33 | 278 | ret = ndr_read_int64(n, NULL); |
303fff2b NJ |
279 | if (ret) |
280 | return ret; | |
281 | ||
36bbeb33 | 282 | ret = ndr_read_int64(n, NULL); |
303fff2b NJ |
283 | if (ret) |
284 | return ret; | |
285 | ||
286 | ret = ndr_read_int64(n, &da->create_time); | |
287 | if (ret) | |
288 | return ret; | |
289 | ||
290 | ret = ndr_read_int64(n, NULL); | |
e2f34481 NJ |
291 | } |
292 | ||
303fff2b | 293 | return ret; |
e2f34481 NJ |
294 | } |
295 | ||
296 | static int ndr_encode_posix_acl_entry(struct ndr *n, struct xattr_smb_acl *acl) | |
297 | { | |
303fff2b NJ |
298 | int i, ret; |
299 | ||
300 | ret = ndr_write_int32(n, acl->count); | |
301 | if (ret) | |
302 | return ret; | |
e2f34481 | 303 | |
c2220322 | 304 | n->offset = ALIGN(n->offset, 8); |
303fff2b NJ |
305 | ret = ndr_write_int32(n, acl->count); |
306 | if (ret) | |
307 | return ret; | |
308 | ||
309 | ret = ndr_write_int32(n, 0); | |
310 | if (ret) | |
311 | return ret; | |
e2f34481 NJ |
312 | |
313 | for (i = 0; i < acl->count; i++) { | |
c2220322 | 314 | n->offset = ALIGN(n->offset, 8); |
303fff2b NJ |
315 | ret = ndr_write_int16(n, acl->entries[i].type); |
316 | if (ret) | |
317 | return ret; | |
318 | ||
319 | ret = ndr_write_int16(n, acl->entries[i].type); | |
320 | if (ret) | |
321 | return ret; | |
e2f34481 NJ |
322 | |
323 | if (acl->entries[i].type == SMB_ACL_USER) { | |
c2220322 | 324 | n->offset = ALIGN(n->offset, 8); |
303fff2b | 325 | ret = ndr_write_int64(n, acl->entries[i].uid); |
e2f34481 | 326 | } else if (acl->entries[i].type == SMB_ACL_GROUP) { |
c2220322 | 327 | n->offset = ALIGN(n->offset, 8); |
303fff2b | 328 | ret = ndr_write_int64(n, acl->entries[i].gid); |
e2f34481 | 329 | } |
303fff2b NJ |
330 | if (ret) |
331 | return ret; | |
e2f34481 NJ |
332 | |
333 | /* push permission */ | |
303fff2b | 334 | ret = ndr_write_int32(n, acl->entries[i].perm); |
e2f34481 NJ |
335 | } |
336 | ||
303fff2b | 337 | return ret; |
e2f34481 NJ |
338 | } |
339 | ||
af34983e | 340 | int ndr_encode_posix_acl(struct ndr *n, |
e67fe633 | 341 | struct mnt_idmap *idmap, |
af34983e | 342 | struct inode *inode, |
070fb21e NJ |
343 | struct xattr_smb_acl *acl, |
344 | struct xattr_smb_acl *def_acl) | |
e2f34481 | 345 | { |
303fff2b NJ |
346 | unsigned int ref_id = 0x00020000; |
347 | int ret; | |
276a3f7c CB |
348 | vfsuid_t vfsuid; |
349 | vfsgid_t vfsgid; | |
e2f34481 NJ |
350 | |
351 | n->offset = 0; | |
352 | n->length = 1024; | |
353 | n->data = kzalloc(n->length, GFP_KERNEL); | |
354 | if (!n->data) | |
355 | return -ENOMEM; | |
356 | ||
357 | if (acl) { | |
358 | /* ACL ACCESS */ | |
303fff2b | 359 | ret = ndr_write_int32(n, ref_id); |
e2f34481 | 360 | ref_id += 4; |
64b39f4a | 361 | } else { |
303fff2b | 362 | ret = ndr_write_int32(n, 0); |
64b39f4a | 363 | } |
303fff2b NJ |
364 | if (ret) |
365 | return ret; | |
e2f34481 NJ |
366 | |
367 | if (def_acl) { | |
368 | /* DEFAULT ACL ACCESS */ | |
303fff2b | 369 | ret = ndr_write_int32(n, ref_id); |
e2f34481 | 370 | ref_id += 4; |
64b39f4a | 371 | } else { |
303fff2b | 372 | ret = ndr_write_int32(n, 0); |
64b39f4a | 373 | } |
303fff2b NJ |
374 | if (ret) |
375 | return ret; | |
376 | ||
e67fe633 | 377 | vfsuid = i_uid_into_vfsuid(idmap, inode); |
276a3f7c | 378 | ret = ndr_write_int64(n, from_kuid(&init_user_ns, vfsuid_into_kuid(vfsuid))); |
303fff2b NJ |
379 | if (ret) |
380 | return ret; | |
e67fe633 | 381 | vfsgid = i_gid_into_vfsgid(idmap, inode); |
276a3f7c | 382 | ret = ndr_write_int64(n, from_kgid(&init_user_ns, vfsgid_into_kgid(vfsgid))); |
303fff2b NJ |
383 | if (ret) |
384 | return ret; | |
385 | ret = ndr_write_int32(n, inode->i_mode); | |
386 | if (ret) | |
387 | return ret; | |
e2f34481 NJ |
388 | |
389 | if (acl) { | |
303fff2b NJ |
390 | ret = ndr_encode_posix_acl_entry(n, acl); |
391 | if (def_acl && !ret) | |
392 | ret = ndr_encode_posix_acl_entry(n, def_acl); | |
e2f34481 | 393 | } |
303fff2b | 394 | return ret; |
e2f34481 NJ |
395 | } |
396 | ||
397 | int ndr_encode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl) | |
398 | { | |
303fff2b NJ |
399 | unsigned int ref_id = 0x00020004; |
400 | int ret; | |
e2f34481 NJ |
401 | |
402 | n->offset = 0; | |
403 | n->length = 2048; | |
404 | n->data = kzalloc(n->length, GFP_KERNEL); | |
405 | if (!n->data) | |
406 | return -ENOMEM; | |
407 | ||
303fff2b NJ |
408 | ret = ndr_write_int16(n, acl->version); |
409 | if (ret) | |
410 | return ret; | |
411 | ||
412 | ret = ndr_write_int32(n, acl->version); | |
413 | if (ret) | |
414 | return ret; | |
415 | ||
416 | ret = ndr_write_int16(n, 2); | |
417 | if (ret) | |
418 | return ret; | |
419 | ||
420 | ret = ndr_write_int32(n, ref_id); | |
421 | if (ret) | |
422 | return ret; | |
e2f34481 NJ |
423 | |
424 | /* push hash type and hash 64bytes */ | |
303fff2b NJ |
425 | ret = ndr_write_int16(n, acl->hash_type); |
426 | if (ret) | |
427 | return ret; | |
e2f34481 | 428 | |
303fff2b NJ |
429 | ret = ndr_write_bytes(n, acl->hash, XATTR_SD_HASH_SIZE); |
430 | if (ret) | |
431 | return ret; | |
e2f34481 | 432 | |
303fff2b NJ |
433 | ret = ndr_write_bytes(n, acl->desc, acl->desc_len); |
434 | if (ret) | |
435 | return ret; | |
436 | ||
437 | ret = ndr_write_int64(n, acl->current_time); | |
438 | if (ret) | |
439 | return ret; | |
440 | ||
441 | ret = ndr_write_bytes(n, acl->posix_acl_hash, XATTR_SD_HASH_SIZE); | |
442 | if (ret) | |
443 | return ret; | |
444 | ||
445 | /* push ndr for security descriptor */ | |
446 | ret = ndr_write_bytes(n, acl->sd_buf, acl->sd_size); | |
447 | return ret; | |
e2f34481 NJ |
448 | } |
449 | ||
450 | int ndr_decode_v4_ntacl(struct ndr *n, struct xattr_ntacl *acl) | |
451 | { | |
303fff2b NJ |
452 | unsigned int version2; |
453 | int ret; | |
e2f34481 NJ |
454 | |
455 | n->offset = 0; | |
303fff2b NJ |
456 | ret = ndr_read_int16(n, &acl->version); |
457 | if (ret) | |
458 | return ret; | |
e2f34481 | 459 | if (acl->version != 4) { |
a34dc4a9 | 460 | ksmbd_debug(VFS, "v%d version is not supported\n", acl->version); |
e2f34481 NJ |
461 | return -EINVAL; |
462 | } | |
463 | ||
303fff2b NJ |
464 | ret = ndr_read_int32(n, &version2); |
465 | if (ret) | |
466 | return ret; | |
e2f34481 | 467 | if (acl->version != version2) { |
a34dc4a9 | 468 | ksmbd_debug(VFS, "ndr version mismatched(version: %d, version2: %d)\n", |
bde1694a | 469 | acl->version, version2); |
e2f34481 NJ |
470 | return -EINVAL; |
471 | } | |
472 | ||
473 | /* Read Level */ | |
303fff2b NJ |
474 | ret = ndr_read_int16(n, NULL); |
475 | if (ret) | |
476 | return ret; | |
477 | ||
e2f34481 | 478 | /* Read Ref Id */ |
303fff2b NJ |
479 | ret = ndr_read_int32(n, NULL); |
480 | if (ret) | |
481 | return ret; | |
482 | ||
483 | ret = ndr_read_int16(n, &acl->hash_type); | |
484 | if (ret) | |
485 | return ret; | |
486 | ||
487 | ret = ndr_read_bytes(n, acl->hash, XATTR_SD_HASH_SIZE); | |
488 | if (ret) | |
489 | return ret; | |
e2f34481 NJ |
490 | |
491 | ndr_read_bytes(n, acl->desc, 10); | |
492 | if (strncmp(acl->desc, "posix_acl", 9)) { | |
bde1694a | 493 | pr_err("Invalid acl description : %s\n", acl->desc); |
e2f34481 NJ |
494 | return -EINVAL; |
495 | } | |
496 | ||
497 | /* Read Time */ | |
303fff2b NJ |
498 | ret = ndr_read_int64(n, NULL); |
499 | if (ret) | |
500 | return ret; | |
501 | ||
e2f34481 | 502 | /* Read Posix ACL hash */ |
303fff2b NJ |
503 | ret = ndr_read_bytes(n, acl->posix_acl_hash, XATTR_SD_HASH_SIZE); |
504 | if (ret) | |
505 | return ret; | |
506 | ||
e2f34481 NJ |
507 | acl->sd_size = n->length - n->offset; |
508 | acl->sd_buf = kzalloc(acl->sd_size, GFP_KERNEL); | |
509 | if (!acl->sd_buf) | |
510 | return -ENOMEM; | |
511 | ||
303fff2b NJ |
512 | ret = ndr_read_bytes(n, acl->sd_buf, acl->sd_size); |
513 | return ret; | |
e2f34481 | 514 | } |