[linux-block.git] / net / sunrpc / svcauth.c

// SPDX-License-Identifier: GPL-2.0-only
/*
 * linux/net/sunrpc/svcauth.c
 *
 * The generic interface for RPC authentication on the server side.
 *
 * Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
 *
 * CHANGES
 * 19-Apr-2000 Chris Evans      - Security fix
 */

#include <linux/types.h>
#include <linux/module.h>
#include <linux/sunrpc/types.h>
#include <linux/sunrpc/xdr.h>
#include <linux/sunrpc/svcsock.h>
#include <linux/sunrpc/svcauth.h>
#include <linux/err.h>
#include <linux/hash.h>

#include <trace/events/sunrpc.h>

#include "sunrpc.h"

#define RPCDBG_FACILITY	RPCDBG_AUTH


/*
 * Table of authenticators
 */
extern struct auth_ops svcauth_null;
extern struct auth_ops svcauth_unix;

static struct auth_ops __rcu *authtab[RPC_AUTH_MAXFLAVOR] = {
	[RPC_AUTH_NULL] = (struct auth_ops __force __rcu *)&svcauth_null,
	[RPC_AUTH_UNIX] = (struct auth_ops __force __rcu *)&svcauth_unix,
};

static struct auth_ops *
svc_get_auth_ops(rpc_authflavor_t flavor)
{
	struct auth_ops		*aops;

	if (flavor >= RPC_AUTH_MAXFLAVOR)
		return NULL;
	rcu_read_lock();
	aops = rcu_dereference(authtab[flavor]);
	if (aops != NULL && !try_module_get(aops->owner))
		aops = NULL;
	rcu_read_unlock();
	return aops;
}

static void
svc_put_auth_ops(struct auth_ops *aops)
{
	module_put(aops->owner);
}

int
svc_authenticate(struct svc_rqst *rqstp, __be32 *authp)
{
	rpc_authflavor_t	flavor;
	struct auth_ops		*aops;

	*authp = rpc_auth_ok;

	flavor = svc_getnl(&rqstp->rq_arg.head[0]);

	dprintk("svc: svc_authenticate (%d)\n", flavor);

	aops = svc_get_auth_ops(flavor);
	if (aops == NULL) {
		*authp = rpc_autherr_badcred;
		return SVC_DENIED;
	}

	rqstp->rq_auth_slack = 0;
	init_svc_cred(&rqstp->rq_cred);

	rqstp->rq_authop = aops;
	return aops->accept(rqstp, authp);
}
EXPORT_SYMBOL_GPL(svc_authenticate);

int svc_set_client(struct svc_rqst *rqstp)
{
	rqstp->rq_client = NULL;
	return rqstp->rq_authop->set_client(rqstp);
}
EXPORT_SYMBOL_GPL(svc_set_client);

/* A request, which was authenticated, has now executed.
 * Time to finalise the credentials and verifier
 * and release and resources
 */
int svc_authorise(struct svc_rqst *rqstp)
{
	struct auth_ops *aops = rqstp->rq_authop;
	int rv = 0;

	rqstp->rq_authop = NULL;

	if (aops) {
		rv = aops->release(rqstp);
		svc_put_auth_ops(aops);
	}
	return rv;
}

int
svc_auth_register(rpc_authflavor_t flavor, struct auth_ops *aops)
{
	struct auth_ops *old;
	int rv = -EINVAL;

	if (flavor < RPC_AUTH_MAXFLAVOR) {
		old = cmpxchg((struct auth_ops ** __force)&authtab[flavor], NULL, aops);
		if (old == NULL || old == aops)
			rv = 0;
	}
	return rv;
}
EXPORT_SYMBOL_GPL(svc_auth_register);

void
svc_auth_unregister(rpc_authflavor_t flavor)
{
	if (flavor < RPC_AUTH_MAXFLAVOR)
		rcu_assign_pointer(authtab[flavor], NULL);
}
EXPORT_SYMBOL_GPL(svc_auth_unregister);

/**************************************************
 * 'auth_domains' are stored in a hash table indexed by name.
 * When the last reference to an 'auth_domain' is dropped,
 * the object is unhashed and freed.
 * If auth_domain_lookup fails to find an entry, it will return
 * it's second argument 'new'.  If this is non-null, it will
 * have been atomically linked into the table.
 */

#define	DN_HASHBITS	6
#define	DN_HASHMAX	(1<<DN_HASHBITS)

static struct hlist_head	auth_domain_table[DN_HASHMAX];
static DEFINE_SPINLOCK(auth_domain_lock);

static void auth_domain_release(struct kref *kref)
	__releases(&auth_domain_lock)
{
	struct auth_domain *dom = container_of(kref, struct auth_domain, ref);

	hlist_del_rcu(&dom->hash);
	dom->flavour->domain_release(dom);
	spin_unlock(&auth_domain_lock);
}

void auth_domain_put(struct auth_domain *dom)
{
	kref_put_lock(&dom->ref, auth_domain_release, &auth_domain_lock);
}
EXPORT_SYMBOL_GPL(auth_domain_put);

struct auth_domain *
auth_domain_lookup(char *name, struct auth_domain *new)
{
	struct auth_domain *hp;
	struct hlist_head *head;

	head = &auth_domain_table[hash_str(name, DN_HASHBITS)];

	spin_lock(&auth_domain_lock);

	hlist_for_each_entry(hp, head, hash) {
		if (strcmp(hp->name, name)==0) {
			kref_get(&hp->ref);
			spin_unlock(&auth_domain_lock);
			return hp;
		}
	}
	if (new)
		hlist_add_head_rcu(&new->hash, head);
	spin_unlock(&auth_domain_lock);
	return new;
}
EXPORT_SYMBOL_GPL(auth_domain_lookup);

struct auth_domain *auth_domain_find(char *name)
{
	struct auth_domain *hp;
	struct hlist_head *head;

	head = &auth_domain_table[hash_str(name, DN_HASHBITS)];

	rcu_read_lock();
	hlist_for_each_entry_rcu(hp, head, hash) {
		if (strcmp(hp->name, name)==0) {
			if (!kref_get_unless_zero(&hp->ref))
				hp = NULL;
			rcu_read_unlock();
			return hp;
		}
	}
	rcu_read_unlock();
	return NULL;
}
EXPORT_SYMBOL_GPL(auth_domain_find);

/**
 * auth_domain_cleanup - check that the auth_domain table is empty
 *
 * On module unload the auth_domain_table must be empty.  To make it
 * easier to catch bugs which don't clean up domains properly, we
 * warn if anything remains in the table at cleanup time.
 *
 * Note that we cannot proactively remove the domains at this stage.
 * The ->release() function might be in a module that has already been
 * unloaded.
 */

void auth_domain_cleanup(void)
{
	int h;
	struct auth_domain *hp;

	for (h = 0; h < DN_HASHMAX; h++)
		hlist_for_each_entry(hp, &auth_domain_table[h], hash)
			pr_warn("svc: domain %s still present at module unload.\n",
				hp->name);
}
Commit	Line	Data
457c8996	1	// SPDX-License-Identifier: GPL-2.0-only
1da177e4 LT	2	/*
	3	* linux/net/sunrpc/svcauth.c
	4	*
	5	* The generic interface for RPC authentication on the server side.
cca5172a	6	*
1da177e4 LT	7	* Copyright (C) 1995, 1996 Olaf Kirch <okir@monad.swb.de>
	8	*
	9	* CHANGES
	10	* 19-Apr-2000 Chris Evans - Security fix
	11	*/
	12
	13	#include <linux/types.h>
1da177e4 LT	14	#include <linux/module.h>
	15	#include <linux/sunrpc/types.h>
	16	#include <linux/sunrpc/xdr.h>
	17	#include <linux/sunrpc/svcsock.h>
	18	#include <linux/sunrpc/svcauth.h>
	19	#include <linux/err.h>
	20	#include <linux/hash.h>
	21
ff27e9f7 CL	22	#include <trace/events/sunrpc.h>
ff27e9f7 CL	23
f45db2b9 N	24	#include "sunrpc.h"
f45db2b9 N	25
1da177e4 LT	26	#define RPCDBG_FACILITY RPCDBG_AUTH
	27
	28
	29	/*
	30	* Table of authenticators
	31	*/
	32	extern struct auth_ops svcauth_null;
	33	extern struct auth_ops svcauth_unix;
	34
30382d6c TM	35	static struct auth_ops __rcu *authtab[RPC_AUTH_MAXFLAVOR] = {
	36	[RPC_AUTH_NULL] = (struct auth_ops __force __rcu *)&svcauth_null,
	37	[RPC_AUTH_UNIX] = (struct auth_ops __force __rcu *)&svcauth_unix,
1da177e4 LT	38	};
1da177e4 LT	39
30382d6c TM	40	static struct auth_ops *
	41	svc_get_auth_ops(rpc_authflavor_t flavor)
	42	{
	43	struct auth_ops *aops;
	44
	45	if (flavor >= RPC_AUTH_MAXFLAVOR)
	46	return NULL;
	47	rcu_read_lock();
	48	aops = rcu_dereference(authtab[flavor]);
	49	if (aops != NULL && !try_module_get(aops->owner))
	50	aops = NULL;
	51	rcu_read_unlock();
	52	return aops;
	53	}
	54
	55	static void
	56	svc_put_auth_ops(struct auth_ops *aops)
	57	{
	58	module_put(aops->owner);
	59	}
	60
1da177e4	61	int
d8ed029d	62	svc_authenticate(struct svc_rqst rqstp, __be32 authp)
1da177e4 LT	63	{
	64	rpc_authflavor_t flavor;
	65	struct auth_ops *aops;
	66
	67	*authp = rpc_auth_ok;
	68
76994313	69	flavor = svc_getnl(&rqstp->rq_arg.head[0]);
1da177e4 LT	70
	71	dprintk("svc: svc_authenticate (%d)\n", flavor);
	72
30382d6c TM	73	aops = svc_get_auth_ops(flavor);
30382d6c TM	74	if (aops == NULL) {
1da177e4 LT	75	*authp = rpc_autherr_badcred;
	76	return SVC_DENIED;
	77	}
1da177e4	78
a5cddc88	79	rqstp->rq_auth_slack = 0;
6496500c	80	init_svc_cred(&rqstp->rq_cred);
a5cddc88	81
1da177e4 LT	82	rqstp->rq_authop = aops;
	83	return aops->accept(rqstp, authp);
	84	}
24c3767e	85	EXPORT_SYMBOL_GPL(svc_authenticate);
1da177e4 LT	86
	87	int svc_set_client(struct svc_rqst *rqstp)
	88	{
6496500c	89	rqstp->rq_client = NULL;
1da177e4 LT	90	return rqstp->rq_authop->set_client(rqstp);
1da177e4 LT	91	}
24c3767e	92	EXPORT_SYMBOL_GPL(svc_set_client);
1da177e4 LT	93
1da177e4 LT	94	/* A request, which was authenticated, has now executed.
59c51591	95	* Time to finalise the credentials and verifier
1da177e4 LT	96	* and release and resources
	97	*/
	98	int svc_authorise(struct svc_rqst *rqstp)
	99	{
	100	struct auth_ops *aops = rqstp->rq_authop;
	101	int rv = 0;
	102
	103	rqstp->rq_authop = NULL;
cca5172a	104
1da177e4 LT	105	if (aops) {
1da177e4 LT	106	rv = aops->release(rqstp);
30382d6c	107	svc_put_auth_ops(aops);
1da177e4 LT	108	}
	109	return rv;
	110	}
	111
	112	int
	113	svc_auth_register(rpc_authflavor_t flavor, struct auth_ops *aops)
	114	{
30382d6c	115	struct auth_ops *old;
1da177e4	116	int rv = -EINVAL;
30382d6c TM	117
	118	if (flavor < RPC_AUTH_MAXFLAVOR) {
	119	old = cmpxchg((struct auth_ops ** __force)&authtab[flavor], NULL, aops);
	120	if (old == NULL \|\| old == aops)
	121	rv = 0;
1da177e4	122	}
1da177e4 LT	123	return rv;
1da177e4 LT	124	}
24c3767e	125	EXPORT_SYMBOL_GPL(svc_auth_register);
1da177e4 LT	126
	127	void
	128	svc_auth_unregister(rpc_authflavor_t flavor)
	129	{
1da177e4	130	if (flavor < RPC_AUTH_MAXFLAVOR)
30382d6c	131	rcu_assign_pointer(authtab[flavor], NULL);
1da177e4	132	}
24c3767e	133	EXPORT_SYMBOL_GPL(svc_auth_unregister);
1da177e4 LT	134
1da177e4 LT	135	/**************************************************
efc36aa5 N	136	* 'auth_domains' are stored in a hash table indexed by name.
	137	* When the last reference to an 'auth_domain' is dropped,
	138	* the object is unhashed and freed.
	139	* If auth_domain_lookup fails to find an entry, it will return
	140	* it's second argument 'new'. If this is non-null, it will
	141	* have been atomically linked into the table.
1da177e4 LT	142	*/
1da177e4 LT	143
1da177e4 LT	144	#define DN_HASHBITS 6
1da177e4 LT	145	#define DN_HASHMAX (1<<DN_HASHBITS)
1da177e4	146
efc36aa5	147	static struct hlist_head auth_domain_table[DN_HASHMAX];
3eb15f28	148	static DEFINE_SPINLOCK(auth_domain_lock);
1da177e4	149
0a13cd1a	150	static void auth_domain_release(struct kref *kref)
608a0ab2	151	__releases(&auth_domain_lock)
0a13cd1a PZ	152	{
	153	struct auth_domain *dom = container_of(kref, struct auth_domain, ref);
	154
608a0ab2	155	hlist_del_rcu(&dom->hash);
0a13cd1a PZ	156	dom->flavour->domain_release(dom);
	157	spin_unlock(&auth_domain_lock);
	158	}
	159
1da177e4 LT	160	void auth_domain_put(struct auth_domain *dom)
1da177e4 LT	161	{
0a13cd1a	162	kref_put_lock(&dom->ref, auth_domain_release, &auth_domain_lock);
1da177e4	163	}
24c3767e	164	EXPORT_SYMBOL_GPL(auth_domain_put);
1da177e4 LT	165
1da177e4 LT	166	struct auth_domain *
efc36aa5	167	auth_domain_lookup(char name, struct auth_domain new)
1da177e4	168	{
efc36aa5 N	169	struct auth_domain *hp;
efc36aa5 N	170	struct hlist_head *head;
efc36aa5 N	171
	172	head = &auth_domain_table[hash_str(name, DN_HASHBITS)];
	173
	174	spin_lock(&auth_domain_lock);
	175
b67bfe0d	176	hlist_for_each_entry(hp, head, hash) {
efc36aa5 N	177	if (strcmp(hp->name, name)==0) {
	178	kref_get(&hp->ref);
	179	spin_unlock(&auth_domain_lock);
	180	return hp;
1da177e4	181	}
1da177e4	182	}
d6740df9	183	if (new)
608a0ab2	184	hlist_add_head_rcu(&new->hash, head);
efc36aa5 N	185	spin_unlock(&auth_domain_lock);
efc36aa5 N	186	return new;
1da177e4	187	}
24c3767e	188	EXPORT_SYMBOL_GPL(auth_domain_lookup);
1da177e4 LT	189
	190	struct auth_domain auth_domain_find(char name)
	191	{
608a0ab2 TM	192	struct auth_domain *hp;
	193	struct hlist_head *head;
	194
	195	head = &auth_domain_table[hash_str(name, DN_HASHBITS)];
	196
	197	rcu_read_lock();
	198	hlist_for_each_entry_rcu(hp, head, hash) {
	199	if (strcmp(hp->name, name)==0) {
	200	if (!kref_get_unless_zero(&hp->ref))
	201	hp = NULL;
	202	rcu_read_unlock();
	203	return hp;
	204	}
	205	}
	206	rcu_read_unlock();
	207	return NULL;
1da177e4	208	}
24c3767e	209	EXPORT_SYMBOL_GPL(auth_domain_find);
f45db2b9 N	210
	211	/**
	212	* auth_domain_cleanup - check that the auth_domain table is empty
	213	*
	214	* On module unload the auth_domain_table must be empty. To make it
	215	* easier to catch bugs which don't clean up domains properly, we
	216	* warn if anything remains in the table at cleanup time.
	217	*
	218	* Note that we cannot proactively remove the domains at this stage.
	219	* The ->release() function might be in a module that has already been
	220	* unloaded.
	221	*/
	222
	223	void auth_domain_cleanup(void)
	224	{
	225	int h;
	226	struct auth_domain *hp;
	227
	228	for (h = 0; h < DN_HASHMAX; h++)
	229	hlist_for_each_entry(hp, &auth_domain_table[h], hash)
	230	pr_warn("svc: domain %s still present at module unload.\n",
	231	hp->name);
	232	}