mirror of
https://github.com/torvalds/linux.git
synced 2024-12-30 14:52:05 +00:00
rxrpc development
-----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEqG5UsNXhtOCrfGQP+7dXa6fLC2sFAl+8E4YACgkQ+7dXa6fL C2tehQ/8C1O+p1UBmQ4k/eXkYqsIvRQJGXGheSClxvym8tQiut/sZEKsCqucFmO8 Y2gKEYJB3xYIqbZjjJUFYbL70Q5qG/cXgKn3rCpMjhn/0UAoUSwaGyoURcLwaz2B asipDSvbvZk7OwX4ScUTi/b/7AHtO6l16Y6yRzUqneOsSkXYk1+HhK2/4rPDKEJf cxocGIjjWs4d1erG2Aqgn3BZ2GsDNb88NJYi5qgc0ywFgRacX7oL0WFeu6pD1Ja+ 8vZLjFYB/bDeLBlvzpnWal99lUiSee8BbUoQn1iGJ3EekUVWkkNNfjhpYRjzIIR5 GsJfbDHP16PHhLZgxBvNBwkWoqqBw3X/Zn0dkBDZgjlZQvLbeds6QRd6Ag/M2CJI D1QtmBDBtr4UZfRFm+5hfpTqf2jeOc4o68WROH3FEdsnKvICkttKucE9LaykokFD gQLNmkn2tb1D1yS2Y4iPucV3kYUU1Y6yw++Ck0cE2isBauN0gHtr9UAXZEc57ILc hXCFrJTbGkph3TimQDd1QbXZ28eExRBnn+H5RyYHeEidv03d2UO5uFZaJ5b5UGX0 sE+3aeWLTH3fFTBvMnYPyFjzalSky8V5zOlUltwVCx7PpiDe6P7rKpO+ZXEi4OXP mHz7HM6h1iEnnrqEGNz7L39pTqKVbfBxDMvFra07dyKkvVthF1w= =TvbK -----END PGP SIGNATURE----- Merge tag 'rxrpc-next-20201123' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs David Howells says: ==================== rxrpc: Prelude to gssapi support Here are some patches that do some reorganisation of the security class handling in rxrpc to allow implementation of the RxGK security class that will allow AF_RXRPC to use GSSAPI-negotiated tokens and better crypto. The RxGK security class is not included in this patchset. It does the following things: (1) Add a keyrings patch to provide the original key description, as provided to add_key(), to the payload preparser so that it can interpret the content on that basis. Unfortunately, the rxrpc_s key type wasn't written to interpret its payload as anything other than a string of bytes comprising a key, but for RxGK, more information is required as multiple Kerberos enctypes are supported. (2) Remove the rxk5 security class key parsing. The rxk5 class never got rolled out in OpenAFS and got replaced with rxgk. (3) Support the creation of rxrpc keys with multiple tokens of different types. If some types are not supported, the ENOPKG error is suppressed if at least one other token's type is supported. (4) Punt the handling of server keys (rxrpc_s type) to the appropriate security class. (5) Organise the security bits in the rxrpc_connection struct into a union to make it easier to override for other classes. (6) Move some bits from core code into rxkad that won't be appropriate to rxgk. * tag 'rxrpc-next-20201123' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs: rxrpc: Ask the security class how much space to allow in a packet rxrpc: rxkad: Don't use pskb_pull() to advance through the response packet rxrpc: Organise connection security to use a union rxrpc: Don't reserve security header in Tx DATA skbuff rxrpc: Merge prime_packet_security into init_connection_security rxrpc: Fix example key name in a comment rxrpc: Ignore unknown tokens in key payload unless no known tokens rxrpc: Make the parsing of xdr payloads more coherent rxrpc: Allow security classes to give more info on server keys rxrpc: Don't leak the service-side session key to userspace rxrpc: Hand server key parsing off to the security class rxrpc: Split the server key type (rxrpc_s) into its own file rxrpc: Don't retain the server key in the connection rxrpc: Support keys with multiple authentication tokens rxrpc: List the held token types in the key description in /proc/keys rxrpc: Remove the rxk5 security class as it's now defunct keys: Provide the original description to the key preparser ==================== Link: https://lore.kernel.org/r/160616220405.830164.2239716599743995145.stgit@warthog.procyon.org.uk Signed-off-by: Jakub Kicinski <kuba@kernel.org>
This commit is contained in:
commit
23c01ed3b0
@ -31,63 +31,15 @@ struct rxkad_key {
|
||||
u8 ticket[]; /* the encrypted ticket */
|
||||
};
|
||||
|
||||
/*
|
||||
* Kerberos 5 principal
|
||||
* name/name/name@realm
|
||||
*/
|
||||
struct krb5_principal {
|
||||
u8 n_name_parts; /* N of parts of the name part of the principal */
|
||||
char **name_parts; /* parts of the name part of the principal */
|
||||
char *realm; /* parts of the realm part of the principal */
|
||||
};
|
||||
|
||||
/*
|
||||
* Kerberos 5 tagged data
|
||||
*/
|
||||
struct krb5_tagged_data {
|
||||
/* for tag value, see /usr/include/krb5/krb5.h
|
||||
* - KRB5_AUTHDATA_* for auth data
|
||||
* -
|
||||
*/
|
||||
s32 tag;
|
||||
u32 data_len;
|
||||
u8 *data;
|
||||
};
|
||||
|
||||
/*
|
||||
* RxRPC key for Kerberos V (type-5 security)
|
||||
*/
|
||||
struct rxk5_key {
|
||||
u64 authtime; /* time at which auth token generated */
|
||||
u64 starttime; /* time at which auth token starts */
|
||||
u64 endtime; /* time at which auth token expired */
|
||||
u64 renew_till; /* time to which auth token can be renewed */
|
||||
s32 is_skey; /* T if ticket is encrypted in another ticket's
|
||||
* skey */
|
||||
s32 flags; /* mask of TKT_FLG_* bits (krb5/krb5.h) */
|
||||
struct krb5_principal client; /* client principal name */
|
||||
struct krb5_principal server; /* server principal name */
|
||||
u16 ticket_len; /* length of ticket */
|
||||
u16 ticket2_len; /* length of second ticket */
|
||||
u8 n_authdata; /* number of authorisation data elements */
|
||||
u8 n_addresses; /* number of addresses */
|
||||
struct krb5_tagged_data session; /* session data; tag is enctype */
|
||||
struct krb5_tagged_data *addresses; /* addresses */
|
||||
u8 *ticket; /* krb5 ticket */
|
||||
u8 *ticket2; /* second krb5 ticket, if related to ticket (via
|
||||
* DUPLICATE-SKEY or ENC-TKT-IN-SKEY) */
|
||||
struct krb5_tagged_data *authdata; /* authorisation data */
|
||||
};
|
||||
|
||||
/*
|
||||
* list of tokens attached to an rxrpc key
|
||||
*/
|
||||
struct rxrpc_key_token {
|
||||
u16 security_index; /* RxRPC header security index */
|
||||
bool no_leak_key; /* Don't copy the key to userspace */
|
||||
struct rxrpc_key_token *next; /* the next token in the list */
|
||||
union {
|
||||
struct rxkad_key *kad;
|
||||
struct rxk5_key *k5;
|
||||
};
|
||||
};
|
||||
|
||||
@ -116,12 +68,6 @@ struct rxrpc_key_data_v1 {
|
||||
#define AFSTOKEN_RK_TIX_MAX 12000 /* max RxKAD ticket size */
|
||||
#define AFSTOKEN_GK_KEY_MAX 64 /* max GSSAPI key size */
|
||||
#define AFSTOKEN_GK_TOKEN_MAX 16384 /* max GSSAPI token size */
|
||||
#define AFSTOKEN_K5_COMPONENTS_MAX 16 /* max K5 components */
|
||||
#define AFSTOKEN_K5_NAME_MAX 128 /* max K5 name length */
|
||||
#define AFSTOKEN_K5_REALM_MAX 64 /* max K5 realm name length */
|
||||
#define AFSTOKEN_K5_TIX_MAX 16384 /* max K5 ticket size */
|
||||
#define AFSTOKEN_K5_ADDRESSES_MAX 16 /* max K5 addresses */
|
||||
#define AFSTOKEN_K5_AUTHDATA_MAX 16 /* max K5 pieces of auth data */
|
||||
|
||||
/*
|
||||
* Truncate a time64_t to the range from 1970 to 2106 as in the network
|
||||
|
@ -29,6 +29,7 @@ struct kernel_pkey_params;
|
||||
* clear the contents.
|
||||
*/
|
||||
struct key_preparsed_payload {
|
||||
const char *orig_description; /* Actual or proposed description (maybe NULL) */
|
||||
char *description; /* Proposed key description (or NULL) */
|
||||
union key_payload payload; /* Proposed payload */
|
||||
const void *data; /* Raw data */
|
||||
|
@ -28,6 +28,7 @@ rxrpc-y := \
|
||||
rtt.o \
|
||||
security.o \
|
||||
sendmsg.o \
|
||||
server_key.o \
|
||||
skbuff.o \
|
||||
utils.o
|
||||
|
||||
|
@ -12,6 +12,7 @@
|
||||
#include <net/netns/generic.h>
|
||||
#include <net/sock.h>
|
||||
#include <net/af_rxrpc.h>
|
||||
#include <keys/rxrpc-type.h>
|
||||
#include "protocol.h"
|
||||
|
||||
#if 0
|
||||
@ -34,6 +35,7 @@ struct rxrpc_crypt {
|
||||
#define rxrpc_queue_delayed_work(WS,D) \
|
||||
queue_delayed_work(rxrpc_workqueue, (WS), (D))
|
||||
|
||||
struct key_preparsed_payload;
|
||||
struct rxrpc_connection;
|
||||
|
||||
/*
|
||||
@ -216,17 +218,30 @@ struct rxrpc_security {
|
||||
/* Clean up a security service */
|
||||
void (*exit)(void);
|
||||
|
||||
/* initialise a connection's security */
|
||||
int (*init_connection_security)(struct rxrpc_connection *);
|
||||
/* Parse the information from a server key */
|
||||
int (*preparse_server_key)(struct key_preparsed_payload *);
|
||||
|
||||
/* prime a connection's packet security */
|
||||
int (*prime_packet_security)(struct rxrpc_connection *);
|
||||
/* Clean up the preparse buffer after parsing a server key */
|
||||
void (*free_preparse_server_key)(struct key_preparsed_payload *);
|
||||
|
||||
/* Destroy the payload of a server key */
|
||||
void (*destroy_server_key)(struct key *);
|
||||
|
||||
/* Describe a server key */
|
||||
void (*describe_server_key)(const struct key *, struct seq_file *);
|
||||
|
||||
/* initialise a connection's security */
|
||||
int (*init_connection_security)(struct rxrpc_connection *,
|
||||
struct rxrpc_key_token *);
|
||||
|
||||
/* Work out how much data we can store in a packet, given an estimate
|
||||
* of the amount of data remaining.
|
||||
*/
|
||||
int (*how_much_data)(struct rxrpc_call *, size_t,
|
||||
size_t *, size_t *, size_t *);
|
||||
|
||||
/* impose security on a packet */
|
||||
int (*secure_packet)(struct rxrpc_call *,
|
||||
struct sk_buff *,
|
||||
size_t,
|
||||
void *);
|
||||
int (*secure_packet)(struct rxrpc_call *, struct sk_buff *, size_t);
|
||||
|
||||
/* verify the security on a received packet */
|
||||
int (*verify_packet)(struct rxrpc_call *, struct sk_buff *,
|
||||
@ -438,10 +453,15 @@ struct rxrpc_connection {
|
||||
struct list_head proc_link; /* link in procfs list */
|
||||
struct list_head link; /* link in master connection list */
|
||||
struct sk_buff_head rx_queue; /* received conn-level packets */
|
||||
|
||||
const struct rxrpc_security *security; /* applied security module */
|
||||
struct key *server_key; /* security for this service */
|
||||
struct crypto_sync_skcipher *cipher; /* encryption handle */
|
||||
struct rxrpc_crypt csum_iv; /* packet checksum base */
|
||||
union {
|
||||
struct {
|
||||
struct crypto_sync_skcipher *cipher; /* encryption handle */
|
||||
struct rxrpc_crypt csum_iv; /* packet checksum base */
|
||||
u32 nonce; /* response re-use preventer */
|
||||
} rxkad;
|
||||
};
|
||||
unsigned long flags;
|
||||
unsigned long events;
|
||||
unsigned long idle_timestamp; /* Time at which last became idle */
|
||||
@ -451,10 +471,7 @@ struct rxrpc_connection {
|
||||
int debug_id; /* debug ID for printks */
|
||||
atomic_t serial; /* packet serial number counter */
|
||||
unsigned int hi_serial; /* highest serial number received */
|
||||
u32 security_nonce; /* response re-use preventer */
|
||||
u32 service_id; /* Service ID, possibly upgraded */
|
||||
u8 size_align; /* data size alignment (for security) */
|
||||
u8 security_size; /* security header size */
|
||||
u8 security_ix; /* security type */
|
||||
u8 out_clientflag; /* RXRPC_CLIENT_INITIATED if we are client */
|
||||
u8 bundle_shift; /* Index into bundle->avail_chans */
|
||||
@ -888,8 +905,7 @@ struct rxrpc_connection *rxrpc_find_service_conn_rcu(struct rxrpc_peer *,
|
||||
struct sk_buff *);
|
||||
struct rxrpc_connection *rxrpc_prealloc_service_connection(struct rxrpc_net *, gfp_t);
|
||||
void rxrpc_new_incoming_connection(struct rxrpc_sock *, struct rxrpc_connection *,
|
||||
const struct rxrpc_security *, struct key *,
|
||||
struct sk_buff *);
|
||||
const struct rxrpc_security *, struct sk_buff *);
|
||||
void rxrpc_unpublish_service_conn(struct rxrpc_connection *);
|
||||
|
||||
/*
|
||||
@ -906,10 +922,8 @@ extern const struct rxrpc_security rxrpc_no_security;
|
||||
* key.c
|
||||
*/
|
||||
extern struct key_type key_type_rxrpc;
|
||||
extern struct key_type key_type_rxrpc_s;
|
||||
|
||||
int rxrpc_request_key(struct rxrpc_sock *, sockptr_t , int);
|
||||
int rxrpc_server_keyring(struct rxrpc_sock *, sockptr_t, int);
|
||||
int rxrpc_get_server_data_key(struct rxrpc_connection *, const void *, time64_t,
|
||||
u32);
|
||||
|
||||
@ -1052,17 +1066,26 @@ extern const struct rxrpc_security rxkad;
|
||||
* security.c
|
||||
*/
|
||||
int __init rxrpc_init_security(void);
|
||||
const struct rxrpc_security *rxrpc_security_lookup(u8);
|
||||
void rxrpc_exit_security(void);
|
||||
int rxrpc_init_client_conn_security(struct rxrpc_connection *);
|
||||
bool rxrpc_look_up_server_security(struct rxrpc_local *, struct rxrpc_sock *,
|
||||
const struct rxrpc_security **, struct key **,
|
||||
struct sk_buff *);
|
||||
const struct rxrpc_security *rxrpc_get_incoming_security(struct rxrpc_sock *,
|
||||
struct sk_buff *);
|
||||
struct key *rxrpc_look_up_server_security(struct rxrpc_connection *,
|
||||
struct sk_buff *, u32, u32);
|
||||
|
||||
/*
|
||||
* sendmsg.c
|
||||
*/
|
||||
int rxrpc_do_sendmsg(struct rxrpc_sock *, struct msghdr *, size_t);
|
||||
|
||||
/*
|
||||
* server_key.c
|
||||
*/
|
||||
extern struct key_type key_type_rxrpc_s;
|
||||
|
||||
int rxrpc_server_keyring(struct rxrpc_sock *, sockptr_t, int);
|
||||
|
||||
/*
|
||||
* skbuff.c
|
||||
*/
|
||||
|
@ -261,7 +261,6 @@ static struct rxrpc_call *rxrpc_alloc_incoming_call(struct rxrpc_sock *rx,
|
||||
struct rxrpc_peer *peer,
|
||||
struct rxrpc_connection *conn,
|
||||
const struct rxrpc_security *sec,
|
||||
struct key *key,
|
||||
struct sk_buff *skb)
|
||||
{
|
||||
struct rxrpc_backlog *b = rx->backlog;
|
||||
@ -309,7 +308,7 @@ static struct rxrpc_call *rxrpc_alloc_incoming_call(struct rxrpc_sock *rx,
|
||||
conn->params.local = rxrpc_get_local(local);
|
||||
conn->params.peer = peer;
|
||||
rxrpc_see_connection(conn);
|
||||
rxrpc_new_incoming_connection(rx, conn, sec, key, skb);
|
||||
rxrpc_new_incoming_connection(rx, conn, sec, skb);
|
||||
} else {
|
||||
rxrpc_get_connection(conn);
|
||||
}
|
||||
@ -353,7 +352,6 @@ struct rxrpc_call *rxrpc_new_incoming_call(struct rxrpc_local *local,
|
||||
struct rxrpc_connection *conn;
|
||||
struct rxrpc_peer *peer = NULL;
|
||||
struct rxrpc_call *call = NULL;
|
||||
struct key *key = NULL;
|
||||
|
||||
_enter("");
|
||||
|
||||
@ -374,11 +372,13 @@ struct rxrpc_call *rxrpc_new_incoming_call(struct rxrpc_local *local,
|
||||
*/
|
||||
conn = rxrpc_find_connection_rcu(local, skb, &peer);
|
||||
|
||||
if (!conn && !rxrpc_look_up_server_security(local, rx, &sec, &key, skb))
|
||||
goto no_call;
|
||||
if (!conn) {
|
||||
sec = rxrpc_get_incoming_security(rx, skb);
|
||||
if (!sec)
|
||||
goto no_call;
|
||||
}
|
||||
|
||||
call = rxrpc_alloc_incoming_call(rx, local, peer, conn, sec, key, skb);
|
||||
key_put(key);
|
||||
call = rxrpc_alloc_incoming_call(rx, local, peer, conn, sec, skb);
|
||||
if (!call) {
|
||||
skb->mark = RXRPC_SKB_MARK_REJECT_BUSY;
|
||||
goto no_call;
|
||||
|
@ -180,10 +180,6 @@ rxrpc_alloc_client_connection(struct rxrpc_bundle *bundle, gfp_t gfp)
|
||||
if (ret < 0)
|
||||
goto error_1;
|
||||
|
||||
ret = conn->security->prime_packet_security(conn);
|
||||
if (ret < 0)
|
||||
goto error_2;
|
||||
|
||||
atomic_inc(&rxnet->nr_conns);
|
||||
write_lock(&rxnet->conn_lock);
|
||||
list_add_tail(&conn->proc_link, &rxnet->conn_proc_list);
|
||||
@ -203,8 +199,6 @@ rxrpc_alloc_client_connection(struct rxrpc_bundle *bundle, gfp_t gfp)
|
||||
_leave(" = %p", conn);
|
||||
return conn;
|
||||
|
||||
error_2:
|
||||
conn->security->clear(conn);
|
||||
error_1:
|
||||
rxrpc_put_client_connection_id(conn);
|
||||
error_0:
|
||||
|
@ -333,11 +333,8 @@ static int rxrpc_process_event(struct rxrpc_connection *conn,
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
|
||||
ret = conn->security->init_connection_security(conn);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
|
||||
ret = conn->security->prime_packet_security(conn);
|
||||
ret = conn->security->init_connection_security(
|
||||
conn, conn->params.key->payload.data[0]);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
|
||||
@ -377,7 +374,6 @@ static void rxrpc_secure_connection(struct rxrpc_connection *conn)
|
||||
_enter("{%d}", conn->debug_id);
|
||||
|
||||
ASSERT(conn->security_ix != 0);
|
||||
ASSERT(conn->server_key);
|
||||
|
||||
if (conn->security->issue_challenge(conn) < 0) {
|
||||
abort_code = RX_CALL_DEAD;
|
||||
|
@ -49,7 +49,6 @@ struct rxrpc_connection *rxrpc_alloc_connection(gfp_t gfp)
|
||||
conn->security = &rxrpc_no_security;
|
||||
spin_lock_init(&conn->state_lock);
|
||||
conn->debug_id = atomic_inc_return(&rxrpc_debug_id);
|
||||
conn->size_align = 4;
|
||||
conn->idle_timestamp = jiffies;
|
||||
}
|
||||
|
||||
@ -363,7 +362,6 @@ static void rxrpc_destroy_connection(struct rcu_head *rcu)
|
||||
|
||||
conn->security->clear(conn);
|
||||
key_put(conn->params.key);
|
||||
key_put(conn->server_key);
|
||||
rxrpc_put_bundle(conn->bundle);
|
||||
rxrpc_put_peer(conn->params.peer);
|
||||
|
||||
|
@ -156,7 +156,6 @@ struct rxrpc_connection *rxrpc_prealloc_service_connection(struct rxrpc_net *rxn
|
||||
void rxrpc_new_incoming_connection(struct rxrpc_sock *rx,
|
||||
struct rxrpc_connection *conn,
|
||||
const struct rxrpc_security *sec,
|
||||
struct key *key,
|
||||
struct sk_buff *skb)
|
||||
{
|
||||
struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
|
||||
@ -170,7 +169,6 @@ void rxrpc_new_incoming_connection(struct rxrpc_sock *rx,
|
||||
conn->security_ix = sp->hdr.securityIndex;
|
||||
conn->out_clientflag = 0;
|
||||
conn->security = sec;
|
||||
conn->server_key = key_get(key);
|
||||
if (conn->security_ix)
|
||||
conn->state = RXRPC_CONN_SERVICE_UNSECURED;
|
||||
else
|
||||
|
@ -8,20 +8,25 @@
|
||||
#include <net/af_rxrpc.h>
|
||||
#include "ar-internal.h"
|
||||
|
||||
static int none_init_connection_security(struct rxrpc_connection *conn)
|
||||
static int none_init_connection_security(struct rxrpc_connection *conn,
|
||||
struct rxrpc_key_token *token)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int none_prime_packet_security(struct rxrpc_connection *conn)
|
||||
/*
|
||||
* Work out how much data we can put in an unsecured packet.
|
||||
*/
|
||||
static int none_how_much_data(struct rxrpc_call *call, size_t remain,
|
||||
size_t *_buf_size, size_t *_data_size, size_t *_offset)
|
||||
{
|
||||
*_buf_size = *_data_size = min_t(size_t, remain, RXRPC_JUMBO_DATALEN);
|
||||
*_offset = 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int none_secure_packet(struct rxrpc_call *call,
|
||||
struct sk_buff *skb,
|
||||
size_t data_size,
|
||||
void *sechdr)
|
||||
static int none_secure_packet(struct rxrpc_call *call, struct sk_buff *skb,
|
||||
size_t data_size)
|
||||
{
|
||||
return 0;
|
||||
}
|
||||
@ -86,8 +91,8 @@ const struct rxrpc_security rxrpc_no_security = {
|
||||
.init = none_init,
|
||||
.exit = none_exit,
|
||||
.init_connection_security = none_init_connection_security,
|
||||
.prime_packet_security = none_prime_packet_security,
|
||||
.free_call_crypto = none_free_call_crypto,
|
||||
.how_much_data = none_how_much_data,
|
||||
.secure_packet = none_secure_packet,
|
||||
.verify_packet = none_verify_packet,
|
||||
.locate_data = none_locate_data,
|
||||
|
664
net/rxrpc/key.c
664
net/rxrpc/key.c
@ -5,7 +5,7 @@
|
||||
* Written by David Howells (dhowells@redhat.com)
|
||||
*
|
||||
* RxRPC keys should have a description of describing their purpose:
|
||||
* "afs@CAMBRIDGE.REDHAT.COM>
|
||||
* "afs@example.com"
|
||||
*/
|
||||
|
||||
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
|
||||
@ -23,13 +23,9 @@
|
||||
#include <keys/user-type.h>
|
||||
#include "ar-internal.h"
|
||||
|
||||
static int rxrpc_vet_description_s(const char *);
|
||||
static int rxrpc_preparse(struct key_preparsed_payload *);
|
||||
static int rxrpc_preparse_s(struct key_preparsed_payload *);
|
||||
static void rxrpc_free_preparse(struct key_preparsed_payload *);
|
||||
static void rxrpc_free_preparse_s(struct key_preparsed_payload *);
|
||||
static void rxrpc_destroy(struct key *);
|
||||
static void rxrpc_destroy_s(struct key *);
|
||||
static void rxrpc_describe(const struct key *, struct seq_file *);
|
||||
static long rxrpc_read(const struct key *, char *, size_t);
|
||||
|
||||
@ -49,38 +45,6 @@ struct key_type key_type_rxrpc = {
|
||||
};
|
||||
EXPORT_SYMBOL(key_type_rxrpc);
|
||||
|
||||
/*
|
||||
* rxrpc server defined keys take "<serviceId>:<securityIndex>" as the
|
||||
* description and an 8-byte decryption key as the payload
|
||||
*/
|
||||
struct key_type key_type_rxrpc_s = {
|
||||
.name = "rxrpc_s",
|
||||
.flags = KEY_TYPE_NET_DOMAIN,
|
||||
.vet_description = rxrpc_vet_description_s,
|
||||
.preparse = rxrpc_preparse_s,
|
||||
.free_preparse = rxrpc_free_preparse_s,
|
||||
.instantiate = generic_key_instantiate,
|
||||
.destroy = rxrpc_destroy_s,
|
||||
.describe = rxrpc_describe,
|
||||
};
|
||||
|
||||
/*
|
||||
* Vet the description for an RxRPC server key
|
||||
*/
|
||||
static int rxrpc_vet_description_s(const char *desc)
|
||||
{
|
||||
unsigned long num;
|
||||
char *p;
|
||||
|
||||
num = simple_strtoul(desc, &p, 10);
|
||||
if (*p != ':' || num > 65535)
|
||||
return -EINVAL;
|
||||
num = simple_strtoul(p + 1, &p, 10);
|
||||
if (*p || num < 1 || num > 255)
|
||||
return -EINVAL;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* parse an RxKAD type XDR format token
|
||||
* - the caller guarantees we have at least 4 words
|
||||
@ -165,402 +129,17 @@ static int rxrpc_preparse_xdr_rxkad(struct key_preparsed_payload *prep,
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void rxrpc_free_krb5_principal(struct krb5_principal *princ)
|
||||
{
|
||||
int loop;
|
||||
|
||||
if (princ->name_parts) {
|
||||
for (loop = princ->n_name_parts - 1; loop >= 0; loop--)
|
||||
kfree(princ->name_parts[loop]);
|
||||
kfree(princ->name_parts);
|
||||
}
|
||||
kfree(princ->realm);
|
||||
}
|
||||
|
||||
static void rxrpc_free_krb5_tagged(struct krb5_tagged_data *td)
|
||||
{
|
||||
kfree(td->data);
|
||||
}
|
||||
|
||||
/*
|
||||
* free up an RxK5 token
|
||||
*/
|
||||
static void rxrpc_rxk5_free(struct rxk5_key *rxk5)
|
||||
{
|
||||
int loop;
|
||||
|
||||
rxrpc_free_krb5_principal(&rxk5->client);
|
||||
rxrpc_free_krb5_principal(&rxk5->server);
|
||||
rxrpc_free_krb5_tagged(&rxk5->session);
|
||||
|
||||
if (rxk5->addresses) {
|
||||
for (loop = rxk5->n_addresses - 1; loop >= 0; loop--)
|
||||
rxrpc_free_krb5_tagged(&rxk5->addresses[loop]);
|
||||
kfree(rxk5->addresses);
|
||||
}
|
||||
if (rxk5->authdata) {
|
||||
for (loop = rxk5->n_authdata - 1; loop >= 0; loop--)
|
||||
rxrpc_free_krb5_tagged(&rxk5->authdata[loop]);
|
||||
kfree(rxk5->authdata);
|
||||
}
|
||||
|
||||
kfree(rxk5->ticket);
|
||||
kfree(rxk5->ticket2);
|
||||
kfree(rxk5);
|
||||
}
|
||||
|
||||
/*
|
||||
* extract a krb5 principal
|
||||
*/
|
||||
static int rxrpc_krb5_decode_principal(struct krb5_principal *princ,
|
||||
const __be32 **_xdr,
|
||||
unsigned int *_toklen)
|
||||
{
|
||||
const __be32 *xdr = *_xdr;
|
||||
unsigned int toklen = *_toklen, n_parts, loop, tmp, paddedlen;
|
||||
|
||||
/* there must be at least one name, and at least #names+1 length
|
||||
* words */
|
||||
if (toklen <= 12)
|
||||
return -EINVAL;
|
||||
|
||||
_enter(",{%x,%x,%x},%u",
|
||||
ntohl(xdr[0]), ntohl(xdr[1]), ntohl(xdr[2]), toklen);
|
||||
|
||||
n_parts = ntohl(*xdr++);
|
||||
toklen -= 4;
|
||||
if (n_parts <= 0 || n_parts > AFSTOKEN_K5_COMPONENTS_MAX)
|
||||
return -EINVAL;
|
||||
princ->n_name_parts = n_parts;
|
||||
|
||||
if (toklen <= (n_parts + 1) * 4)
|
||||
return -EINVAL;
|
||||
|
||||
princ->name_parts = kcalloc(n_parts, sizeof(char *), GFP_KERNEL);
|
||||
if (!princ->name_parts)
|
||||
return -ENOMEM;
|
||||
|
||||
for (loop = 0; loop < n_parts; loop++) {
|
||||
if (toklen < 4)
|
||||
return -EINVAL;
|
||||
tmp = ntohl(*xdr++);
|
||||
toklen -= 4;
|
||||
if (tmp <= 0 || tmp > AFSTOKEN_STRING_MAX)
|
||||
return -EINVAL;
|
||||
paddedlen = (tmp + 3) & ~3;
|
||||
if (paddedlen > toklen)
|
||||
return -EINVAL;
|
||||
princ->name_parts[loop] = kmalloc(tmp + 1, GFP_KERNEL);
|
||||
if (!princ->name_parts[loop])
|
||||
return -ENOMEM;
|
||||
memcpy(princ->name_parts[loop], xdr, tmp);
|
||||
princ->name_parts[loop][tmp] = 0;
|
||||
toklen -= paddedlen;
|
||||
xdr += paddedlen >> 2;
|
||||
}
|
||||
|
||||
if (toklen < 4)
|
||||
return -EINVAL;
|
||||
tmp = ntohl(*xdr++);
|
||||
toklen -= 4;
|
||||
if (tmp <= 0 || tmp > AFSTOKEN_K5_REALM_MAX)
|
||||
return -EINVAL;
|
||||
paddedlen = (tmp + 3) & ~3;
|
||||
if (paddedlen > toklen)
|
||||
return -EINVAL;
|
||||
princ->realm = kmalloc(tmp + 1, GFP_KERNEL);
|
||||
if (!princ->realm)
|
||||
return -ENOMEM;
|
||||
memcpy(princ->realm, xdr, tmp);
|
||||
princ->realm[tmp] = 0;
|
||||
toklen -= paddedlen;
|
||||
xdr += paddedlen >> 2;
|
||||
|
||||
_debug("%s/...@%s", princ->name_parts[0], princ->realm);
|
||||
|
||||
*_xdr = xdr;
|
||||
*_toklen = toklen;
|
||||
_leave(" = 0 [toklen=%u]", toklen);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* extract a piece of krb5 tagged data
|
||||
*/
|
||||
static int rxrpc_krb5_decode_tagged_data(struct krb5_tagged_data *td,
|
||||
size_t max_data_size,
|
||||
const __be32 **_xdr,
|
||||
unsigned int *_toklen)
|
||||
{
|
||||
const __be32 *xdr = *_xdr;
|
||||
unsigned int toklen = *_toklen, len, paddedlen;
|
||||
|
||||
/* there must be at least one tag and one length word */
|
||||
if (toklen <= 8)
|
||||
return -EINVAL;
|
||||
|
||||
_enter(",%zu,{%x,%x},%u",
|
||||
max_data_size, ntohl(xdr[0]), ntohl(xdr[1]), toklen);
|
||||
|
||||
td->tag = ntohl(*xdr++);
|
||||
len = ntohl(*xdr++);
|
||||
toklen -= 8;
|
||||
if (len > max_data_size)
|
||||
return -EINVAL;
|
||||
paddedlen = (len + 3) & ~3;
|
||||
if (paddedlen > toklen)
|
||||
return -EINVAL;
|
||||
td->data_len = len;
|
||||
|
||||
if (len > 0) {
|
||||
td->data = kmemdup(xdr, len, GFP_KERNEL);
|
||||
if (!td->data)
|
||||
return -ENOMEM;
|
||||
toklen -= paddedlen;
|
||||
xdr += paddedlen >> 2;
|
||||
}
|
||||
|
||||
_debug("tag %x len %x", td->tag, td->data_len);
|
||||
|
||||
*_xdr = xdr;
|
||||
*_toklen = toklen;
|
||||
_leave(" = 0 [toklen=%u]", toklen);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* extract an array of tagged data
|
||||
*/
|
||||
static int rxrpc_krb5_decode_tagged_array(struct krb5_tagged_data **_td,
|
||||
u8 *_n_elem,
|
||||
u8 max_n_elem,
|
||||
size_t max_elem_size,
|
||||
const __be32 **_xdr,
|
||||
unsigned int *_toklen)
|
||||
{
|
||||
struct krb5_tagged_data *td;
|
||||
const __be32 *xdr = *_xdr;
|
||||
unsigned int toklen = *_toklen, n_elem, loop;
|
||||
int ret;
|
||||
|
||||
/* there must be at least one count */
|
||||
if (toklen < 4)
|
||||
return -EINVAL;
|
||||
|
||||
_enter(",,%u,%zu,{%x},%u",
|
||||
max_n_elem, max_elem_size, ntohl(xdr[0]), toklen);
|
||||
|
||||
n_elem = ntohl(*xdr++);
|
||||
toklen -= 4;
|
||||
if (n_elem > max_n_elem)
|
||||
return -EINVAL;
|
||||
*_n_elem = n_elem;
|
||||
if (n_elem > 0) {
|
||||
if (toklen <= (n_elem + 1) * 4)
|
||||
return -EINVAL;
|
||||
|
||||
_debug("n_elem %d", n_elem);
|
||||
|
||||
td = kcalloc(n_elem, sizeof(struct krb5_tagged_data),
|
||||
GFP_KERNEL);
|
||||
if (!td)
|
||||
return -ENOMEM;
|
||||
*_td = td;
|
||||
|
||||
for (loop = 0; loop < n_elem; loop++) {
|
||||
ret = rxrpc_krb5_decode_tagged_data(&td[loop],
|
||||
max_elem_size,
|
||||
&xdr, &toklen);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
}
|
||||
}
|
||||
|
||||
*_xdr = xdr;
|
||||
*_toklen = toklen;
|
||||
_leave(" = 0 [toklen=%u]", toklen);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* extract a krb5 ticket
|
||||
*/
|
||||
static int rxrpc_krb5_decode_ticket(u8 **_ticket, u16 *_tktlen,
|
||||
const __be32 **_xdr, unsigned int *_toklen)
|
||||
{
|
||||
const __be32 *xdr = *_xdr;
|
||||
unsigned int toklen = *_toklen, len, paddedlen;
|
||||
|
||||
/* there must be at least one length word */
|
||||
if (toklen <= 4)
|
||||
return -EINVAL;
|
||||
|
||||
_enter(",{%x},%u", ntohl(xdr[0]), toklen);
|
||||
|
||||
len = ntohl(*xdr++);
|
||||
toklen -= 4;
|
||||
if (len > AFSTOKEN_K5_TIX_MAX)
|
||||
return -EINVAL;
|
||||
paddedlen = (len + 3) & ~3;
|
||||
if (paddedlen > toklen)
|
||||
return -EINVAL;
|
||||
*_tktlen = len;
|
||||
|
||||
_debug("ticket len %u", len);
|
||||
|
||||
if (len > 0) {
|
||||
*_ticket = kmemdup(xdr, len, GFP_KERNEL);
|
||||
if (!*_ticket)
|
||||
return -ENOMEM;
|
||||
toklen -= paddedlen;
|
||||
xdr += paddedlen >> 2;
|
||||
}
|
||||
|
||||
*_xdr = xdr;
|
||||
*_toklen = toklen;
|
||||
_leave(" = 0 [toklen=%u]", toklen);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* parse an RxK5 type XDR format token
|
||||
* - the caller guarantees we have at least 4 words
|
||||
*/
|
||||
static int rxrpc_preparse_xdr_rxk5(struct key_preparsed_payload *prep,
|
||||
size_t datalen,
|
||||
const __be32 *xdr, unsigned int toklen)
|
||||
{
|
||||
struct rxrpc_key_token *token, **pptoken;
|
||||
struct rxk5_key *rxk5;
|
||||
const __be32 *end_xdr = xdr + (toklen >> 2);
|
||||
time64_t expiry;
|
||||
int ret;
|
||||
|
||||
_enter(",{%x,%x,%x,%x},%u",
|
||||
ntohl(xdr[0]), ntohl(xdr[1]), ntohl(xdr[2]), ntohl(xdr[3]),
|
||||
toklen);
|
||||
|
||||
/* reserve some payload space for this subkey - the length of the token
|
||||
* is a reasonable approximation */
|
||||
prep->quotalen = datalen + toklen;
|
||||
|
||||
token = kzalloc(sizeof(*token), GFP_KERNEL);
|
||||
if (!token)
|
||||
return -ENOMEM;
|
||||
|
||||
rxk5 = kzalloc(sizeof(*rxk5), GFP_KERNEL);
|
||||
if (!rxk5) {
|
||||
kfree(token);
|
||||
return -ENOMEM;
|
||||
}
|
||||
|
||||
token->security_index = RXRPC_SECURITY_RXK5;
|
||||
token->k5 = rxk5;
|
||||
|
||||
/* extract the principals */
|
||||
ret = rxrpc_krb5_decode_principal(&rxk5->client, &xdr, &toklen);
|
||||
if (ret < 0)
|
||||
goto error;
|
||||
ret = rxrpc_krb5_decode_principal(&rxk5->server, &xdr, &toklen);
|
||||
if (ret < 0)
|
||||
goto error;
|
||||
|
||||
/* extract the session key and the encoding type (the tag field ->
|
||||
* ENCTYPE_xxx) */
|
||||
ret = rxrpc_krb5_decode_tagged_data(&rxk5->session, AFSTOKEN_DATA_MAX,
|
||||
&xdr, &toklen);
|
||||
if (ret < 0)
|
||||
goto error;
|
||||
|
||||
if (toklen < 4 * 8 + 2 * 4)
|
||||
goto inval;
|
||||
rxk5->authtime = be64_to_cpup((const __be64 *) xdr);
|
||||
xdr += 2;
|
||||
rxk5->starttime = be64_to_cpup((const __be64 *) xdr);
|
||||
xdr += 2;
|
||||
rxk5->endtime = be64_to_cpup((const __be64 *) xdr);
|
||||
xdr += 2;
|
||||
rxk5->renew_till = be64_to_cpup((const __be64 *) xdr);
|
||||
xdr += 2;
|
||||
rxk5->is_skey = ntohl(*xdr++);
|
||||
rxk5->flags = ntohl(*xdr++);
|
||||
toklen -= 4 * 8 + 2 * 4;
|
||||
|
||||
_debug("times: a=%llx s=%llx e=%llx rt=%llx",
|
||||
rxk5->authtime, rxk5->starttime, rxk5->endtime,
|
||||
rxk5->renew_till);
|
||||
_debug("is_skey=%x flags=%x", rxk5->is_skey, rxk5->flags);
|
||||
|
||||
/* extract the permitted client addresses */
|
||||
ret = rxrpc_krb5_decode_tagged_array(&rxk5->addresses,
|
||||
&rxk5->n_addresses,
|
||||
AFSTOKEN_K5_ADDRESSES_MAX,
|
||||
AFSTOKEN_DATA_MAX,
|
||||
&xdr, &toklen);
|
||||
if (ret < 0)
|
||||
goto error;
|
||||
|
||||
ASSERTCMP((end_xdr - xdr) << 2, ==, toklen);
|
||||
|
||||
/* extract the tickets */
|
||||
ret = rxrpc_krb5_decode_ticket(&rxk5->ticket, &rxk5->ticket_len,
|
||||
&xdr, &toklen);
|
||||
if (ret < 0)
|
||||
goto error;
|
||||
ret = rxrpc_krb5_decode_ticket(&rxk5->ticket2, &rxk5->ticket2_len,
|
||||
&xdr, &toklen);
|
||||
if (ret < 0)
|
||||
goto error;
|
||||
|
||||
ASSERTCMP((end_xdr - xdr) << 2, ==, toklen);
|
||||
|
||||
/* extract the typed auth data */
|
||||
ret = rxrpc_krb5_decode_tagged_array(&rxk5->authdata,
|
||||
&rxk5->n_authdata,
|
||||
AFSTOKEN_K5_AUTHDATA_MAX,
|
||||
AFSTOKEN_BDATALN_MAX,
|
||||
&xdr, &toklen);
|
||||
if (ret < 0)
|
||||
goto error;
|
||||
|
||||
ASSERTCMP((end_xdr - xdr) << 2, ==, toklen);
|
||||
|
||||
if (toklen != 0)
|
||||
goto inval;
|
||||
|
||||
/* attach the payload */
|
||||
for (pptoken = (struct rxrpc_key_token **)&prep->payload.data[0];
|
||||
*pptoken;
|
||||
pptoken = &(*pptoken)->next)
|
||||
continue;
|
||||
*pptoken = token;
|
||||
expiry = rxrpc_u32_to_time64(token->k5->endtime);
|
||||
if (expiry < prep->expiry)
|
||||
prep->expiry = expiry;
|
||||
|
||||
_leave(" = 0");
|
||||
return 0;
|
||||
|
||||
inval:
|
||||
ret = -EINVAL;
|
||||
error:
|
||||
rxrpc_rxk5_free(rxk5);
|
||||
kfree(token);
|
||||
_leave(" = %d", ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* attempt to parse the data as the XDR format
|
||||
* - the caller guarantees we have more than 7 words
|
||||
*/
|
||||
static int rxrpc_preparse_xdr(struct key_preparsed_payload *prep)
|
||||
{
|
||||
const __be32 *xdr = prep->data, *token;
|
||||
const __be32 *xdr = prep->data, *token, *p;
|
||||
const char *cp;
|
||||
unsigned int len, paddedlen, loop, ntoken, toklen, sec_ix;
|
||||
size_t datalen = prep->datalen;
|
||||
int ret;
|
||||
int ret, ret2;
|
||||
|
||||
_enter(",{%x,%x,%x,%x},%zu",
|
||||
ntohl(xdr[0]), ntohl(xdr[1]), ntohl(xdr[2]), ntohl(xdr[3]),
|
||||
@ -610,20 +189,20 @@ static int rxrpc_preparse_xdr(struct key_preparsed_payload *prep)
|
||||
goto not_xdr;
|
||||
|
||||
/* check each token wrapper */
|
||||
token = xdr;
|
||||
p = xdr;
|
||||
loop = ntoken;
|
||||
do {
|
||||
if (datalen < 8)
|
||||
goto not_xdr;
|
||||
toklen = ntohl(*xdr++);
|
||||
sec_ix = ntohl(*xdr);
|
||||
toklen = ntohl(*p++);
|
||||
sec_ix = ntohl(*p);
|
||||
datalen -= 4;
|
||||
_debug("token: [%x/%zx] %x", toklen, datalen, sec_ix);
|
||||
paddedlen = (toklen + 3) & ~3;
|
||||
if (toklen < 20 || toklen > datalen || paddedlen > datalen)
|
||||
goto not_xdr;
|
||||
datalen -= paddedlen;
|
||||
xdr += paddedlen >> 2;
|
||||
p += paddedlen >> 2;
|
||||
|
||||
} while (--loop > 0);
|
||||
|
||||
@ -634,44 +213,50 @@ static int rxrpc_preparse_xdr(struct key_preparsed_payload *prep)
|
||||
/* okay: we're going to assume it's valid XDR format
|
||||
* - we ignore the cellname, relying on the key to be correctly named
|
||||
*/
|
||||
ret = -EPROTONOSUPPORT;
|
||||
do {
|
||||
xdr = token;
|
||||
toklen = ntohl(*xdr++);
|
||||
token = xdr + ((toklen + 3) >> 2);
|
||||
sec_ix = ntohl(*xdr++);
|
||||
token = xdr;
|
||||
xdr += (toklen + 3) / 4;
|
||||
|
||||
sec_ix = ntohl(*token++);
|
||||
toklen -= 4;
|
||||
|
||||
_debug("TOKEN type=%u [%p-%p]", sec_ix, xdr, token);
|
||||
_debug("TOKEN type=%x len=%x", sec_ix, toklen);
|
||||
|
||||
switch (sec_ix) {
|
||||
case RXRPC_SECURITY_RXKAD:
|
||||
ret = rxrpc_preparse_xdr_rxkad(prep, datalen, xdr, toklen);
|
||||
if (ret != 0)
|
||||
goto error;
|
||||
ret2 = rxrpc_preparse_xdr_rxkad(prep, datalen, token, toklen);
|
||||
break;
|
||||
|
||||
case RXRPC_SECURITY_RXK5:
|
||||
ret = rxrpc_preparse_xdr_rxk5(prep, datalen, xdr, toklen);
|
||||
if (ret != 0)
|
||||
goto error;
|
||||
break;
|
||||
|
||||
default:
|
||||
ret = -EPROTONOSUPPORT;
|
||||
ret2 = -EPROTONOSUPPORT;
|
||||
break;
|
||||
}
|
||||
|
||||
switch (ret2) {
|
||||
case 0:
|
||||
ret = 0;
|
||||
break;
|
||||
case -EPROTONOSUPPORT:
|
||||
break;
|
||||
case -ENOPKG:
|
||||
if (ret != 0)
|
||||
ret = -ENOPKG;
|
||||
break;
|
||||
default:
|
||||
ret = ret2;
|
||||
goto error;
|
||||
}
|
||||
|
||||
} while (--ntoken > 0);
|
||||
|
||||
_leave(" = 0");
|
||||
return 0;
|
||||
error:
|
||||
_leave(" = %d", ret);
|
||||
return ret;
|
||||
|
||||
not_xdr:
|
||||
_leave(" = -EPROTO");
|
||||
return -EPROTO;
|
||||
error:
|
||||
_leave(" = %d", ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
@ -805,10 +390,6 @@ static void rxrpc_free_token_list(struct rxrpc_key_token *token)
|
||||
case RXRPC_SECURITY_RXKAD:
|
||||
kfree(token->kad);
|
||||
break;
|
||||
case RXRPC_SECURITY_RXK5:
|
||||
if (token->k5)
|
||||
rxrpc_rxk5_free(token->k5);
|
||||
break;
|
||||
default:
|
||||
pr_err("Unknown token type %x on rxrpc key\n",
|
||||
token->security_index);
|
||||
@ -827,45 +408,6 @@ static void rxrpc_free_preparse(struct key_preparsed_payload *prep)
|
||||
rxrpc_free_token_list(prep->payload.data[0]);
|
||||
}
|
||||
|
||||
/*
|
||||
* Preparse a server secret key.
|
||||
*
|
||||
* The data should be the 8-byte secret key.
|
||||
*/
|
||||
static int rxrpc_preparse_s(struct key_preparsed_payload *prep)
|
||||
{
|
||||
struct crypto_skcipher *ci;
|
||||
|
||||
_enter("%zu", prep->datalen);
|
||||
|
||||
if (prep->datalen != 8)
|
||||
return -EINVAL;
|
||||
|
||||
memcpy(&prep->payload.data[2], prep->data, 8);
|
||||
|
||||
ci = crypto_alloc_skcipher("pcbc(des)", 0, CRYPTO_ALG_ASYNC);
|
||||
if (IS_ERR(ci)) {
|
||||
_leave(" = %ld", PTR_ERR(ci));
|
||||
return PTR_ERR(ci);
|
||||
}
|
||||
|
||||
if (crypto_skcipher_setkey(ci, prep->data, 8) < 0)
|
||||
BUG();
|
||||
|
||||
prep->payload.data[0] = ci;
|
||||
_leave(" = 0");
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Clean up preparse data.
|
||||
*/
|
||||
static void rxrpc_free_preparse_s(struct key_preparsed_payload *prep)
|
||||
{
|
||||
if (prep->payload.data[0])
|
||||
crypto_free_skcipher(prep->payload.data[0]);
|
||||
}
|
||||
|
||||
/*
|
||||
* dispose of the data dangling from the corpse of a rxrpc key
|
||||
*/
|
||||
@ -874,23 +416,30 @@ static void rxrpc_destroy(struct key *key)
|
||||
rxrpc_free_token_list(key->payload.data[0]);
|
||||
}
|
||||
|
||||
/*
|
||||
* dispose of the data dangling from the corpse of a rxrpc key
|
||||
*/
|
||||
static void rxrpc_destroy_s(struct key *key)
|
||||
{
|
||||
if (key->payload.data[0]) {
|
||||
crypto_free_skcipher(key->payload.data[0]);
|
||||
key->payload.data[0] = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* describe the rxrpc key
|
||||
*/
|
||||
static void rxrpc_describe(const struct key *key, struct seq_file *m)
|
||||
{
|
||||
const struct rxrpc_key_token *token;
|
||||
const char *sep = ": ";
|
||||
|
||||
seq_puts(m, key->description);
|
||||
|
||||
for (token = key->payload.data[0]; token; token = token->next) {
|
||||
seq_puts(m, sep);
|
||||
|
||||
switch (token->security_index) {
|
||||
case RXRPC_SECURITY_RXKAD:
|
||||
seq_puts(m, "ka");
|
||||
break;
|
||||
default: /* we have a ticket we can't encode */
|
||||
seq_printf(m, "%u", token->security_index);
|
||||
break;
|
||||
}
|
||||
|
||||
sep = " ";
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
@ -923,36 +472,6 @@ int rxrpc_request_key(struct rxrpc_sock *rx, sockptr_t optval, int optlen)
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* grab the security keyring for a server socket
|
||||
*/
|
||||
int rxrpc_server_keyring(struct rxrpc_sock *rx, sockptr_t optval, int optlen)
|
||||
{
|
||||
struct key *key;
|
||||
char *description;
|
||||
|
||||
_enter("");
|
||||
|
||||
if (optlen <= 0 || optlen > PAGE_SIZE - 1)
|
||||
return -EINVAL;
|
||||
|
||||
description = memdup_sockptr_nul(optval, optlen);
|
||||
if (IS_ERR(description))
|
||||
return PTR_ERR(description);
|
||||
|
||||
key = request_key(&key_type_keyring, description, NULL);
|
||||
if (IS_ERR(key)) {
|
||||
kfree(description);
|
||||
_leave(" = %ld", PTR_ERR(key));
|
||||
return PTR_ERR(key);
|
||||
}
|
||||
|
||||
rx->securities = key;
|
||||
kfree(description);
|
||||
_leave(" = 0 [key %x]", key->serial);
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* generate a server data key
|
||||
*/
|
||||
@ -1044,12 +563,10 @@ static long rxrpc_read(const struct key *key,
|
||||
char *buffer, size_t buflen)
|
||||
{
|
||||
const struct rxrpc_key_token *token;
|
||||
const struct krb5_principal *princ;
|
||||
size_t size;
|
||||
__be32 *xdr, *oldxdr;
|
||||
u32 cnlen, toksize, ntoks, tok, zero;
|
||||
u16 toksizes[AFSTOKEN_MAX];
|
||||
int loop;
|
||||
|
||||
_enter("");
|
||||
|
||||
@ -1074,36 +591,8 @@ static long rxrpc_read(const struct key *key,
|
||||
case RXRPC_SECURITY_RXKAD:
|
||||
toksize += 8 * 4; /* viceid, kvno, key*2, begin,
|
||||
* end, primary, tktlen */
|
||||
toksize += RND(token->kad->ticket_len);
|
||||
break;
|
||||
|
||||
case RXRPC_SECURITY_RXK5:
|
||||
princ = &token->k5->client;
|
||||
toksize += 4 + princ->n_name_parts * 4;
|
||||
for (loop = 0; loop < princ->n_name_parts; loop++)
|
||||
toksize += RND(strlen(princ->name_parts[loop]));
|
||||
toksize += 4 + RND(strlen(princ->realm));
|
||||
|
||||
princ = &token->k5->server;
|
||||
toksize += 4 + princ->n_name_parts * 4;
|
||||
for (loop = 0; loop < princ->n_name_parts; loop++)
|
||||
toksize += RND(strlen(princ->name_parts[loop]));
|
||||
toksize += 4 + RND(strlen(princ->realm));
|
||||
|
||||
toksize += 8 + RND(token->k5->session.data_len);
|
||||
|
||||
toksize += 4 * 8 + 2 * 4;
|
||||
|
||||
toksize += 4 + token->k5->n_addresses * 8;
|
||||
for (loop = 0; loop < token->k5->n_addresses; loop++)
|
||||
toksize += RND(token->k5->addresses[loop].data_len);
|
||||
|
||||
toksize += 4 + RND(token->k5->ticket_len);
|
||||
toksize += 4 + RND(token->k5->ticket2_len);
|
||||
|
||||
toksize += 4 + token->k5->n_authdata * 8;
|
||||
for (loop = 0; loop < token->k5->n_authdata; loop++)
|
||||
toksize += RND(token->k5->authdata[loop].data_len);
|
||||
if (!token->no_leak_key)
|
||||
toksize += RND(token->kad->ticket_len);
|
||||
break;
|
||||
|
||||
default: /* we have a ticket we can't encode */
|
||||
@ -1178,49 +667,10 @@ static long rxrpc_read(const struct key *key,
|
||||
ENCODE(token->kad->start);
|
||||
ENCODE(token->kad->expiry);
|
||||
ENCODE(token->kad->primary_flag);
|
||||
ENCODE_DATA(token->kad->ticket_len, token->kad->ticket);
|
||||
break;
|
||||
|
||||
case RXRPC_SECURITY_RXK5:
|
||||
princ = &token->k5->client;
|
||||
ENCODE(princ->n_name_parts);
|
||||
for (loop = 0; loop < princ->n_name_parts; loop++)
|
||||
ENCODE_STR(princ->name_parts[loop]);
|
||||
ENCODE_STR(princ->realm);
|
||||
|
||||
princ = &token->k5->server;
|
||||
ENCODE(princ->n_name_parts);
|
||||
for (loop = 0; loop < princ->n_name_parts; loop++)
|
||||
ENCODE_STR(princ->name_parts[loop]);
|
||||
ENCODE_STR(princ->realm);
|
||||
|
||||
ENCODE(token->k5->session.tag);
|
||||
ENCODE_DATA(token->k5->session.data_len,
|
||||
token->k5->session.data);
|
||||
|
||||
ENCODE64(token->k5->authtime);
|
||||
ENCODE64(token->k5->starttime);
|
||||
ENCODE64(token->k5->endtime);
|
||||
ENCODE64(token->k5->renew_till);
|
||||
ENCODE(token->k5->is_skey);
|
||||
ENCODE(token->k5->flags);
|
||||
|
||||
ENCODE(token->k5->n_addresses);
|
||||
for (loop = 0; loop < token->k5->n_addresses; loop++) {
|
||||
ENCODE(token->k5->addresses[loop].tag);
|
||||
ENCODE_DATA(token->k5->addresses[loop].data_len,
|
||||
token->k5->addresses[loop].data);
|
||||
}
|
||||
|
||||
ENCODE_DATA(token->k5->ticket_len, token->k5->ticket);
|
||||
ENCODE_DATA(token->k5->ticket2_len, token->k5->ticket2);
|
||||
|
||||
ENCODE(token->k5->n_authdata);
|
||||
for (loop = 0; loop < token->k5->n_authdata; loop++) {
|
||||
ENCODE(token->k5->authdata[loop].tag);
|
||||
ENCODE_DATA(token->k5->authdata[loop].data_len,
|
||||
token->k5->authdata[loop].data);
|
||||
}
|
||||
if (token->no_leak_key)
|
||||
ENCODE(0);
|
||||
else
|
||||
ENCODE_DATA(token->kad->ticket_len, token->kad->ticket);
|
||||
break;
|
||||
|
||||
default:
|
||||
|
@ -15,6 +15,7 @@
|
||||
#include <linux/scatterlist.h>
|
||||
#include <linux/ctype.h>
|
||||
#include <linux/slab.h>
|
||||
#include <linux/key-type.h>
|
||||
#include <net/sock.h>
|
||||
#include <net/af_rxrpc.h>
|
||||
#include <keys/rxrpc-type.h>
|
||||
@ -27,6 +28,7 @@
|
||||
#define INST_SZ 40 /* size of principal's instance */
|
||||
#define REALM_SZ 40 /* size of principal's auth domain */
|
||||
#define SNAME_SZ 40 /* size of service name */
|
||||
#define RXKAD_ALIGN 8
|
||||
|
||||
struct rxkad_level1_hdr {
|
||||
__be32 data_size; /* true data size (excluding padding) */
|
||||
@ -37,6 +39,9 @@ struct rxkad_level2_hdr {
|
||||
__be32 checksum; /* decrypted data checksum */
|
||||
};
|
||||
|
||||
static int rxkad_prime_packet_security(struct rxrpc_connection *conn,
|
||||
struct crypto_sync_skcipher *ci);
|
||||
|
||||
/*
|
||||
* this holds a pinned cipher so that keventd doesn't get called by the cipher
|
||||
* alloc routine, but since we have it to hand, we use it to decrypt RESPONSE
|
||||
@ -46,18 +51,60 @@ static struct crypto_sync_skcipher *rxkad_ci;
|
||||
static struct skcipher_request *rxkad_ci_req;
|
||||
static DEFINE_MUTEX(rxkad_ci_mutex);
|
||||
|
||||
/*
|
||||
* Parse the information from a server key
|
||||
*
|
||||
* The data should be the 8-byte secret key.
|
||||
*/
|
||||
static int rxkad_preparse_server_key(struct key_preparsed_payload *prep)
|
||||
{
|
||||
struct crypto_skcipher *ci;
|
||||
|
||||
if (prep->datalen != 8)
|
||||
return -EINVAL;
|
||||
|
||||
memcpy(&prep->payload.data[2], prep->data, 8);
|
||||
|
||||
ci = crypto_alloc_skcipher("pcbc(des)", 0, CRYPTO_ALG_ASYNC);
|
||||
if (IS_ERR(ci)) {
|
||||
_leave(" = %ld", PTR_ERR(ci));
|
||||
return PTR_ERR(ci);
|
||||
}
|
||||
|
||||
if (crypto_skcipher_setkey(ci, prep->data, 8) < 0)
|
||||
BUG();
|
||||
|
||||
prep->payload.data[0] = ci;
|
||||
_leave(" = 0");
|
||||
return 0;
|
||||
}
|
||||
|
||||
static void rxkad_free_preparse_server_key(struct key_preparsed_payload *prep)
|
||||
{
|
||||
|
||||
if (prep->payload.data[0])
|
||||
crypto_free_skcipher(prep->payload.data[0]);
|
||||
}
|
||||
|
||||
static void rxkad_destroy_server_key(struct key *key)
|
||||
{
|
||||
if (key->payload.data[0]) {
|
||||
crypto_free_skcipher(key->payload.data[0]);
|
||||
key->payload.data[0] = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
* initialise connection security
|
||||
*/
|
||||
static int rxkad_init_connection_security(struct rxrpc_connection *conn)
|
||||
static int rxkad_init_connection_security(struct rxrpc_connection *conn,
|
||||
struct rxrpc_key_token *token)
|
||||
{
|
||||
struct crypto_sync_skcipher *ci;
|
||||
struct rxrpc_key_token *token;
|
||||
int ret;
|
||||
|
||||
_enter("{%d},{%x}", conn->debug_id, key_serial(conn->params.key));
|
||||
|
||||
token = conn->params.key->payload.data[0];
|
||||
conn->security_ix = token->security_index;
|
||||
|
||||
ci = crypto_alloc_sync_skcipher("pcbc(fcrypt)", 0, 0);
|
||||
@ -73,32 +120,68 @@ static int rxkad_init_connection_security(struct rxrpc_connection *conn)
|
||||
|
||||
switch (conn->params.security_level) {
|
||||
case RXRPC_SECURITY_PLAIN:
|
||||
break;
|
||||
case RXRPC_SECURITY_AUTH:
|
||||
conn->size_align = 8;
|
||||
conn->security_size = sizeof(struct rxkad_level1_hdr);
|
||||
break;
|
||||
case RXRPC_SECURITY_ENCRYPT:
|
||||
conn->size_align = 8;
|
||||
conn->security_size = sizeof(struct rxkad_level2_hdr);
|
||||
break;
|
||||
default:
|
||||
ret = -EKEYREJECTED;
|
||||
goto error;
|
||||
}
|
||||
|
||||
conn->cipher = ci;
|
||||
ret = 0;
|
||||
ret = rxkad_prime_packet_security(conn, ci);
|
||||
if (ret < 0)
|
||||
goto error_ci;
|
||||
|
||||
conn->rxkad.cipher = ci;
|
||||
return 0;
|
||||
|
||||
error_ci:
|
||||
crypto_free_sync_skcipher(ci);
|
||||
error:
|
||||
_leave(" = %d", ret);
|
||||
return ret;
|
||||
}
|
||||
|
||||
/*
|
||||
* Work out how much data we can put in a packet.
|
||||
*/
|
||||
static int rxkad_how_much_data(struct rxrpc_call *call, size_t remain,
|
||||
size_t *_buf_size, size_t *_data_size, size_t *_offset)
|
||||
{
|
||||
size_t shdr, buf_size, chunk;
|
||||
|
||||
switch (call->conn->params.security_level) {
|
||||
default:
|
||||
buf_size = chunk = min_t(size_t, remain, RXRPC_JUMBO_DATALEN);
|
||||
shdr = 0;
|
||||
goto out;
|
||||
case RXRPC_SECURITY_AUTH:
|
||||
shdr = sizeof(struct rxkad_level1_hdr);
|
||||
break;
|
||||
case RXRPC_SECURITY_ENCRYPT:
|
||||
shdr = sizeof(struct rxkad_level2_hdr);
|
||||
break;
|
||||
}
|
||||
|
||||
buf_size = round_down(RXRPC_JUMBO_DATALEN, RXKAD_ALIGN);
|
||||
|
||||
chunk = buf_size - shdr;
|
||||
if (remain < chunk)
|
||||
buf_size = round_up(shdr + remain, RXKAD_ALIGN);
|
||||
|
||||
out:
|
||||
*_buf_size = buf_size;
|
||||
*_data_size = chunk;
|
||||
*_offset = shdr;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* prime the encryption state with the invariant parts of a connection's
|
||||
* description
|
||||
*/
|
||||
static int rxkad_prime_packet_security(struct rxrpc_connection *conn)
|
||||
static int rxkad_prime_packet_security(struct rxrpc_connection *conn,
|
||||
struct crypto_sync_skcipher *ci)
|
||||
{
|
||||
struct skcipher_request *req;
|
||||
struct rxrpc_key_token *token;
|
||||
@ -116,7 +199,7 @@ static int rxkad_prime_packet_security(struct rxrpc_connection *conn)
|
||||
if (!tmpbuf)
|
||||
return -ENOMEM;
|
||||
|
||||
req = skcipher_request_alloc(&conn->cipher->base, GFP_NOFS);
|
||||
req = skcipher_request_alloc(&ci->base, GFP_NOFS);
|
||||
if (!req) {
|
||||
kfree(tmpbuf);
|
||||
return -ENOMEM;
|
||||
@ -131,13 +214,13 @@ static int rxkad_prime_packet_security(struct rxrpc_connection *conn)
|
||||
tmpbuf[3] = htonl(conn->security_ix);
|
||||
|
||||
sg_init_one(&sg, tmpbuf, tmpsize);
|
||||
skcipher_request_set_sync_tfm(req, conn->cipher);
|
||||
skcipher_request_set_sync_tfm(req, ci);
|
||||
skcipher_request_set_callback(req, 0, NULL, NULL);
|
||||
skcipher_request_set_crypt(req, &sg, &sg, tmpsize, iv.x);
|
||||
crypto_skcipher_encrypt(req);
|
||||
skcipher_request_free(req);
|
||||
|
||||
memcpy(&conn->csum_iv, tmpbuf + 2, sizeof(conn->csum_iv));
|
||||
memcpy(&conn->rxkad.csum_iv, tmpbuf + 2, sizeof(conn->rxkad.csum_iv));
|
||||
kfree(tmpbuf);
|
||||
_leave(" = 0");
|
||||
return 0;
|
||||
@ -149,7 +232,7 @@ static int rxkad_prime_packet_security(struct rxrpc_connection *conn)
|
||||
*/
|
||||
static struct skcipher_request *rxkad_get_call_crypto(struct rxrpc_call *call)
|
||||
{
|
||||
struct crypto_skcipher *tfm = &call->conn->cipher->base;
|
||||
struct crypto_skcipher *tfm = &call->conn->rxkad.cipher->base;
|
||||
struct skcipher_request *cipher_req = call->cipher_req;
|
||||
|
||||
if (!cipher_req) {
|
||||
@ -176,15 +259,14 @@ static void rxkad_free_call_crypto(struct rxrpc_call *call)
|
||||
* partially encrypt a packet (level 1 security)
|
||||
*/
|
||||
static int rxkad_secure_packet_auth(const struct rxrpc_call *call,
|
||||
struct sk_buff *skb,
|
||||
u32 data_size,
|
||||
void *sechdr,
|
||||
struct sk_buff *skb, u32 data_size,
|
||||
struct skcipher_request *req)
|
||||
{
|
||||
struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
|
||||
struct rxkad_level1_hdr hdr;
|
||||
struct rxrpc_crypt iv;
|
||||
struct scatterlist sg;
|
||||
size_t pad;
|
||||
u16 check;
|
||||
|
||||
_enter("");
|
||||
@ -193,13 +275,19 @@ static int rxkad_secure_packet_auth(const struct rxrpc_call *call,
|
||||
data_size |= (u32)check << 16;
|
||||
|
||||
hdr.data_size = htonl(data_size);
|
||||
memcpy(sechdr, &hdr, sizeof(hdr));
|
||||
memcpy(skb->head, &hdr, sizeof(hdr));
|
||||
|
||||
pad = sizeof(struct rxkad_level1_hdr) + data_size;
|
||||
pad = RXKAD_ALIGN - pad;
|
||||
pad &= RXKAD_ALIGN - 1;
|
||||
if (pad)
|
||||
skb_put_zero(skb, pad);
|
||||
|
||||
/* start the encryption afresh */
|
||||
memset(&iv, 0, sizeof(iv));
|
||||
|
||||
sg_init_one(&sg, sechdr, 8);
|
||||
skcipher_request_set_sync_tfm(req, call->conn->cipher);
|
||||
sg_init_one(&sg, skb->head, 8);
|
||||
skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher);
|
||||
skcipher_request_set_callback(req, 0, NULL, NULL);
|
||||
skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x);
|
||||
crypto_skcipher_encrypt(req);
|
||||
@ -215,7 +303,6 @@ static int rxkad_secure_packet_auth(const struct rxrpc_call *call,
|
||||
static int rxkad_secure_packet_encrypt(const struct rxrpc_call *call,
|
||||
struct sk_buff *skb,
|
||||
u32 data_size,
|
||||
void *sechdr,
|
||||
struct skcipher_request *req)
|
||||
{
|
||||
const struct rxrpc_key_token *token;
|
||||
@ -224,6 +311,7 @@ static int rxkad_secure_packet_encrypt(const struct rxrpc_call *call,
|
||||
struct rxrpc_crypt iv;
|
||||
struct scatterlist sg[16];
|
||||
unsigned int len;
|
||||
size_t pad;
|
||||
u16 check;
|
||||
int err;
|
||||
|
||||
@ -235,14 +323,20 @@ static int rxkad_secure_packet_encrypt(const struct rxrpc_call *call,
|
||||
|
||||
rxkhdr.data_size = htonl(data_size | (u32)check << 16);
|
||||
rxkhdr.checksum = 0;
|
||||
memcpy(sechdr, &rxkhdr, sizeof(rxkhdr));
|
||||
memcpy(skb->head, &rxkhdr, sizeof(rxkhdr));
|
||||
|
||||
pad = sizeof(struct rxkad_level2_hdr) + data_size;
|
||||
pad = RXKAD_ALIGN - pad;
|
||||
pad &= RXKAD_ALIGN - 1;
|
||||
if (pad)
|
||||
skb_put_zero(skb, pad);
|
||||
|
||||
/* encrypt from the session key */
|
||||
token = call->conn->params.key->payload.data[0];
|
||||
memcpy(&iv, token->kad->session_key, sizeof(iv));
|
||||
|
||||
sg_init_one(&sg[0], sechdr, sizeof(rxkhdr));
|
||||
skcipher_request_set_sync_tfm(req, call->conn->cipher);
|
||||
sg_init_one(&sg[0], skb->head, sizeof(rxkhdr));
|
||||
skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher);
|
||||
skcipher_request_set_callback(req, 0, NULL, NULL);
|
||||
skcipher_request_set_crypt(req, &sg[0], &sg[0], sizeof(rxkhdr), iv.x);
|
||||
crypto_skcipher_encrypt(req);
|
||||
@ -252,11 +346,10 @@ static int rxkad_secure_packet_encrypt(const struct rxrpc_call *call,
|
||||
if (skb_shinfo(skb)->nr_frags > 16)
|
||||
goto out;
|
||||
|
||||
len = data_size + call->conn->size_align - 1;
|
||||
len &= ~(call->conn->size_align - 1);
|
||||
len = round_up(data_size, RXKAD_ALIGN);
|
||||
|
||||
sg_init_table(sg, ARRAY_SIZE(sg));
|
||||
err = skb_to_sgvec(skb, sg, 0, len);
|
||||
err = skb_to_sgvec(skb, sg, 8, len);
|
||||
if (unlikely(err < 0))
|
||||
goto out;
|
||||
skcipher_request_set_crypt(req, sg, sg, len, iv.x);
|
||||
@ -275,8 +368,7 @@ out:
|
||||
*/
|
||||
static int rxkad_secure_packet(struct rxrpc_call *call,
|
||||
struct sk_buff *skb,
|
||||
size_t data_size,
|
||||
void *sechdr)
|
||||
size_t data_size)
|
||||
{
|
||||
struct rxrpc_skb_priv *sp;
|
||||
struct skcipher_request *req;
|
||||
@ -291,7 +383,7 @@ static int rxkad_secure_packet(struct rxrpc_call *call,
|
||||
call->debug_id, key_serial(call->conn->params.key),
|
||||
sp->hdr.seq, data_size);
|
||||
|
||||
if (!call->conn->cipher)
|
||||
if (!call->conn->rxkad.cipher)
|
||||
return 0;
|
||||
|
||||
ret = key_validate(call->conn->params.key);
|
||||
@ -303,7 +395,7 @@ static int rxkad_secure_packet(struct rxrpc_call *call,
|
||||
return -ENOMEM;
|
||||
|
||||
/* continue encrypting from where we left off */
|
||||
memcpy(&iv, call->conn->csum_iv.x, sizeof(iv));
|
||||
memcpy(&iv, call->conn->rxkad.csum_iv.x, sizeof(iv));
|
||||
|
||||
/* calculate the security checksum */
|
||||
x = (call->cid & RXRPC_CHANNELMASK) << (32 - RXRPC_CIDSHIFT);
|
||||
@ -312,7 +404,7 @@ static int rxkad_secure_packet(struct rxrpc_call *call,
|
||||
call->crypto_buf[1] = htonl(x);
|
||||
|
||||
sg_init_one(&sg, call->crypto_buf, 8);
|
||||
skcipher_request_set_sync_tfm(req, call->conn->cipher);
|
||||
skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher);
|
||||
skcipher_request_set_callback(req, 0, NULL, NULL);
|
||||
skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x);
|
||||
crypto_skcipher_encrypt(req);
|
||||
@ -329,12 +421,10 @@ static int rxkad_secure_packet(struct rxrpc_call *call,
|
||||
ret = 0;
|
||||
break;
|
||||
case RXRPC_SECURITY_AUTH:
|
||||
ret = rxkad_secure_packet_auth(call, skb, data_size, sechdr,
|
||||
req);
|
||||
ret = rxkad_secure_packet_auth(call, skb, data_size, req);
|
||||
break;
|
||||
case RXRPC_SECURITY_ENCRYPT:
|
||||
ret = rxkad_secure_packet_encrypt(call, skb, data_size,
|
||||
sechdr, req);
|
||||
ret = rxkad_secure_packet_encrypt(call, skb, data_size, req);
|
||||
break;
|
||||
default:
|
||||
ret = -EPERM;
|
||||
@ -380,7 +470,7 @@ static int rxkad_verify_packet_1(struct rxrpc_call *call, struct sk_buff *skb,
|
||||
/* start the decryption afresh */
|
||||
memset(&iv, 0, sizeof(iv));
|
||||
|
||||
skcipher_request_set_sync_tfm(req, call->conn->cipher);
|
||||
skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher);
|
||||
skcipher_request_set_callback(req, 0, NULL, NULL);
|
||||
skcipher_request_set_crypt(req, sg, sg, 8, iv.x);
|
||||
crypto_skcipher_decrypt(req);
|
||||
@ -472,7 +562,7 @@ static int rxkad_verify_packet_2(struct rxrpc_call *call, struct sk_buff *skb,
|
||||
token = call->conn->params.key->payload.data[0];
|
||||
memcpy(&iv, token->kad->session_key, sizeof(iv));
|
||||
|
||||
skcipher_request_set_sync_tfm(req, call->conn->cipher);
|
||||
skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher);
|
||||
skcipher_request_set_callback(req, 0, NULL, NULL);
|
||||
skcipher_request_set_crypt(req, sg, sg, len, iv.x);
|
||||
crypto_skcipher_decrypt(req);
|
||||
@ -538,7 +628,7 @@ static int rxkad_verify_packet(struct rxrpc_call *call, struct sk_buff *skb,
|
||||
_enter("{%d{%x}},{#%u}",
|
||||
call->debug_id, key_serial(call->conn->params.key), seq);
|
||||
|
||||
if (!call->conn->cipher)
|
||||
if (!call->conn->rxkad.cipher)
|
||||
return 0;
|
||||
|
||||
req = rxkad_get_call_crypto(call);
|
||||
@ -546,7 +636,7 @@ static int rxkad_verify_packet(struct rxrpc_call *call, struct sk_buff *skb,
|
||||
return -ENOMEM;
|
||||
|
||||
/* continue encrypting from where we left off */
|
||||
memcpy(&iv, call->conn->csum_iv.x, sizeof(iv));
|
||||
memcpy(&iv, call->conn->rxkad.csum_iv.x, sizeof(iv));
|
||||
|
||||
/* validate the security checksum */
|
||||
x = (call->cid & RXRPC_CHANNELMASK) << (32 - RXRPC_CIDSHIFT);
|
||||
@ -555,7 +645,7 @@ static int rxkad_verify_packet(struct rxrpc_call *call, struct sk_buff *skb,
|
||||
call->crypto_buf[1] = htonl(x);
|
||||
|
||||
sg_init_one(&sg, call->crypto_buf, 8);
|
||||
skcipher_request_set_sync_tfm(req, call->conn->cipher);
|
||||
skcipher_request_set_sync_tfm(req, call->conn->rxkad.cipher);
|
||||
skcipher_request_set_callback(req, 0, NULL, NULL);
|
||||
skcipher_request_set_crypt(req, &sg, &sg, 8, iv.x);
|
||||
crypto_skcipher_encrypt(req);
|
||||
@ -648,16 +738,12 @@ static int rxkad_issue_challenge(struct rxrpc_connection *conn)
|
||||
u32 serial;
|
||||
int ret;
|
||||
|
||||
_enter("{%d,%x}", conn->debug_id, key_serial(conn->server_key));
|
||||
_enter("{%d}", conn->debug_id);
|
||||
|
||||
ret = key_validate(conn->server_key);
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
|
||||
get_random_bytes(&conn->security_nonce, sizeof(conn->security_nonce));
|
||||
get_random_bytes(&conn->rxkad.nonce, sizeof(conn->rxkad.nonce));
|
||||
|
||||
challenge.version = htonl(2);
|
||||
challenge.nonce = htonl(conn->security_nonce);
|
||||
challenge.nonce = htonl(conn->rxkad.nonce);
|
||||
challenge.min_level = htonl(0);
|
||||
challenge.__padding = 0;
|
||||
|
||||
@ -785,7 +871,7 @@ static int rxkad_encrypt_response(struct rxrpc_connection *conn,
|
||||
struct rxrpc_crypt iv;
|
||||
struct scatterlist sg[1];
|
||||
|
||||
req = skcipher_request_alloc(&conn->cipher->base, GFP_NOFS);
|
||||
req = skcipher_request_alloc(&conn->rxkad.cipher->base, GFP_NOFS);
|
||||
if (!req)
|
||||
return -ENOMEM;
|
||||
|
||||
@ -794,7 +880,7 @@ static int rxkad_encrypt_response(struct rxrpc_connection *conn,
|
||||
|
||||
sg_init_table(sg, 1);
|
||||
sg_set_buf(sg, &resp->encrypted, sizeof(resp->encrypted));
|
||||
skcipher_request_set_sync_tfm(req, conn->cipher);
|
||||
skcipher_request_set_sync_tfm(req, conn->rxkad.cipher);
|
||||
skcipher_request_set_callback(req, 0, NULL, NULL);
|
||||
skcipher_request_set_crypt(req, sg, sg, sizeof(resp->encrypted), iv.x);
|
||||
crypto_skcipher_encrypt(req);
|
||||
@ -892,6 +978,7 @@ other_error:
|
||||
* decrypt the kerberos IV ticket in the response
|
||||
*/
|
||||
static int rxkad_decrypt_ticket(struct rxrpc_connection *conn,
|
||||
struct key *server_key,
|
||||
struct sk_buff *skb,
|
||||
void *ticket, size_t ticket_len,
|
||||
struct rxrpc_crypt *_session_key,
|
||||
@ -911,30 +998,17 @@ static int rxkad_decrypt_ticket(struct rxrpc_connection *conn,
|
||||
u32 abort_code;
|
||||
u8 *p, *q, *name, *end;
|
||||
|
||||
_enter("{%d},{%x}", conn->debug_id, key_serial(conn->server_key));
|
||||
_enter("{%d},{%x}", conn->debug_id, key_serial(server_key));
|
||||
|
||||
*_expiry = 0;
|
||||
|
||||
ret = key_validate(conn->server_key);
|
||||
if (ret < 0) {
|
||||
switch (ret) {
|
||||
case -EKEYEXPIRED:
|
||||
abort_code = RXKADEXPIRED;
|
||||
goto other_error;
|
||||
default:
|
||||
abort_code = RXKADNOAUTH;
|
||||
goto other_error;
|
||||
}
|
||||
}
|
||||
|
||||
ASSERT(conn->server_key->payload.data[0] != NULL);
|
||||
ASSERT(server_key->payload.data[0] != NULL);
|
||||
ASSERTCMP((unsigned long) ticket & 7UL, ==, 0);
|
||||
|
||||
memcpy(&iv, &conn->server_key->payload.data[2], sizeof(iv));
|
||||
memcpy(&iv, &server_key->payload.data[2], sizeof(iv));
|
||||
|
||||
ret = -ENOMEM;
|
||||
req = skcipher_request_alloc(conn->server_key->payload.data[0],
|
||||
GFP_NOFS);
|
||||
req = skcipher_request_alloc(server_key->payload.data[0], GFP_NOFS);
|
||||
if (!req)
|
||||
goto temporary_error;
|
||||
|
||||
@ -1090,6 +1164,7 @@ static int rxkad_verify_response(struct rxrpc_connection *conn,
|
||||
struct rxkad_response *response;
|
||||
struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
|
||||
struct rxrpc_crypt session_key;
|
||||
struct key *server_key;
|
||||
const char *eproto;
|
||||
time64_t expiry;
|
||||
void *ticket;
|
||||
@ -1097,7 +1172,27 @@ static int rxkad_verify_response(struct rxrpc_connection *conn,
|
||||
__be32 csum;
|
||||
int ret, i;
|
||||
|
||||
_enter("{%d,%x}", conn->debug_id, key_serial(conn->server_key));
|
||||
_enter("{%d}", conn->debug_id);
|
||||
|
||||
server_key = rxrpc_look_up_server_security(conn, skb, 0, 0);
|
||||
if (IS_ERR(server_key)) {
|
||||
switch (PTR_ERR(server_key)) {
|
||||
case -ENOKEY:
|
||||
abort_code = RXKADUNKNOWNKEY;
|
||||
break;
|
||||
case -EKEYEXPIRED:
|
||||
abort_code = RXKADEXPIRED;
|
||||
break;
|
||||
default:
|
||||
abort_code = RXKADNOAUTH;
|
||||
break;
|
||||
}
|
||||
trace_rxrpc_abort(0, "SVK",
|
||||
sp->hdr.cid, sp->hdr.callNumber, sp->hdr.seq,
|
||||
abort_code, PTR_ERR(server_key));
|
||||
*_abort_code = abort_code;
|
||||
return -EPROTO;
|
||||
}
|
||||
|
||||
ret = -ENOMEM;
|
||||
response = kzalloc(sizeof(struct rxkad_response), GFP_NOFS);
|
||||
@ -1109,8 +1204,6 @@ static int rxkad_verify_response(struct rxrpc_connection *conn,
|
||||
if (skb_copy_bits(skb, sizeof(struct rxrpc_wire_header),
|
||||
response, sizeof(*response)) < 0)
|
||||
goto protocol_error;
|
||||
if (!pskb_pull(skb, sizeof(*response)))
|
||||
BUG();
|
||||
|
||||
version = ntohl(response->version);
|
||||
ticket_len = ntohl(response->ticket_len);
|
||||
@ -1141,12 +1234,12 @@ static int rxkad_verify_response(struct rxrpc_connection *conn,
|
||||
|
||||
eproto = tracepoint_string("rxkad_tkt_short");
|
||||
abort_code = RXKADPACKETSHORT;
|
||||
if (skb_copy_bits(skb, sizeof(struct rxrpc_wire_header),
|
||||
if (skb_copy_bits(skb, sizeof(struct rxrpc_wire_header) + sizeof(*response),
|
||||
ticket, ticket_len) < 0)
|
||||
goto protocol_error_free;
|
||||
|
||||
ret = rxkad_decrypt_ticket(conn, skb, ticket, ticket_len, &session_key,
|
||||
&expiry, _abort_code);
|
||||
ret = rxkad_decrypt_ticket(conn, server_key, skb, ticket, ticket_len,
|
||||
&session_key, &expiry, _abort_code);
|
||||
if (ret < 0)
|
||||
goto temporary_error_free_ticket;
|
||||
|
||||
@ -1196,7 +1289,7 @@ static int rxkad_verify_response(struct rxrpc_connection *conn,
|
||||
|
||||
eproto = tracepoint_string("rxkad_rsp_seq");
|
||||
abort_code = RXKADOUTOFSEQUENCE;
|
||||
if (ntohl(response->encrypted.inc_nonce) != conn->security_nonce + 1)
|
||||
if (ntohl(response->encrypted.inc_nonce) != conn->rxkad.nonce + 1)
|
||||
goto protocol_error_free;
|
||||
|
||||
eproto = tracepoint_string("rxkad_rsp_level");
|
||||
@ -1225,6 +1318,7 @@ protocol_error_free:
|
||||
protocol_error:
|
||||
kfree(response);
|
||||
trace_rxrpc_rx_eproto(NULL, sp->hdr.serial, eproto);
|
||||
key_put(server_key);
|
||||
*_abort_code = abort_code;
|
||||
return -EPROTO;
|
||||
|
||||
@ -1237,6 +1331,7 @@ temporary_error:
|
||||
* ENOMEM. We just want to send the challenge again. Note that we
|
||||
* also come out this way if the ticket decryption fails.
|
||||
*/
|
||||
key_put(server_key);
|
||||
return ret;
|
||||
}
|
||||
|
||||
@ -1247,8 +1342,8 @@ static void rxkad_clear(struct rxrpc_connection *conn)
|
||||
{
|
||||
_enter("");
|
||||
|
||||
if (conn->cipher)
|
||||
crypto_free_sync_skcipher(conn->cipher);
|
||||
if (conn->rxkad.cipher)
|
||||
crypto_free_sync_skcipher(conn->rxkad.cipher);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -1296,8 +1391,11 @@ const struct rxrpc_security rxkad = {
|
||||
.no_key_abort = RXKADUNKNOWNKEY,
|
||||
.init = rxkad_init,
|
||||
.exit = rxkad_exit,
|
||||
.preparse_server_key = rxkad_preparse_server_key,
|
||||
.free_preparse_server_key = rxkad_free_preparse_server_key,
|
||||
.destroy_server_key = rxkad_destroy_server_key,
|
||||
.init_connection_security = rxkad_init_connection_security,
|
||||
.prime_packet_security = rxkad_prime_packet_security,
|
||||
.how_much_data = rxkad_how_much_data,
|
||||
.secure_packet = rxkad_secure_packet,
|
||||
.verify_packet = rxkad_verify_packet,
|
||||
.free_call_crypto = rxkad_free_call_crypto,
|
||||
|
@ -55,7 +55,7 @@ void rxrpc_exit_security(void)
|
||||
/*
|
||||
* look up an rxrpc security module
|
||||
*/
|
||||
static const struct rxrpc_security *rxrpc_security_lookup(u8 security_index)
|
||||
const struct rxrpc_security *rxrpc_security_lookup(u8 security_index)
|
||||
{
|
||||
if (security_index >= ARRAY_SIZE(rxrpc_security_types))
|
||||
return NULL;
|
||||
@ -81,16 +81,17 @@ int rxrpc_init_client_conn_security(struct rxrpc_connection *conn)
|
||||
if (ret < 0)
|
||||
return ret;
|
||||
|
||||
token = key->payload.data[0];
|
||||
if (!token)
|
||||
return -EKEYREJECTED;
|
||||
for (token = key->payload.data[0]; token; token = token->next) {
|
||||
sec = rxrpc_security_lookup(token->security_index);
|
||||
if (sec)
|
||||
goto found;
|
||||
}
|
||||
return -EKEYREJECTED;
|
||||
|
||||
sec = rxrpc_security_lookup(token->security_index);
|
||||
if (!sec)
|
||||
return -EKEYREJECTED;
|
||||
found:
|
||||
conn->security = sec;
|
||||
|
||||
ret = conn->security->init_connection_security(conn);
|
||||
ret = conn->security->init_connection_security(conn, token);
|
||||
if (ret < 0) {
|
||||
conn->security = &rxrpc_no_security;
|
||||
return ret;
|
||||
@ -101,22 +102,16 @@ int rxrpc_init_client_conn_security(struct rxrpc_connection *conn)
|
||||
}
|
||||
|
||||
/*
|
||||
* Find the security key for a server connection.
|
||||
* Set the ops a server connection.
|
||||
*/
|
||||
bool rxrpc_look_up_server_security(struct rxrpc_local *local, struct rxrpc_sock *rx,
|
||||
const struct rxrpc_security **_sec,
|
||||
struct key **_key,
|
||||
struct sk_buff *skb)
|
||||
const struct rxrpc_security *rxrpc_get_incoming_security(struct rxrpc_sock *rx,
|
||||
struct sk_buff *skb)
|
||||
{
|
||||
const struct rxrpc_security *sec;
|
||||
struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
|
||||
key_ref_t kref = NULL;
|
||||
char kdesc[5 + 1 + 3 + 1];
|
||||
|
||||
_enter("");
|
||||
|
||||
sprintf(kdesc, "%u:%u", sp->hdr.serviceId, sp->hdr.securityIndex);
|
||||
|
||||
sec = rxrpc_security_lookup(sp->hdr.securityIndex);
|
||||
if (!sec) {
|
||||
trace_rxrpc_abort(0, "SVS",
|
||||
@ -124,35 +119,72 @@ bool rxrpc_look_up_server_security(struct rxrpc_local *local, struct rxrpc_sock
|
||||
RX_INVALID_OPERATION, EKEYREJECTED);
|
||||
skb->mark = RXRPC_SKB_MARK_REJECT_ABORT;
|
||||
skb->priority = RX_INVALID_OPERATION;
|
||||
return false;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
if (sp->hdr.securityIndex == RXRPC_SECURITY_NONE)
|
||||
goto out;
|
||||
|
||||
if (!rx->securities) {
|
||||
if (sp->hdr.securityIndex != RXRPC_SECURITY_NONE &&
|
||||
!rx->securities) {
|
||||
trace_rxrpc_abort(0, "SVR",
|
||||
sp->hdr.cid, sp->hdr.callNumber, sp->hdr.seq,
|
||||
RX_INVALID_OPERATION, EKEYREJECTED);
|
||||
skb->mark = RXRPC_SKB_MARK_REJECT_ABORT;
|
||||
skb->priority = RX_INVALID_OPERATION;
|
||||
return false;
|
||||
skb->priority = sec->no_key_abort;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
return sec;
|
||||
}
|
||||
|
||||
/*
|
||||
* Find the security key for a server connection.
|
||||
*/
|
||||
struct key *rxrpc_look_up_server_security(struct rxrpc_connection *conn,
|
||||
struct sk_buff *skb,
|
||||
u32 kvno, u32 enctype)
|
||||
{
|
||||
struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
|
||||
struct rxrpc_sock *rx;
|
||||
struct key *key = ERR_PTR(-EKEYREJECTED);
|
||||
key_ref_t kref = NULL;
|
||||
char kdesc[5 + 1 + 3 + 1 + 12 + 1 + 12 + 1];
|
||||
int ret;
|
||||
|
||||
_enter("");
|
||||
|
||||
if (enctype)
|
||||
sprintf(kdesc, "%u:%u:%u:%u",
|
||||
sp->hdr.serviceId, sp->hdr.securityIndex, kvno, enctype);
|
||||
else if (kvno)
|
||||
sprintf(kdesc, "%u:%u:%u",
|
||||
sp->hdr.serviceId, sp->hdr.securityIndex, kvno);
|
||||
else
|
||||
sprintf(kdesc, "%u:%u",
|
||||
sp->hdr.serviceId, sp->hdr.securityIndex);
|
||||
|
||||
rcu_read_lock();
|
||||
|
||||
rx = rcu_dereference(conn->params.local->service);
|
||||
if (!rx)
|
||||
goto out;
|
||||
|
||||
/* look through the service's keyring */
|
||||
kref = keyring_search(make_key_ref(rx->securities, 1UL),
|
||||
&key_type_rxrpc_s, kdesc, true);
|
||||
if (IS_ERR(kref)) {
|
||||
trace_rxrpc_abort(0, "SVK",
|
||||
sp->hdr.cid, sp->hdr.callNumber, sp->hdr.seq,
|
||||
sec->no_key_abort, EKEYREJECTED);
|
||||
skb->mark = RXRPC_SKB_MARK_REJECT_ABORT;
|
||||
skb->priority = sec->no_key_abort;
|
||||
return false;
|
||||
key = ERR_CAST(kref);
|
||||
goto out;
|
||||
}
|
||||
|
||||
key = key_ref_to_ptr(kref);
|
||||
|
||||
ret = key_validate(key);
|
||||
if (ret < 0) {
|
||||
key_put(key);
|
||||
key = ERR_PTR(ret);
|
||||
goto out;
|
||||
}
|
||||
|
||||
out:
|
||||
*_sec = sec;
|
||||
*_key = key_ref_to_ptr(kref);
|
||||
return true;
|
||||
rcu_read_unlock();
|
||||
return key;
|
||||
}
|
||||
|
@ -327,7 +327,7 @@ static int rxrpc_send_data(struct rxrpc_sock *rx,
|
||||
rxrpc_send_ack_packet(call, false, NULL);
|
||||
|
||||
if (!skb) {
|
||||
size_t size, chunk, max, space;
|
||||
size_t remain, bufsize, chunk, offset;
|
||||
|
||||
_debug("alloc");
|
||||
|
||||
@ -342,24 +342,21 @@ static int rxrpc_send_data(struct rxrpc_sock *rx,
|
||||
goto maybe_error;
|
||||
}
|
||||
|
||||
max = RXRPC_JUMBO_DATALEN;
|
||||
max -= call->conn->security_size;
|
||||
max &= ~(call->conn->size_align - 1UL);
|
||||
/* Work out the maximum size of a packet. Assume that
|
||||
* the security header is going to be in the padded
|
||||
* region (enc blocksize), but the trailer is not.
|
||||
*/
|
||||
remain = more ? INT_MAX : msg_data_left(msg);
|
||||
ret = call->conn->security->how_much_data(call, remain,
|
||||
&bufsize, &chunk, &offset);
|
||||
if (ret < 0)
|
||||
goto maybe_error;
|
||||
|
||||
chunk = max;
|
||||
if (chunk > msg_data_left(msg) && !more)
|
||||
chunk = msg_data_left(msg);
|
||||
|
||||
space = chunk + call->conn->size_align;
|
||||
space &= ~(call->conn->size_align - 1UL);
|
||||
|
||||
size = space + call->conn->security_size;
|
||||
|
||||
_debug("SIZE: %zu/%zu/%zu", chunk, space, size);
|
||||
_debug("SIZE: %zu/%zu @%zu", chunk, bufsize, offset);
|
||||
|
||||
/* create a buffer that we can retain until it's ACK'd */
|
||||
skb = sock_alloc_send_skb(
|
||||
sk, size, msg->msg_flags & MSG_DONTWAIT, &ret);
|
||||
sk, bufsize, msg->msg_flags & MSG_DONTWAIT, &ret);
|
||||
if (!skb)
|
||||
goto maybe_error;
|
||||
|
||||
@ -371,9 +368,7 @@ static int rxrpc_send_data(struct rxrpc_sock *rx,
|
||||
|
||||
ASSERTCMP(skb->mark, ==, 0);
|
||||
|
||||
_debug("HS: %u", call->conn->security_size);
|
||||
skb_reserve(skb, call->conn->security_size);
|
||||
skb->len += call->conn->security_size;
|
||||
__skb_put(skb, offset);
|
||||
|
||||
sp->remain = chunk;
|
||||
if (sp->remain > skb_tailroom(skb))
|
||||
@ -422,17 +417,6 @@ static int rxrpc_send_data(struct rxrpc_sock *rx,
|
||||
(msg_data_left(msg) == 0 && !more)) {
|
||||
struct rxrpc_connection *conn = call->conn;
|
||||
uint32_t seq;
|
||||
size_t pad;
|
||||
|
||||
/* pad out if we're using security */
|
||||
if (conn->security_ix) {
|
||||
pad = conn->security_size + skb->mark;
|
||||
pad = conn->size_align - pad;
|
||||
pad &= conn->size_align - 1;
|
||||
_debug("pad %zu", pad);
|
||||
if (pad)
|
||||
skb_put_zero(skb, pad);
|
||||
}
|
||||
|
||||
seq = call->tx_top + 1;
|
||||
|
||||
@ -446,8 +430,7 @@ static int rxrpc_send_data(struct rxrpc_sock *rx,
|
||||
call->tx_winsize)
|
||||
sp->hdr.flags |= RXRPC_MORE_PACKETS;
|
||||
|
||||
ret = call->security->secure_packet(
|
||||
call, skb, skb->mark, skb->head);
|
||||
ret = call->security->secure_packet(call, skb, skb->mark);
|
||||
if (ret < 0)
|
||||
goto out;
|
||||
|
||||
|
143
net/rxrpc/server_key.c
Normal file
143
net/rxrpc/server_key.c
Normal file
@ -0,0 +1,143 @@
|
||||
// SPDX-License-Identifier: GPL-2.0-or-later
|
||||
/* RxRPC key management
|
||||
*
|
||||
* Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
|
||||
* Written by David Howells (dhowells@redhat.com)
|
||||
*
|
||||
* RxRPC keys should have a description of describing their purpose:
|
||||
* "afs@CAMBRIDGE.REDHAT.COM>
|
||||
*/
|
||||
|
||||
#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
|
||||
|
||||
#include <crypto/skcipher.h>
|
||||
#include <linux/module.h>
|
||||
#include <linux/net.h>
|
||||
#include <linux/skbuff.h>
|
||||
#include <linux/key-type.h>
|
||||
#include <linux/ctype.h>
|
||||
#include <linux/slab.h>
|
||||
#include <net/sock.h>
|
||||
#include <net/af_rxrpc.h>
|
||||
#include <keys/rxrpc-type.h>
|
||||
#include <keys/user-type.h>
|
||||
#include "ar-internal.h"
|
||||
|
||||
static int rxrpc_vet_description_s(const char *);
|
||||
static int rxrpc_preparse_s(struct key_preparsed_payload *);
|
||||
static void rxrpc_free_preparse_s(struct key_preparsed_payload *);
|
||||
static void rxrpc_destroy_s(struct key *);
|
||||
static void rxrpc_describe_s(const struct key *, struct seq_file *);
|
||||
|
||||
/*
|
||||
* rxrpc server keys take "<serviceId>:<securityIndex>[:<sec-specific>]" as the
|
||||
* description and the key material as the payload.
|
||||
*/
|
||||
struct key_type key_type_rxrpc_s = {
|
||||
.name = "rxrpc_s",
|
||||
.flags = KEY_TYPE_NET_DOMAIN,
|
||||
.vet_description = rxrpc_vet_description_s,
|
||||
.preparse = rxrpc_preparse_s,
|
||||
.free_preparse = rxrpc_free_preparse_s,
|
||||
.instantiate = generic_key_instantiate,
|
||||
.destroy = rxrpc_destroy_s,
|
||||
.describe = rxrpc_describe_s,
|
||||
};
|
||||
|
||||
/*
|
||||
* Vet the description for an RxRPC server key.
|
||||
*/
|
||||
static int rxrpc_vet_description_s(const char *desc)
|
||||
{
|
||||
unsigned long service, sec_class;
|
||||
char *p;
|
||||
|
||||
service = simple_strtoul(desc, &p, 10);
|
||||
if (*p != ':' || service > 65535)
|
||||
return -EINVAL;
|
||||
sec_class = simple_strtoul(p + 1, &p, 10);
|
||||
if ((*p && *p != ':') || sec_class < 1 || sec_class > 255)
|
||||
return -EINVAL;
|
||||
return 0;
|
||||
}
|
||||
|
||||
/*
|
||||
* Preparse a server secret key.
|
||||
*/
|
||||
static int rxrpc_preparse_s(struct key_preparsed_payload *prep)
|
||||
{
|
||||
const struct rxrpc_security *sec;
|
||||
unsigned int service, sec_class;
|
||||
int n;
|
||||
|
||||
_enter("%zu", prep->datalen);
|
||||
|
||||
if (!prep->orig_description)
|
||||
return -EINVAL;
|
||||
|
||||
if (sscanf(prep->orig_description, "%u:%u%n", &service, &sec_class, &n) != 2)
|
||||
return -EINVAL;
|
||||
|
||||
sec = rxrpc_security_lookup(sec_class);
|
||||
if (!sec)
|
||||
return -ENOPKG;
|
||||
|
||||
prep->payload.data[1] = (struct rxrpc_security *)sec;
|
||||
|
||||
return sec->preparse_server_key(prep);
|
||||
}
|
||||
|
||||
static void rxrpc_free_preparse_s(struct key_preparsed_payload *prep)
|
||||
{
|
||||
const struct rxrpc_security *sec = prep->payload.data[1];
|
||||
|
||||
if (sec)
|
||||
sec->free_preparse_server_key(prep);
|
||||
}
|
||||
|
||||
static void rxrpc_destroy_s(struct key *key)
|
||||
{
|
||||
const struct rxrpc_security *sec = key->payload.data[1];
|
||||
|
||||
if (sec)
|
||||
sec->destroy_server_key(key);
|
||||
}
|
||||
|
||||
static void rxrpc_describe_s(const struct key *key, struct seq_file *m)
|
||||
{
|
||||
const struct rxrpc_security *sec = key->payload.data[1];
|
||||
|
||||
seq_puts(m, key->description);
|
||||
if (sec && sec->describe_server_key)
|
||||
sec->describe_server_key(key, m);
|
||||
}
|
||||
|
||||
/*
|
||||
* grab the security keyring for a server socket
|
||||
*/
|
||||
int rxrpc_server_keyring(struct rxrpc_sock *rx, sockptr_t optval, int optlen)
|
||||
{
|
||||
struct key *key;
|
||||
char *description;
|
||||
|
||||
_enter("");
|
||||
|
||||
if (optlen <= 0 || optlen > PAGE_SIZE - 1)
|
||||
return -EINVAL;
|
||||
|
||||
description = memdup_sockptr_nul(optval, optlen);
|
||||
if (IS_ERR(description))
|
||||
return PTR_ERR(description);
|
||||
|
||||
key = request_key(&key_type_keyring, description, NULL);
|
||||
if (IS_ERR(key)) {
|
||||
kfree(description);
|
||||
_leave(" = %ld", PTR_ERR(key));
|
||||
return PTR_ERR(key);
|
||||
}
|
||||
|
||||
rx->securities = key;
|
||||
kfree(description);
|
||||
_leave(" = 0 [key %x]", key->serial);
|
||||
return 0;
|
||||
}
|
@ -504,6 +504,7 @@ int key_instantiate_and_link(struct key *key,
|
||||
int ret;
|
||||
|
||||
memset(&prep, 0, sizeof(prep));
|
||||
prep.orig_description = key->description;
|
||||
prep.data = data;
|
||||
prep.datalen = datalen;
|
||||
prep.quotalen = key->type->def_datalen;
|
||||
@ -854,6 +855,7 @@ key_ref_t key_create_or_update(key_ref_t keyring_ref,
|
||||
goto error_put_type;
|
||||
|
||||
memset(&prep, 0, sizeof(prep));
|
||||
prep.orig_description = description;
|
||||
prep.data = payload;
|
||||
prep.datalen = plen;
|
||||
prep.quotalen = index_key.type->def_datalen;
|
||||
|
Loading…
Reference in New Issue
Block a user