]>
Commit | Line | Data |
---|---|---|
1d658336 SS |
1 | /* |
2 | * GSS Proxy upcall module | |
3 | * | |
4 | * Copyright (C) 2012 Simo Sorce <simo@redhat.com> | |
5 | * | |
6 | * This program is free software; you can redistribute it and/or modify | |
7 | * it under the terms of the GNU General Public License as published by | |
8 | * the Free Software Foundation; either version 2 of the License, or | |
9 | * (at your option) any later version. | |
10 | * | |
11 | * This program is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
14 | * GNU General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU General Public License | |
17 | * along with this program; if not, write to the Free Software | |
18 | * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. | |
19 | */ | |
20 | ||
21 | #include <linux/sunrpc/svcauth.h> | |
22 | #include "gss_rpc_xdr.h" | |
23 | ||
1d658336 SS |
24 | static int gssx_enc_bool(struct xdr_stream *xdr, int v) |
25 | { | |
26 | __be32 *p; | |
27 | ||
28 | p = xdr_reserve_space(xdr, 4); | |
29 | if (unlikely(p == NULL)) | |
30 | return -ENOSPC; | |
31 | *p = v ? xdr_one : xdr_zero; | |
32 | return 0; | |
33 | } | |
34 | ||
35 | static int gssx_dec_bool(struct xdr_stream *xdr, u32 *v) | |
36 | { | |
37 | __be32 *p; | |
38 | ||
39 | p = xdr_inline_decode(xdr, 4); | |
40 | if (unlikely(p == NULL)) | |
41 | return -ENOSPC; | |
42 | *v = be32_to_cpu(*p); | |
43 | return 0; | |
44 | } | |
45 | ||
46 | static int gssx_enc_buffer(struct xdr_stream *xdr, | |
89daf360 | 47 | const gssx_buffer *buf) |
1d658336 SS |
48 | { |
49 | __be32 *p; | |
50 | ||
51 | p = xdr_reserve_space(xdr, sizeof(u32) + buf->len); | |
52 | if (!p) | |
53 | return -ENOSPC; | |
54 | xdr_encode_opaque(p, buf->data, buf->len); | |
55 | return 0; | |
56 | } | |
57 | ||
58 | static int gssx_enc_in_token(struct xdr_stream *xdr, | |
89daf360 | 59 | const struct gssp_in_token *in) |
1d658336 SS |
60 | { |
61 | __be32 *p; | |
62 | ||
63 | p = xdr_reserve_space(xdr, 4); | |
64 | if (!p) | |
65 | return -ENOSPC; | |
66 | *p = cpu_to_be32(in->page_len); | |
67 | ||
68 | /* all we need to do is to write pages */ | |
69 | xdr_write_pages(xdr, in->pages, in->page_base, in->page_len); | |
70 | ||
71 | return 0; | |
72 | } | |
73 | ||
74 | ||
75 | static int gssx_dec_buffer(struct xdr_stream *xdr, | |
76 | gssx_buffer *buf) | |
77 | { | |
78 | u32 length; | |
79 | __be32 *p; | |
80 | ||
81 | p = xdr_inline_decode(xdr, 4); | |
82 | if (unlikely(p == NULL)) | |
83 | return -ENOSPC; | |
84 | ||
85 | length = be32_to_cpup(p); | |
86 | p = xdr_inline_decode(xdr, length); | |
87 | if (unlikely(p == NULL)) | |
88 | return -ENOSPC; | |
89 | ||
90 | if (buf->len == 0) { | |
91 | /* we intentionally are not interested in this buffer */ | |
92 | return 0; | |
93 | } | |
94 | if (length > buf->len) | |
95 | return -ENOSPC; | |
96 | ||
97 | if (!buf->data) { | |
98 | buf->data = kmemdup(p, length, GFP_KERNEL); | |
99 | if (!buf->data) | |
100 | return -ENOMEM; | |
101 | } else { | |
102 | memcpy(buf->data, p, length); | |
103 | } | |
104 | buf->len = length; | |
105 | return 0; | |
106 | } | |
107 | ||
108 | static int gssx_enc_option(struct xdr_stream *xdr, | |
109 | struct gssx_option *opt) | |
110 | { | |
111 | int err; | |
112 | ||
113 | err = gssx_enc_buffer(xdr, &opt->option); | |
114 | if (err) | |
115 | return err; | |
116 | err = gssx_enc_buffer(xdr, &opt->value); | |
117 | return err; | |
118 | } | |
119 | ||
120 | static int gssx_dec_option(struct xdr_stream *xdr, | |
121 | struct gssx_option *opt) | |
122 | { | |
123 | int err; | |
124 | ||
125 | err = gssx_dec_buffer(xdr, &opt->option); | |
126 | if (err) | |
127 | return err; | |
128 | err = gssx_dec_buffer(xdr, &opt->value); | |
129 | return err; | |
130 | } | |
131 | ||
132 | static int dummy_enc_opt_array(struct xdr_stream *xdr, | |
89daf360 | 133 | const struct gssx_option_array *oa) |
1d658336 SS |
134 | { |
135 | __be32 *p; | |
136 | ||
137 | if (oa->count != 0) | |
138 | return -EINVAL; | |
139 | ||
140 | p = xdr_reserve_space(xdr, 4); | |
141 | if (!p) | |
142 | return -ENOSPC; | |
143 | *p = 0; | |
144 | ||
145 | return 0; | |
146 | } | |
147 | ||
148 | static int dummy_dec_opt_array(struct xdr_stream *xdr, | |
149 | struct gssx_option_array *oa) | |
150 | { | |
151 | struct gssx_option dummy; | |
152 | u32 count, i; | |
153 | __be32 *p; | |
154 | ||
155 | p = xdr_inline_decode(xdr, 4); | |
156 | if (unlikely(p == NULL)) | |
157 | return -ENOSPC; | |
158 | count = be32_to_cpup(p++); | |
159 | memset(&dummy, 0, sizeof(dummy)); | |
160 | for (i = 0; i < count; i++) { | |
161 | gssx_dec_option(xdr, &dummy); | |
162 | } | |
163 | ||
164 | oa->count = 0; | |
165 | oa->data = NULL; | |
166 | return 0; | |
167 | } | |
168 | ||
6a36978e | 169 | static int get_host_u32(struct xdr_stream *xdr, u32 *res) |
1d658336 | 170 | { |
778e512b BF |
171 | __be32 *p; |
172 | ||
173 | p = xdr_inline_decode(xdr, 4); | |
174 | if (!p) | |
1d658336 | 175 | return -EINVAL; |
6a36978e BF |
176 | /* Contents of linux creds are all host-endian: */ |
177 | memcpy(res, p, sizeof(u32)); | |
1d658336 SS |
178 | return 0; |
179 | } | |
180 | ||
181 | static int gssx_dec_linux_creds(struct xdr_stream *xdr, | |
182 | struct svc_cred *creds) | |
183 | { | |
184 | u32 length; | |
185 | __be32 *p; | |
6a36978e BF |
186 | u32 tmp; |
187 | u32 N; | |
188 | int i, err; | |
1d658336 SS |
189 | |
190 | p = xdr_inline_decode(xdr, 4); | |
191 | if (unlikely(p == NULL)) | |
192 | return -ENOSPC; | |
193 | ||
194 | length = be32_to_cpup(p); | |
195 | ||
778e512b | 196 | if (length > (3 + NGROUPS_MAX) * sizeof(u32)) |
1d658336 SS |
197 | return -ENOSPC; |
198 | ||
1d658336 | 199 | /* uid */ |
6a36978e | 200 | err = get_host_u32(xdr, &tmp); |
1d658336 SS |
201 | if (err) |
202 | return err; | |
d28fcc83 | 203 | creds->cr_uid = make_kuid(&init_user_ns, tmp); |
1d658336 SS |
204 | |
205 | /* gid */ | |
6a36978e | 206 | err = get_host_u32(xdr, &tmp); |
1d658336 SS |
207 | if (err) |
208 | return err; | |
d28fcc83 | 209 | creds->cr_gid = make_kgid(&init_user_ns, tmp); |
1d658336 SS |
210 | |
211 | /* number of additional gid's */ | |
6a36978e | 212 | err = get_host_u32(xdr, &tmp); |
1d658336 SS |
213 | if (err) |
214 | return err; | |
215 | N = tmp; | |
778e512b BF |
216 | if ((3 + N) * sizeof(u32) != length) |
217 | return -EINVAL; | |
1d658336 SS |
218 | creds->cr_group_info = groups_alloc(N); |
219 | if (creds->cr_group_info == NULL) | |
220 | return -ENOMEM; | |
221 | ||
222 | /* gid's */ | |
223 | for (i = 0; i < N; i++) { | |
d28fcc83 | 224 | kgid_t kgid; |
6a36978e | 225 | err = get_host_u32(xdr, &tmp); |
d28fcc83 BF |
226 | if (err) |
227 | goto out_free_groups; | |
228 | err = -EINVAL; | |
229 | kgid = make_kgid(&init_user_ns, tmp); | |
230 | if (!gid_valid(kgid)) | |
231 | goto out_free_groups; | |
81243eac | 232 | creds->cr_group_info->gid[i] = kgid; |
1d658336 | 233 | } |
bdcf0a42 | 234 | groups_sort(creds->cr_group_info); |
1d658336 SS |
235 | |
236 | return 0; | |
d28fcc83 BF |
237 | out_free_groups: |
238 | groups_free(creds->cr_group_info); | |
239 | return err; | |
1d658336 SS |
240 | } |
241 | ||
242 | static int gssx_dec_option_array(struct xdr_stream *xdr, | |
243 | struct gssx_option_array *oa) | |
244 | { | |
245 | struct svc_cred *creds; | |
246 | u32 count, i; | |
247 | __be32 *p; | |
248 | int err; | |
249 | ||
250 | p = xdr_inline_decode(xdr, 4); | |
251 | if (unlikely(p == NULL)) | |
252 | return -ENOSPC; | |
253 | count = be32_to_cpup(p++); | |
9fd40c5a GU |
254 | if (!count) |
255 | return 0; | |
1d658336 | 256 | |
9fd40c5a GU |
257 | /* we recognize only 1 currently: CREDS_VALUE */ |
258 | oa->count = 1; | |
1d658336 | 259 | |
9fd40c5a GU |
260 | oa->data = kmalloc(sizeof(struct gssx_option), GFP_KERNEL); |
261 | if (!oa->data) | |
262 | return -ENOMEM; | |
1d658336 | 263 | |
034dd34f | 264 | creds = kzalloc(sizeof(struct svc_cred), GFP_KERNEL); |
9fd40c5a GU |
265 | if (!creds) { |
266 | kfree(oa->data); | |
267 | return -ENOMEM; | |
1d658336 | 268 | } |
9fd40c5a GU |
269 | |
270 | oa->data[0].option.data = CREDS_VALUE; | |
271 | oa->data[0].option.len = sizeof(CREDS_VALUE); | |
272 | oa->data[0].value.data = (void *)creds; | |
273 | oa->data[0].value.len = 0; | |
274 | ||
1d658336 SS |
275 | for (i = 0; i < count; i++) { |
276 | gssx_buffer dummy = { 0, NULL }; | |
277 | u32 length; | |
278 | ||
279 | /* option buffer */ | |
280 | p = xdr_inline_decode(xdr, 4); | |
281 | if (unlikely(p == NULL)) | |
282 | return -ENOSPC; | |
283 | ||
284 | length = be32_to_cpup(p); | |
285 | p = xdr_inline_decode(xdr, length); | |
286 | if (unlikely(p == NULL)) | |
287 | return -ENOSPC; | |
288 | ||
289 | if (length == sizeof(CREDS_VALUE) && | |
290 | memcmp(p, CREDS_VALUE, sizeof(CREDS_VALUE)) == 0) { | |
291 | /* We have creds here. parse them */ | |
292 | err = gssx_dec_linux_creds(xdr, creds); | |
293 | if (err) | |
294 | return err; | |
295 | oa->data[0].value.len = 1; /* presence */ | |
296 | } else { | |
297 | /* consume uninteresting buffer */ | |
298 | err = gssx_dec_buffer(xdr, &dummy); | |
299 | if (err) | |
300 | return err; | |
301 | } | |
302 | } | |
303 | return 0; | |
304 | } | |
305 | ||
306 | static int gssx_dec_status(struct xdr_stream *xdr, | |
307 | struct gssx_status *status) | |
308 | { | |
309 | __be32 *p; | |
310 | int err; | |
311 | ||
312 | /* status->major_status */ | |
313 | p = xdr_inline_decode(xdr, 8); | |
314 | if (unlikely(p == NULL)) | |
315 | return -ENOSPC; | |
316 | p = xdr_decode_hyper(p, &status->major_status); | |
317 | ||
318 | /* status->mech */ | |
319 | err = gssx_dec_buffer(xdr, &status->mech); | |
320 | if (err) | |
321 | return err; | |
322 | ||
323 | /* status->minor_status */ | |
324 | p = xdr_inline_decode(xdr, 8); | |
325 | if (unlikely(p == NULL)) | |
326 | return -ENOSPC; | |
327 | p = xdr_decode_hyper(p, &status->minor_status); | |
328 | ||
329 | /* status->major_status_string */ | |
330 | err = gssx_dec_buffer(xdr, &status->major_status_string); | |
331 | if (err) | |
332 | return err; | |
333 | ||
334 | /* status->minor_status_string */ | |
335 | err = gssx_dec_buffer(xdr, &status->minor_status_string); | |
336 | if (err) | |
337 | return err; | |
338 | ||
339 | /* status->server_ctx */ | |
340 | err = gssx_dec_buffer(xdr, &status->server_ctx); | |
341 | if (err) | |
342 | return err; | |
343 | ||
344 | /* we assume we have no options for now, so simply consume them */ | |
345 | /* status->options */ | |
346 | err = dummy_dec_opt_array(xdr, &status->options); | |
347 | ||
348 | return err; | |
349 | } | |
350 | ||
351 | static int gssx_enc_call_ctx(struct xdr_stream *xdr, | |
89daf360 | 352 | const struct gssx_call_ctx *ctx) |
1d658336 SS |
353 | { |
354 | struct gssx_option opt; | |
355 | __be32 *p; | |
356 | int err; | |
357 | ||
358 | /* ctx->locale */ | |
359 | err = gssx_enc_buffer(xdr, &ctx->locale); | |
360 | if (err) | |
361 | return err; | |
362 | ||
363 | /* ctx->server_ctx */ | |
364 | err = gssx_enc_buffer(xdr, &ctx->server_ctx); | |
365 | if (err) | |
366 | return err; | |
367 | ||
368 | /* we always want to ask for lucid contexts */ | |
369 | /* ctx->options */ | |
370 | p = xdr_reserve_space(xdr, 4); | |
371 | *p = cpu_to_be32(2); | |
372 | ||
373 | /* we want a lucid_v1 context */ | |
374 | opt.option.data = LUCID_OPTION; | |
375 | opt.option.len = sizeof(LUCID_OPTION); | |
376 | opt.value.data = LUCID_VALUE; | |
377 | opt.value.len = sizeof(LUCID_VALUE); | |
378 | err = gssx_enc_option(xdr, &opt); | |
379 | ||
380 | /* ..and user creds */ | |
381 | opt.option.data = CREDS_OPTION; | |
382 | opt.option.len = sizeof(CREDS_OPTION); | |
383 | opt.value.data = CREDS_VALUE; | |
384 | opt.value.len = sizeof(CREDS_VALUE); | |
385 | err = gssx_enc_option(xdr, &opt); | |
386 | ||
387 | return err; | |
388 | } | |
389 | ||
390 | static int gssx_dec_name_attr(struct xdr_stream *xdr, | |
391 | struct gssx_name_attr *attr) | |
392 | { | |
393 | int err; | |
394 | ||
395 | /* attr->attr */ | |
396 | err = gssx_dec_buffer(xdr, &attr->attr); | |
397 | if (err) | |
398 | return err; | |
399 | ||
400 | /* attr->value */ | |
401 | err = gssx_dec_buffer(xdr, &attr->value); | |
402 | if (err) | |
403 | return err; | |
404 | ||
405 | /* attr->extensions */ | |
406 | err = dummy_dec_opt_array(xdr, &attr->extensions); | |
407 | ||
408 | return err; | |
409 | } | |
410 | ||
411 | static int dummy_enc_nameattr_array(struct xdr_stream *xdr, | |
412 | struct gssx_name_attr_array *naa) | |
413 | { | |
414 | __be32 *p; | |
415 | ||
416 | if (naa->count != 0) | |
417 | return -EINVAL; | |
418 | ||
419 | p = xdr_reserve_space(xdr, 4); | |
420 | if (!p) | |
421 | return -ENOSPC; | |
422 | *p = 0; | |
423 | ||
424 | return 0; | |
425 | } | |
426 | ||
427 | static int dummy_dec_nameattr_array(struct xdr_stream *xdr, | |
428 | struct gssx_name_attr_array *naa) | |
429 | { | |
dc43376c | 430 | struct gssx_name_attr dummy = { .attr = {.len = 0} }; |
1d658336 SS |
431 | u32 count, i; |
432 | __be32 *p; | |
433 | ||
434 | p = xdr_inline_decode(xdr, 4); | |
435 | if (unlikely(p == NULL)) | |
436 | return -ENOSPC; | |
437 | count = be32_to_cpup(p++); | |
438 | for (i = 0; i < count; i++) { | |
439 | gssx_dec_name_attr(xdr, &dummy); | |
440 | } | |
441 | ||
442 | naa->count = 0; | |
443 | naa->data = NULL; | |
444 | return 0; | |
445 | } | |
446 | ||
447 | static struct xdr_netobj zero_netobj = {}; | |
448 | ||
449 | static struct gssx_name_attr_array zero_name_attr_array = {}; | |
450 | ||
451 | static struct gssx_option_array zero_option_array = {}; | |
452 | ||
453 | static int gssx_enc_name(struct xdr_stream *xdr, | |
454 | struct gssx_name *name) | |
455 | { | |
456 | int err; | |
457 | ||
458 | /* name->display_name */ | |
459 | err = gssx_enc_buffer(xdr, &name->display_name); | |
460 | if (err) | |
461 | return err; | |
462 | ||
463 | /* name->name_type */ | |
464 | err = gssx_enc_buffer(xdr, &zero_netobj); | |
465 | if (err) | |
466 | return err; | |
467 | ||
468 | /* name->exported_name */ | |
469 | err = gssx_enc_buffer(xdr, &zero_netobj); | |
470 | if (err) | |
471 | return err; | |
472 | ||
473 | /* name->exported_composite_name */ | |
474 | err = gssx_enc_buffer(xdr, &zero_netobj); | |
475 | if (err) | |
476 | return err; | |
477 | ||
478 | /* leave name_attributes empty for now, will add once we have any | |
479 | * to pass up at all */ | |
480 | /* name->name_attributes */ | |
481 | err = dummy_enc_nameattr_array(xdr, &zero_name_attr_array); | |
482 | if (err) | |
483 | return err; | |
484 | ||
485 | /* leave options empty for now, will add once we have any options | |
486 | * to pass up at all */ | |
487 | /* name->extensions */ | |
488 | err = dummy_enc_opt_array(xdr, &zero_option_array); | |
489 | ||
490 | return err; | |
491 | } | |
492 | ||
dc43376c | 493 | |
1d658336 SS |
494 | static int gssx_dec_name(struct xdr_stream *xdr, |
495 | struct gssx_name *name) | |
496 | { | |
dc43376c BF |
497 | struct xdr_netobj dummy_netobj = { .len = 0 }; |
498 | struct gssx_name_attr_array dummy_name_attr_array = { .count = 0 }; | |
499 | struct gssx_option_array dummy_option_array = { .count = 0 }; | |
1d658336 SS |
500 | int err; |
501 | ||
502 | /* name->display_name */ | |
503 | err = gssx_dec_buffer(xdr, &name->display_name); | |
504 | if (err) | |
505 | return err; | |
506 | ||
507 | /* name->name_type */ | |
508 | err = gssx_dec_buffer(xdr, &dummy_netobj); | |
509 | if (err) | |
510 | return err; | |
511 | ||
512 | /* name->exported_name */ | |
513 | err = gssx_dec_buffer(xdr, &dummy_netobj); | |
514 | if (err) | |
515 | return err; | |
516 | ||
517 | /* name->exported_composite_name */ | |
518 | err = gssx_dec_buffer(xdr, &dummy_netobj); | |
519 | if (err) | |
520 | return err; | |
521 | ||
522 | /* we assume we have no attributes for now, so simply consume them */ | |
523 | /* name->name_attributes */ | |
524 | err = dummy_dec_nameattr_array(xdr, &dummy_name_attr_array); | |
525 | if (err) | |
526 | return err; | |
527 | ||
528 | /* we assume we have no options for now, so simply consume them */ | |
529 | /* name->extensions */ | |
530 | err = dummy_dec_opt_array(xdr, &dummy_option_array); | |
531 | ||
532 | return err; | |
533 | } | |
534 | ||
535 | static int dummy_enc_credel_array(struct xdr_stream *xdr, | |
536 | struct gssx_cred_element_array *cea) | |
537 | { | |
538 | __be32 *p; | |
539 | ||
540 | if (cea->count != 0) | |
541 | return -EINVAL; | |
542 | ||
543 | p = xdr_reserve_space(xdr, 4); | |
544 | if (!p) | |
545 | return -ENOSPC; | |
546 | *p = 0; | |
547 | ||
548 | return 0; | |
549 | } | |
550 | ||
551 | static int gssx_enc_cred(struct xdr_stream *xdr, | |
552 | struct gssx_cred *cred) | |
553 | { | |
554 | int err; | |
555 | ||
556 | /* cred->desired_name */ | |
557 | err = gssx_enc_name(xdr, &cred->desired_name); | |
558 | if (err) | |
559 | return err; | |
560 | ||
561 | /* cred->elements */ | |
562 | err = dummy_enc_credel_array(xdr, &cred->elements); | |
b26ec9b1 BF |
563 | if (err) |
564 | return err; | |
1d658336 SS |
565 | |
566 | /* cred->cred_handle_reference */ | |
567 | err = gssx_enc_buffer(xdr, &cred->cred_handle_reference); | |
568 | if (err) | |
569 | return err; | |
570 | ||
571 | /* cred->needs_release */ | |
572 | err = gssx_enc_bool(xdr, cred->needs_release); | |
573 | ||
574 | return err; | |
575 | } | |
576 | ||
577 | static int gssx_enc_ctx(struct xdr_stream *xdr, | |
578 | struct gssx_ctx *ctx) | |
579 | { | |
580 | __be32 *p; | |
581 | int err; | |
582 | ||
583 | /* ctx->exported_context_token */ | |
584 | err = gssx_enc_buffer(xdr, &ctx->exported_context_token); | |
585 | if (err) | |
586 | return err; | |
587 | ||
588 | /* ctx->state */ | |
589 | err = gssx_enc_buffer(xdr, &ctx->state); | |
590 | if (err) | |
591 | return err; | |
592 | ||
593 | /* ctx->need_release */ | |
594 | err = gssx_enc_bool(xdr, ctx->need_release); | |
595 | if (err) | |
596 | return err; | |
597 | ||
598 | /* ctx->mech */ | |
599 | err = gssx_enc_buffer(xdr, &ctx->mech); | |
600 | if (err) | |
601 | return err; | |
602 | ||
603 | /* ctx->src_name */ | |
604 | err = gssx_enc_name(xdr, &ctx->src_name); | |
605 | if (err) | |
606 | return err; | |
607 | ||
608 | /* ctx->targ_name */ | |
609 | err = gssx_enc_name(xdr, &ctx->targ_name); | |
610 | if (err) | |
611 | return err; | |
612 | ||
613 | /* ctx->lifetime */ | |
614 | p = xdr_reserve_space(xdr, 8+8); | |
615 | if (!p) | |
616 | return -ENOSPC; | |
617 | p = xdr_encode_hyper(p, ctx->lifetime); | |
618 | ||
619 | /* ctx->ctx_flags */ | |
620 | p = xdr_encode_hyper(p, ctx->ctx_flags); | |
621 | ||
622 | /* ctx->locally_initiated */ | |
623 | err = gssx_enc_bool(xdr, ctx->locally_initiated); | |
624 | if (err) | |
625 | return err; | |
626 | ||
627 | /* ctx->open */ | |
628 | err = gssx_enc_bool(xdr, ctx->open); | |
629 | if (err) | |
630 | return err; | |
631 | ||
632 | /* leave options empty for now, will add once we have any options | |
633 | * to pass up at all */ | |
634 | /* ctx->options */ | |
635 | err = dummy_enc_opt_array(xdr, &ctx->options); | |
636 | ||
637 | return err; | |
638 | } | |
639 | ||
640 | static int gssx_dec_ctx(struct xdr_stream *xdr, | |
641 | struct gssx_ctx *ctx) | |
642 | { | |
643 | __be32 *p; | |
644 | int err; | |
645 | ||
646 | /* ctx->exported_context_token */ | |
647 | err = gssx_dec_buffer(xdr, &ctx->exported_context_token); | |
648 | if (err) | |
649 | return err; | |
650 | ||
651 | /* ctx->state */ | |
652 | err = gssx_dec_buffer(xdr, &ctx->state); | |
653 | if (err) | |
654 | return err; | |
655 | ||
656 | /* ctx->need_release */ | |
657 | err = gssx_dec_bool(xdr, &ctx->need_release); | |
658 | if (err) | |
659 | return err; | |
660 | ||
661 | /* ctx->mech */ | |
662 | err = gssx_dec_buffer(xdr, &ctx->mech); | |
663 | if (err) | |
664 | return err; | |
665 | ||
666 | /* ctx->src_name */ | |
667 | err = gssx_dec_name(xdr, &ctx->src_name); | |
668 | if (err) | |
669 | return err; | |
670 | ||
671 | /* ctx->targ_name */ | |
672 | err = gssx_dec_name(xdr, &ctx->targ_name); | |
673 | if (err) | |
674 | return err; | |
675 | ||
676 | /* ctx->lifetime */ | |
677 | p = xdr_inline_decode(xdr, 8+8); | |
678 | if (unlikely(p == NULL)) | |
679 | return -ENOSPC; | |
680 | p = xdr_decode_hyper(p, &ctx->lifetime); | |
681 | ||
682 | /* ctx->ctx_flags */ | |
683 | p = xdr_decode_hyper(p, &ctx->ctx_flags); | |
684 | ||
685 | /* ctx->locally_initiated */ | |
686 | err = gssx_dec_bool(xdr, &ctx->locally_initiated); | |
687 | if (err) | |
688 | return err; | |
689 | ||
690 | /* ctx->open */ | |
691 | err = gssx_dec_bool(xdr, &ctx->open); | |
692 | if (err) | |
693 | return err; | |
694 | ||
695 | /* we assume we have no options for now, so simply consume them */ | |
696 | /* ctx->options */ | |
697 | err = dummy_dec_opt_array(xdr, &ctx->options); | |
698 | ||
699 | return err; | |
700 | } | |
701 | ||
702 | static int gssx_enc_cb(struct xdr_stream *xdr, struct gssx_cb *cb) | |
703 | { | |
704 | __be32 *p; | |
705 | int err; | |
706 | ||
707 | /* cb->initiator_addrtype */ | |
708 | p = xdr_reserve_space(xdr, 8); | |
709 | if (!p) | |
710 | return -ENOSPC; | |
711 | p = xdr_encode_hyper(p, cb->initiator_addrtype); | |
712 | ||
713 | /* cb->initiator_address */ | |
714 | err = gssx_enc_buffer(xdr, &cb->initiator_address); | |
715 | if (err) | |
716 | return err; | |
717 | ||
718 | /* cb->acceptor_addrtype */ | |
719 | p = xdr_reserve_space(xdr, 8); | |
720 | if (!p) | |
721 | return -ENOSPC; | |
722 | p = xdr_encode_hyper(p, cb->acceptor_addrtype); | |
723 | ||
724 | /* cb->acceptor_address */ | |
725 | err = gssx_enc_buffer(xdr, &cb->acceptor_address); | |
726 | if (err) | |
727 | return err; | |
728 | ||
729 | /* cb->application_data */ | |
730 | err = gssx_enc_buffer(xdr, &cb->application_data); | |
731 | ||
732 | return err; | |
733 | } | |
734 | ||
735 | void gssx_enc_accept_sec_context(struct rpc_rqst *req, | |
736 | struct xdr_stream *xdr, | |
89daf360 | 737 | const void *data) |
1d658336 | 738 | { |
89daf360 | 739 | const struct gssx_arg_accept_sec_context *arg = data; |
1d658336 SS |
740 | int err; |
741 | ||
742 | err = gssx_enc_call_ctx(xdr, &arg->call_ctx); | |
743 | if (err) | |
744 | goto done; | |
745 | ||
746 | /* arg->context_handle */ | |
b26ec9b1 | 747 | if (arg->context_handle) |
1d658336 | 748 | err = gssx_enc_ctx(xdr, arg->context_handle); |
b26ec9b1 | 749 | else |
1d658336 | 750 | err = gssx_enc_bool(xdr, 0); |
b26ec9b1 BF |
751 | if (err) |
752 | goto done; | |
1d658336 SS |
753 | |
754 | /* arg->cred_handle */ | |
b26ec9b1 | 755 | if (arg->cred_handle) |
1d658336 | 756 | err = gssx_enc_cred(xdr, arg->cred_handle); |
b26ec9b1 | 757 | else |
1d658336 | 758 | err = gssx_enc_bool(xdr, 0); |
b26ec9b1 BF |
759 | if (err) |
760 | goto done; | |
1d658336 SS |
761 | |
762 | /* arg->input_token */ | |
763 | err = gssx_enc_in_token(xdr, &arg->input_token); | |
764 | if (err) | |
765 | goto done; | |
766 | ||
767 | /* arg->input_cb */ | |
b26ec9b1 | 768 | if (arg->input_cb) |
1d658336 | 769 | err = gssx_enc_cb(xdr, arg->input_cb); |
b26ec9b1 | 770 | else |
1d658336 | 771 | err = gssx_enc_bool(xdr, 0); |
b26ec9b1 BF |
772 | if (err) |
773 | goto done; | |
1d658336 SS |
774 | |
775 | err = gssx_enc_bool(xdr, arg->ret_deleg_cred); | |
776 | if (err) | |
777 | goto done; | |
778 | ||
779 | /* leave options empty for now, will add once we have any options | |
780 | * to pass up at all */ | |
781 | /* arg->options */ | |
782 | err = dummy_enc_opt_array(xdr, &arg->options); | |
783 | ||
9dfd87da BF |
784 | xdr_inline_pages(&req->rq_rcv_buf, |
785 | PAGE_SIZE/2 /* pretty arbitrary */, | |
786 | arg->pages, 0 /* page base */, arg->npages * PAGE_SIZE); | |
1d658336 SS |
787 | done: |
788 | if (err) | |
789 | dprintk("RPC: gssx_enc_accept_sec_context: %d\n", err); | |
790 | } | |
791 | ||
792 | int gssx_dec_accept_sec_context(struct rpc_rqst *rqstp, | |
793 | struct xdr_stream *xdr, | |
305c6241 | 794 | void *data) |
1d658336 | 795 | { |
305c6241 | 796 | struct gssx_res_accept_sec_context *res = data; |
fb43f11c | 797 | u32 value_follows; |
1d658336 | 798 | int err; |
9507271d SM |
799 | struct page *scratch; |
800 | ||
801 | scratch = alloc_page(GFP_KERNEL); | |
802 | if (!scratch) | |
803 | return -ENOMEM; | |
804 | xdr_set_scratch_buffer(xdr, page_address(scratch), PAGE_SIZE); | |
1d658336 SS |
805 | |
806 | /* res->status */ | |
807 | err = gssx_dec_status(xdr, &res->status); | |
808 | if (err) | |
9507271d | 809 | goto out_free; |
1d658336 SS |
810 | |
811 | /* res->context_handle */ | |
fb43f11c BF |
812 | err = gssx_dec_bool(xdr, &value_follows); |
813 | if (err) | |
9507271d | 814 | goto out_free; |
fb43f11c | 815 | if (value_follows) { |
1d658336 SS |
816 | err = gssx_dec_ctx(xdr, res->context_handle); |
817 | if (err) | |
9507271d | 818 | goto out_free; |
1d658336 SS |
819 | } else { |
820 | res->context_handle = NULL; | |
821 | } | |
822 | ||
823 | /* res->output_token */ | |
fb43f11c BF |
824 | err = gssx_dec_bool(xdr, &value_follows); |
825 | if (err) | |
9507271d | 826 | goto out_free; |
fb43f11c | 827 | if (value_follows) { |
1d658336 SS |
828 | err = gssx_dec_buffer(xdr, res->output_token); |
829 | if (err) | |
9507271d | 830 | goto out_free; |
1d658336 SS |
831 | } else { |
832 | res->output_token = NULL; | |
833 | } | |
834 | ||
835 | /* res->delegated_cred_handle */ | |
fb43f11c BF |
836 | err = gssx_dec_bool(xdr, &value_follows); |
837 | if (err) | |
9507271d | 838 | goto out_free; |
fb43f11c | 839 | if (value_follows) { |
1d658336 | 840 | /* we do not support upcall servers sending this data. */ |
9507271d SM |
841 | err = -EINVAL; |
842 | goto out_free; | |
1d658336 SS |
843 | } |
844 | ||
845 | /* res->options */ | |
846 | err = gssx_dec_option_array(xdr, &res->options); | |
847 | ||
9507271d SM |
848 | out_free: |
849 | __free_page(scratch); | |
1d658336 SS |
850 | return err; |
851 | } |