Attachment 228611 Details for Bug 315311 – patch 5 -- add upcalls using keyctl for CIFS auth

[patch] patch 5 -- add upcalls using keyctl for CIFS auth

linux-kernel-test.patch (text/plain), 16.34 KB, created by Jeff Layton on 2007-10-16 11:51:39 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Jeff Layton

Created: 2007-10-16 11:51:39 UTC

Size: 16.34 KB

patch

obsolete

>diff --git a/fs/cifs/Makefile b/fs/cifs/Makefile
>index ff6ba8d..0a6d9a5 100644
>--- a/fs/cifs/Makefile
>+++ b/fs/cifs/Makefile
>@@ -3,4 +3,4 @@
> #
> obj-$(CONFIG_CIFS) += cifs.o
> 
>-cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o sess.o export.o cifsacl.o
>+cifs-objs := cifsfs.o cifssmb.o cifs_debug.o connect.o dir.o file.o inode.o link.o misc.o netmisc.o smbdes.o smbencrypt.o transport.o asn1.o md4.o md5.o cifs_unicode.o nterr.o xattr.o cifsencrypt.o fcntl.o readdir.o ioctl.o sess.o export.o cifsacl.o cifsauth.o
>diff --git a/fs/cifs/cifsauth.c b/fs/cifs/cifsauth.c
>new file mode 100644
>index 0000000..6a88921
>--- /dev/null
>+++ b/fs/cifs/cifsauth.c
>@@ -0,0 +1,175 @@
>+/*
>+ *   fs/cifs/cifsauth.c -- auth management for CIFS
>+ *
>+ *   Copyright (c) 2007 Red Hat, Inc.
>+ *   Author(s): Jeff Layton (jlayton@redhat.com)
>+ *
>+ *   This library is free software; you can redistribute it and/or modify
>+ *   it under the terms of the GNU Lesser General Public License as published
>+ *   by the Free Software Foundation; either version 2.1 of the License, or
>+ *   (at your option) any later version.
>+ *
>+ *   This library is distributed in the hope that it will be useful,
>+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
>+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
>+ *   the GNU Lesser General Public License for more details.
>+ *
>+ *   You should have received a copy of the GNU Lesser General Public License
>+ *   along with this library; if not, write to the Free Software
>+ *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
>+ */
>+
>+#include <linux/list.h>
>+#include <linux/string.h>
>+#include <keys/user-type.h>
>+#include "cifsglob.h"
>+#include "cifs_debug.h"
>+
>+/*
>+ * create a new SPNEGO blob key
>+ */
>+static int
>+cifs_spnego_instantiate(struct key *key, const void *data, size_t datalen)
>+{
>+	char *payload;
>+	int ret;
>+
>+	ret = -ENOMEM;
>+	payload = kmalloc(datalen, GFP_KERNEL);
>+	if (!payload)
>+		goto error;
>+
>+	/* attach the data */
>+	memcpy(payload, data, datalen);
>+	rcu_assign_pointer(key->payload.data, payload);
>+	ret = 0;
>+
>+error:
>+	return ret;
>+}
>+
>+static void
>+cifs_spnego_destroy(struct key *key)
>+{
>+	kfree(key->payload.data);
>+}
>+
>+
>+/*
>+ * keytype for CIFS spnego keys
>+ */
>+struct key_type cifs_spnego_key_type = {
>+	.name		= "cifs.spnego",
>+	.instantiate	= cifs_spnego_instantiate,
>+	.match		= user_match,
>+	.destroy	= cifs_spnego_destroy,
>+	.describe	= user_describe,
>+};
>+
>+/*
>+ * encode a blob into a null terminated string so that it can be passed to
>+ * userspace. The main concern is NULL bytes embedded in the data. Bytes are
>+ * translated like this:
>+ *
>+ *   input                 output
>+ *   ------             -------------
>+ *    0xff               0xff + 0x01
>+ *    0x00               0xff + 0x02
>+ *   
>+ * any other byte is passed as-is. Userspace programs getting this string
>+ * will need to do the reverse conversion.
>+ */
>+static unsigned char *
>+cifs_encode_blob(const unsigned char *input, size_t inlen)
>+{
>+	unsigned int special_chars = 0;
>+	unsigned char *output, *op;
>+	int i;
>+
>+	/* get a count of number of special chars */
>+	for (i = 0; i < inlen; ++i)
>+		if (input[i] == 0xff or input[i] == 0x00)
>+			++special_chars;
>+
>+	output = kmalloc((inlen + special_chars + 1), GFP_KERNEL);
>+	if (output == NULL)
>+		return ERR_PTR(-ENOMEM);
>+
>+	/* now do the conversion */
>+	op = output;
>+	for (i = 0; i < inlen; ++i) {
>+		if (input[i] == 0xff) {
>+			*op = 0xff;
>+			++op;
>+			*op = 0x01;
>+		} else if (input[i] == 0x00) {
>+			*op = 0xff;
>+			++op;
>+			*op = 0x02;
>+		} else
>+			*op = input[i];
>+		++op;
>+	}
>+	*op = '\0';
>+
>+	return output;
>+}
>+
>+/*
>+ * given a SPNEGO security blob and session info, get a key struct with a new
>+ * SPNEGO security blob, suitable for session setup
>+ */
>+int
>+cifs_spnego_convert(struct cifsSesInfo *sesInfo, const unsigned char *secblob,
>+			size_t len)
>+{
>+	struct key *key;
>+	struct TCP_Server_Info *server = sesInfo->server;
>+	char *description = NULL;
>+	unsigned char *outblob = NULL;
>+	int error;
>+
>+	error = -ENOMEM;
>+	/* 8 bytes for uid, 32 for addr, 1 for colon, 1 for NULL */
>+	description = kzalloc((8 + 32 + 1 + 1), GFP_KERNEL);
>+	if (description == NULL)
>+		goto out;
>+
>+	outblob = cifs_encode_blob(secblob, len);
>+	if (IS_ERR(outblob)) {
>+		error = PTR_ERR(outblob);
>+		outblob = NULL;
>+		goto out;
>+	}
>+
>+	error = -EINVAL;
>+	if (server->addr.sockAddr.sin_family == AF_INET)
>+		sprintf(description, "%8.8x:" NIPQUAD_FMT, sesInfo->linux_uid,
>+			NIPQUAD(server->addr.sockAddr.sin_addr));
>+	else if (server->addr.sockAddr.sin_family == AF_INET6)
>+		sprintf(description, "%8.8x:" NIP6_SEQFMT, sesInfo->linux_uid,
>+			NIP6(server->addr.sockAddr6.sin6_addr));
>+	else
>+		goto out;
>+
>+	if (sesInfo->spnego_key != NULL) {
>+		key_put(sesInfo->spnego_key);
>+		sesInfo->spnego_key = NULL;
>+	}
>+
>+	key = request_key(&cifs_spnego_key_type, description, outblob);
>+	if (IS_ERR(key)) {
>+		error = PTR_ERR(key);
>+		goto out;
>+	}
>+
>+	sesInfo->spnego_key = key;
>+	error = 0;
>+	cifs_dump_mem("SPNEGO blob:", key->payload.data, key->datalen);
>+out:
>+	if (description)
>+		kfree(description);
>+	if (outblob)
>+		kfree(outblob);
>+	return error;
>+}
>diff --git a/fs/cifs/cifsauth.h b/fs/cifs/cifsauth.h
>new file mode 100644
>index 0000000..1a8b932
>--- /dev/null
>+++ b/fs/cifs/cifsauth.h
>@@ -0,0 +1,34 @@
>+/*
>+ *   fs/cifs/cifsauth.h -- auth management for CIFS
>+ *
>+ *   Copyright (c) 2007 Red Hat, Inc.
>+ *   Author(s): Jeff Layton (jlayton@redhat.com)
>+ *
>+ *   This library is free software; you can redistribute it and/or modify
>+ *   it under the terms of the GNU Lesser General Public License as published
>+ *   by the Free Software Foundation; either version 2.1 of the License, or
>+ *   (at your option) any later version.
>+ *
>+ *   This library is distributed in the hope that it will be useful,
>+ *   but WITHOUT ANY WARRANTY; without even the implied warranty of
>+ *   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
>+ *   the GNU Lesser General Public License for more details.
>+ *
>+ *   You should have received a copy of the GNU Lesser General Public License
>+ *   along with this library; if not, write to the Free Software
>+ *   Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
>+ */
>+
>+#ifndef _CIFSAUTH_H
>+#define _CIFSAUTH_H
>+
>+struct cifs_spnego_reply {
>+	uint32_t	len;
>+	uint8_t		data[1];
>+};
>+
>+extern struct key_type cifs_spnego_key_type;
>+
>+extern int cifs_spnego_convert(struct cifsSesInfo *sesInfo, const char *secblob, size_t len);
>+
>+#endif /* _CIFSAUTH_H */
>diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c
>index abca6b0..219bcd1 100644
>--- a/fs/cifs/cifsfs.c
>+++ b/fs/cifs/cifsfs.c
>@@ -42,6 +42,7 @@
> #include "cifsproto.h"
> #include "cifs_debug.h"
> #include "cifs_fs_sb.h"
>+#include "cifsauth.h"
> #include <linux/mm.h>
> #define CIFS_MAGIC_NUMBER 0xFF534D42	/* the first four bytes of SMB PDUs */
> 
>@@ -1006,11 +1007,15 @@ init_cifs(void)
> 	if (rc)
> 		goto out_destroy_request_bufs;
> 
>+	rc = register_key_type(&cifs_spnego_key_type);
>+	if (rc)
>+		goto out_unregister_filesystem;
>+
> 	oplockThread = kthread_run(cifs_oplock_thread, NULL, "cifsoplockd");
> 	if (IS_ERR(oplockThread)) {
> 		rc = PTR_ERR(oplockThread);
> 		cERROR(1, ("error %d create oplock thread", rc));
>-		goto out_unregister_filesystem;
>+		goto out_unregister_key_type;
> 	}
> 
> 	dnotifyThread = kthread_run(cifs_dnotify_thread, NULL, "cifsdnotifyd");
>@@ -1024,6 +1029,8 @@ init_cifs(void)
> 
>  out_stop_oplock_thread:
> 	kthread_stop(oplockThread);
>+ out_unregister_key_type:
>+	unregister_key_type(&cifs_spnego_key_type);
>  out_unregister_filesystem:
> 	unregister_filesystem(&cifs_fs_type);
>  out_destroy_request_bufs:
>@@ -1046,6 +1053,7 @@ exit_cifs(void)
> #ifdef CONFIG_PROC_FS
> 	cifs_proc_clean();
> #endif
>+	unregister_key_type(&cifs_spnego_key_type);
> 	unregister_filesystem(&cifs_fs_type);
> 	cifs_destroy_inodecache();
> 	cifs_destroy_mids();
>diff --git a/fs/cifs/cifsglob.h b/fs/cifs/cifsglob.h
>index 61d6173..7a71f44 100644
>--- a/fs/cifs/cifsglob.h
>+++ b/fs/cifs/cifsglob.h
>@@ -227,6 +227,7 @@ struct cifsSesInfo {
> 	char userName[MAX_USERNAME_SIZE + 1];
> 	char *domainName;
> 	char *password;
>+	struct key *spnego_key;	/* security key */
> };
> /* no more than one of the following three session flags may be set */
> #define CIFS_SES_NT4 1
>@@ -495,9 +496,9 @@ require use of the stronger protocol */
> #ifdef CONFIG_CIFS_WEAK_PW_HASH
> #define   CIFSSEC_MUST_LANMAN	0x10010
> #define   CIFSSEC_MUST_PLNTXT	0x20020
>-#define   CIFSSEC_MASK          0x37037 /* current flags supported if weak */
>+#define   CIFSSEC_MASK          0x3f03f /* current flags supported if weak */
> #else
>-#define	  CIFSSEC_MASK          0x07007 /* flags supported if no weak config */
>+#define	  CIFSSEC_MASK          0x0f00f /* flags supported if no weak config */
> #endif /* WEAK_PW_HASH */
> #define   CIFSSEC_MUST_SEAL	0x40040 /* not supported yet */
> 
>diff --git a/fs/cifs/cifssmb.c b/fs/cifs/cifssmb.c
>index b179836..f52d961 100644
>--- a/fs/cifs/cifssmb.c
>+++ b/fs/cifs/cifssmb.c
>@@ -38,6 +38,7 @@
> #include "cifsproto.h"
> #include "cifs_unicode.h"
> #include "cifs_debug.h"
>+#include "cifsauth.h"
> 
> #ifdef CONFIG_CIFS_POSIX
> static struct {
>@@ -621,33 +622,35 @@ CIFSSMBNegotiate(unsigned int xid, struct cifsSesInfo *ses)
> 	if ((pSMBr->hdr.Flags2 & SMBFLG2_EXT_SEC) &&
> 		(server->capabilities & CAP_EXTENDED_SECURITY)) {
> 		count = pSMBr->ByteCount;
>-		if (count < 16)
>+		if (count < 16) {
> 			rc = -EIO;
>-		else if (count == 16) {
>-			server->secType = RawNTLMSSP;
>-			if (server->socketUseCount.counter > 1) {
>-				if (memcmp(server->server_GUID,
>-					   pSMBr->u.extended_response.
>-					   GUID, 16) != 0) {
>-					cFYI(1, ("server UID changed"));
>-					memcpy(server->server_GUID,
>-						pSMBr->u.extended_response.GUID,
>-						16);
>-				}
>-			} else
>+			goto neg_err_exit;
>+		}
>+
>+		if (server->socketUseCount.counter > 1) {
>+			if (memcmp(server->server_GUID,
>+				   pSMBr->u.extended_response.
>+				   GUID, 16) != 0) {
>+				cFYI(1, ("server UID changed"));
> 				memcpy(server->server_GUID,
>-				       pSMBr->u.extended_response.GUID, 16);
>+					pSMBr->u.extended_response.GUID,
>+					16);
>+			}
>+		} else
>+			memcpy(server->server_GUID,
>+			       pSMBr->u.extended_response.GUID, 16);
>+
>+		if (count == 16) {
>+			server->secType = RawNTLMSSP;
> 		} else {
>-			rc = decode_negTokenInit(pSMBr->u.extended_response.
>+			rc = cifs_spnego_convert(ses,
>+						 pSMBr->u.extended_response.
> 						 SecurityBlob,
>-						 count - 16,
>-						 &server->secType);
>-			if (rc == 1) {
>-			/* BB Need to fill struct for sessetup here */
>-				rc = -EOPNOTSUPP;
>-			} else {
>-				rc = -EINVAL;
>-			}
>+						 count - 16);
>+			/* FIXME: could also be NTLMSSP */
>+			server->secType = Kerberos;
>+			if (rc)
>+				goto neg_err_exit;
> 		}
> 	} else
> 		server->capabilities &= ~CAP_EXTENDED_SECURITY;
>@@ -661,8 +664,8 @@ signing_check:
> 		cFYI(1, ("Signing disabled"));
> 		if (server->secMode & SECMODE_SIGN_REQUIRED)
> 			cERROR(1, ("Server requires "
>-				   "/proc/fs/cifs/PacketSigningEnabled "
>-				   "to be on"));
>+				   "packet signing to be enabled in "
>+				   "/proc/fs/cifs/SecurityFlags."));
> 		server->secMode &=
> 			~(SECMODE_SIGN_ENABLED | SECMODE_SIGN_REQUIRED);
> 	} else if ((secFlags & CIFSSEC_MUST_SIGN) == CIFSSEC_MUST_SIGN) {
>diff --git a/fs/cifs/misc.c b/fs/cifs/misc.c
>index 51ec681..3b01968 100644
>--- a/fs/cifs/misc.c
>+++ b/fs/cifs/misc.c
>@@ -97,6 +97,8 @@ sesInfoFree(struct cifsSesInfo *buf_to_free)
> 	atomic_dec(&sesInfoAllocCount);
> 	list_del(&buf_to_free->cifsSessionList);
> 	write_unlock(&GlobalSMBSeslock);
>+	if (buf_to_free->spnego_key)
>+		key_put(buf_to_free->spnego_key);
> 	kfree(buf_to_free->serverOS);
> 	kfree(buf_to_free->serverDomain);
> 	kfree(buf_to_free->serverNOS);
>diff --git a/fs/cifs/sess.c b/fs/cifs/sess.c
>index 78797c0..dae177a 100644
>--- a/fs/cifs/sess.c
>+++ b/fs/cifs/sess.c
>@@ -74,6 +74,52 @@ static __u32 cifs_ssetup_hdr(struct cifsSesInfo *ses, SESSION_SETUP_ANDX *pSMB)
> 	return capabilities;
> }
> 
>+static void
>+unicode_oslm_strings(char **pbcc_area, const struct nls_table *nls_cp)
>+{
>+	char *bcc_ptr = *pbcc_area;
>+	int bytes_ret = 0;
>+
>+	/* Copy OS version */
>+	bytes_ret = cifs_strtoUCS((__le16 *)bcc_ptr, "Linux version ", 32,
>+				  nls_cp);
>+	bcc_ptr += 2 * bytes_ret;
>+	bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, init_utsname()->release,
>+				  32, nls_cp);
>+	bcc_ptr += 2 * bytes_ret;
>+	bcc_ptr += 2; /* trailing null */
>+
>+	bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, CIFS_NETWORK_OPSYS,
>+				  32, nls_cp);
>+	bcc_ptr += 2 * bytes_ret;
>+	bcc_ptr += 2; /* trailing null */
>+
>+	*pbcc_area = bcc_ptr;
>+}
>+
>+static void unicode_domain_string(char **pbcc_area, struct cifsSesInfo *ses,
>+				   const struct nls_table *nls_cp)
>+{
>+	char *bcc_ptr = *pbcc_area;
>+	int bytes_ret = 0;
>+
>+	/* copy domain */
>+	if (ses->domainName == NULL) {
>+		/* Sending null domain better than using a bogus domain name (as
>+		we did briefly in 2.6.18) since server will use its default */
>+		*bcc_ptr = 0;
>+		*(bcc_ptr+1) = 0;
>+		bytes_ret = 0;
>+	} else
>+		bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, ses->domainName,
>+					  256, nls_cp);
>+	bcc_ptr += 2 * bytes_ret;
>+	bcc_ptr += 2;  /* account for null terminator */
>+
>+	*pbcc_area = bcc_ptr;
>+}
>+
>+
> static void unicode_ssetup_strings(char **pbcc_area, struct cifsSesInfo *ses,
> 				   const struct nls_table *nls_cp)
> {
>@@ -99,32 +145,9 @@ static void unicode_ssetup_strings(char **pbcc_area, struct cifsSesInfo *ses,
> 	}
> 	bcc_ptr += 2 * bytes_ret;
> 	bcc_ptr += 2; /* account for null termination */
>-	/* copy domain */
>-	if (ses->domainName == NULL) {
>-		/* Sending null domain better than using a bogus domain name (as
>-		we did briefly in 2.6.18) since server will use its default */
>-		*bcc_ptr = 0;
>-		*(bcc_ptr+1) = 0;
>-		bytes_ret = 0;
>-	} else
>-		bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, ses->domainName,
>-					  256, nls_cp);
>-	bcc_ptr += 2 * bytes_ret;
>-	bcc_ptr += 2;  /* account for null terminator */
> 
>-	/* Copy OS version */
>-	bytes_ret = cifs_strtoUCS((__le16 *)bcc_ptr, "Linux version ", 32,
>-				  nls_cp);
>-	bcc_ptr += 2 * bytes_ret;
>-	bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, init_utsname()->release,
>-				  32, nls_cp);
>-	bcc_ptr += 2 * bytes_ret;
>-	bcc_ptr += 2; /* trailing null */
>-
>-	bytes_ret = cifs_strtoUCS((__le16 *) bcc_ptr, CIFS_NETWORK_OPSYS,
>-				  32, nls_cp);
>-	bcc_ptr += 2 * bytes_ret;
>-	bcc_ptr += 2; /* trailing null */
>+	unicode_domain_string(&bcc_ptr, ses, nls_cp);
>+	unicode_oslm_strings(&bcc_ptr, nls_cp);
> 
> 	*pbcc_area = bcc_ptr;
> }
>@@ -318,7 +341,7 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
> 	__u32 capabilities;
> 	int count;
> 	int resp_buf_type = 0;
>-	struct kvec iov[2];
>+	struct kvec iov[3];
> 	enum securityEnum type;
> 	__u16 action;
> 	int bytes_remaining;
>@@ -372,6 +395,9 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
> 
> 	ses->flags &= ~CIFS_SES_LANMAN;
> 
>+	iov[1].iov_base = NULL;
>+	iov[1].iov_len = 0;
>+
> 	if (type == LANMAN) {
> #ifdef CONFIG_CIFS_WEAK_PW_HASH
> 		char lnm_session_key[CIFS_SESS_KEY_SIZE];
>@@ -476,21 +502,35 @@ CIFS_SessSetup(unsigned int xid, struct cifsSesInfo *ses, int first_time,
> 			unicode_ssetup_strings(&bcc_ptr, ses, nls_cp);
> 		} else
> 			ascii_ssetup_strings(&bcc_ptr, ses, nls_cp);
>-	} else /* NTLMSSP or SPNEGO */ {
>+	} else if (type == Kerberos) {
> 		pSMB->req.hdr.Flags2 |= SMBFLG2_EXT_SEC;
> 		capabilities |= CAP_EXTENDED_SECURITY;
> 		pSMB->req.Capabilities = cpu_to_le32(capabilities);
>-		/* BB set password lengths */
>+		iov[1].iov_base = ses->spnego_key->payload.data;
>+		iov[1].iov_len = ses->spnego_key->datalen;
>+		pSMB->req.SecurityBlobLength = cpu_to_le16(iov[1].iov_len);
>+
>+		if (ses->capabilities & CAP_UNICODE) {
>+			/* unicode strings must be word aligned */
>+			if (iov[0].iov_len % 2) {
>+				*bcc_ptr = 0;
>+				bcc_ptr++;
>+			}
>+			unicode_oslm_strings(&bcc_ptr, nls_cp);
>+			unicode_domain_string(&bcc_ptr, ses, nls_cp);
>+		}
>+		/* FIXME: What do we do here if unicode isn't enabled? */
> 	}
> 
>-	count = (long) bcc_ptr - (long) str_area;
>+	iov[2].iov_base = str_area;
>+	iov[2].iov_len = (long) bcc_ptr - (long) str_area;
>+
>+	count = iov[1].iov_len + iov[2].iov_len;
> 	smb_buf->smb_buf_length += count;
> 
> 	BCC_LE(smb_buf) = cpu_to_le16(count);
> 
>-	iov[1].iov_base = str_area;
>-	iov[1].iov_len = count;
>-	rc = SendReceive2(xid, ses, iov, 2 /* num_iovecs */, &resp_buf_type, 0);
>+	rc = SendReceive2(xid, ses, iov, 3 /* num_iovecs */, &resp_buf_type, 0);
> 	/* SMB request buf freed in SendReceive2 */
> 
> 	cFYI(1, ("ssetup rc from sendrecv2 is %d", rc));

Actions: View | Diff

Attachments on bug 315311: 215841 | 217871 | 218261 | 218271 | 228611 | 232741 | 236521 | 237721 | 248401