Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
idmap.c
Go to the documentation of this file.
1 /*
2  * fs/nfs/idmap.c
3  *
4  * UID and GID to name mapping for clients.
5  *
6  * Copyright (c) 2002 The Regents of the University of Michigan.
7  * All rights reserved.
8  *
9  * Marius Aamodt Eriksen <[email protected]>
10  *
11  * Redistribution and use in source and binary forms, with or without
12  * modification, are permitted provided that the following conditions
13  * are met:
14  *
15  * 1. Redistributions of source code must retain the above copyright
16  * notice, this list of conditions and the following disclaimer.
17  * 2. Redistributions in binary form must reproduce the above copyright
18  * notice, this list of conditions and the following disclaimer in the
19  * documentation and/or other materials provided with the distribution.
20  * 3. Neither the name of the University nor the names of its
21  * contributors may be used to endorse or promote products derived
22  * from this software without specific prior written permission.
23  *
24  * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
25  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
26  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
27  * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
29  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
30  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
31  * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
32  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
33  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
34  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35  */
36 #include <linux/types.h>
37 #include <linux/parser.h>
38 #include <linux/fs.h>
39 #include <linux/nfs_idmap.h>
40 #include <net/net_namespace.h>
41 #include <linux/sunrpc/rpc_pipe_fs.h>
42 #include <linux/nfs_fs.h>
43 #include <linux/nfs_fs_sb.h>
44 #include <linux/key.h>
45 #include <linux/keyctl.h>
46 #include <linux/key-type.h>
47 #include <keys/user-type.h>
48 #include <linux/module.h>
49 
50 #include "internal.h"
51 #include "netns.h"
52 
53 #define NFS_UINT_MAXLEN 11
54 
55 static const struct cred *id_resolver_cache;
56 static struct key_type key_type_id_resolver_legacy;
57 
58 struct idmap_legacy_upcalldata {
59  struct rpc_pipe_msg pipe_msg;
60  struct idmap_msg idmap_msg;
61  struct key_construction *key_cons;
62  struct idmap *idmap;
63 };
64 
65 struct idmap {
66  struct rpc_pipe *idmap_pipe;
67  struct idmap_legacy_upcalldata *idmap_upcall_data;
68  struct mutex idmap_mutex;
69 };
70 
77 void nfs_fattr_init_names(struct nfs_fattr *fattr,
78  struct nfs4_string *owner_name,
79  struct nfs4_string *group_name)
80 {
81  fattr->owner_name = owner_name;
82  fattr->group_name = group_name;
83 }
84 
85 static void nfs_fattr_free_owner_name(struct nfs_fattr *fattr)
86 {
87  fattr->valid &= ~NFS_ATTR_FATTR_OWNER_NAME;
88  kfree(fattr->owner_name->data);
89 }
90 
91 static void nfs_fattr_free_group_name(struct nfs_fattr *fattr)
92 {
93  fattr->valid &= ~NFS_ATTR_FATTR_GROUP_NAME;
94  kfree(fattr->group_name->data);
95 }
96 
97 static bool nfs_fattr_map_owner_name(struct nfs_server *server, struct nfs_fattr *fattr)
98 {
99  struct nfs4_string *owner = fattr->owner_name;
100  __u32 uid;
101 
102  if (!(fattr->valid & NFS_ATTR_FATTR_OWNER_NAME))
103  return false;
104  if (nfs_map_name_to_uid(server, owner->data, owner->len, &uid) == 0) {
105  fattr->uid = uid;
106  fattr->valid |= NFS_ATTR_FATTR_OWNER;
107  }
108  return true;
109 }
110 
111 static bool nfs_fattr_map_group_name(struct nfs_server *server, struct nfs_fattr *fattr)
112 {
113  struct nfs4_string *group = fattr->group_name;
114  __u32 gid;
115 
116  if (!(fattr->valid & NFS_ATTR_FATTR_GROUP_NAME))
117  return false;
118  if (nfs_map_group_to_gid(server, group->data, group->len, &gid) == 0) {
119  fattr->gid = gid;
120  fattr->valid |= NFS_ATTR_FATTR_GROUP;
121  }
122  return true;
123 }
124 
129 void nfs_fattr_free_names(struct nfs_fattr *fattr)
130 {
131  if (fattr->valid & NFS_ATTR_FATTR_OWNER_NAME)
132  nfs_fattr_free_owner_name(fattr);
133  if (fattr->valid & NFS_ATTR_FATTR_GROUP_NAME)
134  nfs_fattr_free_group_name(fattr);
135 }
136 
145 void nfs_fattr_map_and_free_names(struct nfs_server *server, struct nfs_fattr *fattr)
146 {
147  if (nfs_fattr_map_owner_name(server, fattr))
148  nfs_fattr_free_owner_name(fattr);
149  if (nfs_fattr_map_group_name(server, fattr))
150  nfs_fattr_free_group_name(fattr);
151 }
152 
153 static int nfs_map_string_to_numeric(const char *name, size_t namelen, __u32 *res)
154 {
155  unsigned long val;
156  char buf[16];
157 
158  if (memchr(name, '@', namelen) != NULL || namelen >= sizeof(buf))
159  return 0;
160  memcpy(buf, name, namelen);
161  buf[namelen] = '\0';
162  if (kstrtoul(buf, 0, &val) != 0)
163  return 0;
164  *res = val;
165  return 1;
166 }
167 
168 static int nfs_map_numeric_to_string(__u32 id, char *buf, size_t buflen)
169 {
170  return snprintf(buf, buflen, "%u", id);
171 }
172 
173 static struct key_type key_type_id_resolver = {
174  .name = "id_resolver",
175  .instantiate = user_instantiate,
176  .match = user_match,
177  .revoke = user_revoke,
178  .destroy = user_destroy,
179  .describe = user_describe,
180  .read = user_read,
181 };
182 
183 static int nfs_idmap_init_keyring(void)
184 {
185  struct cred *cred;
186  struct key *keyring;
187  int ret = 0;
188 
189  printk(KERN_NOTICE "NFS: Registering the %s key type\n",
190  key_type_id_resolver.name);
191 
192  cred = prepare_kernel_cred(NULL);
193  if (!cred)
194  return -ENOMEM;
195 
196  keyring = key_alloc(&key_type_keyring, ".id_resolver", 0, 0, cred,
197  (KEY_POS_ALL & ~KEY_POS_SETATTR) |
198  KEY_USR_VIEW | KEY_USR_READ,
199  KEY_ALLOC_NOT_IN_QUOTA);
200  if (IS_ERR(keyring)) {
201  ret = PTR_ERR(keyring);
202  goto failed_put_cred;
203  }
204 
205  ret = key_instantiate_and_link(keyring, NULL, 0, NULL, NULL);
206  if (ret < 0)
207  goto failed_put_key;
208 
209  ret = register_key_type(&key_type_id_resolver);
210  if (ret < 0)
211  goto failed_put_key;
212 
213  ret = register_key_type(&key_type_id_resolver_legacy);
214  if (ret < 0)
215  goto failed_reg_legacy;
216 
217  set_bit(KEY_FLAG_ROOT_CAN_CLEAR, &keyring->flags);
218  cred->thread_keyring = keyring;
219  cred->jit_keyring = KEY_REQKEY_DEFL_THREAD_KEYRING;
220  id_resolver_cache = cred;
221  return 0;
222 
223 failed_reg_legacy:
224  unregister_key_type(&key_type_id_resolver);
225 failed_put_key:
226  key_put(keyring);
227 failed_put_cred:
228  put_cred(cred);
229  return ret;
230 }
231 
232 static void nfs_idmap_quit_keyring(void)
233 {
234  key_revoke(id_resolver_cache->thread_keyring);
235  unregister_key_type(&key_type_id_resolver);
236  unregister_key_type(&key_type_id_resolver_legacy);
237  put_cred(id_resolver_cache);
238 }
239 
240 /*
241  * Assemble the description to pass to request_key()
242  * This function will allocate a new string and update dest to point
243  * at it. The caller is responsible for freeing dest.
244  *
245  * On error 0 is returned. Otherwise, the length of dest is returned.
246  */
247 static ssize_t nfs_idmap_get_desc(const char *name, size_t namelen,
248  const char *type, size_t typelen, char **desc)
249 {
250  char *cp;
251  size_t desclen = typelen + namelen + 2;
252 
253  *desc = kmalloc(desclen, GFP_KERNEL);
254  if (!*desc)
255  return -ENOMEM;
256 
257  cp = *desc;
258  memcpy(cp, type, typelen);
259  cp += typelen;
260  *cp++ = ':';
261 
262  memcpy(cp, name, namelen);
263  cp += namelen;
264  *cp = '\0';
265  return desclen;
266 }
267 
268 static ssize_t nfs_idmap_request_key(struct key_type *key_type,
269  const char *name, size_t namelen,
270  const char *type, void *data,
271  size_t data_size, struct idmap *idmap)
272 {
273  const struct cred *saved_cred;
274  struct key *rkey;
275  char *desc;
276  struct user_key_payload *payload;
277  ssize_t ret;
278 
279  ret = nfs_idmap_get_desc(name, namelen, type, strlen(type), &desc);
280  if (ret <= 0)
281  goto out;
282 
283  saved_cred = override_creds(id_resolver_cache);
284  if (idmap)
285  rkey = request_key_with_auxdata(key_type, desc, "", 0, idmap);
286  else
287  rkey = request_key(&key_type_id_resolver, desc, "");
288  revert_creds(saved_cred);
289 
290  kfree(desc);
291  if (IS_ERR(rkey)) {
292  ret = PTR_ERR(rkey);
293  goto out;
294  }
295 
296  rcu_read_lock();
297  rkey->perm |= KEY_USR_VIEW;
298 
299  ret = key_validate(rkey);
300  if (ret < 0)
301  goto out_up;
302 
303  payload = rcu_dereference(rkey->payload.data);
304  if (IS_ERR_OR_NULL(payload)) {
305  ret = PTR_ERR(payload);
306  goto out_up;
307  }
308 
309  ret = payload->datalen;
310  if (ret > 0 && ret <= data_size)
311  memcpy(data, payload->data, ret);
312  else
313  ret = -EINVAL;
314 
315 out_up:
316  rcu_read_unlock();
317  key_put(rkey);
318 out:
319  return ret;
320 }
321 
322 static ssize_t nfs_idmap_get_key(const char *name, size_t namelen,
323  const char *type, void *data,
324  size_t data_size, struct idmap *idmap)
325 {
326  ssize_t ret = nfs_idmap_request_key(&key_type_id_resolver,
327  name, namelen, type, data,
328  data_size, NULL);
329  if (ret < 0) {
330  mutex_lock(&idmap->idmap_mutex);
331  ret = nfs_idmap_request_key(&key_type_id_resolver_legacy,
332  name, namelen, type, data,
333  data_size, idmap);
334  mutex_unlock(&idmap->idmap_mutex);
335  }
336  return ret;
337 }
338 
339 /* ID -> Name */
340 static ssize_t nfs_idmap_lookup_name(__u32 id, const char *type, char *buf,
341  size_t buflen, struct idmap *idmap)
342 {
343  char id_str[NFS_UINT_MAXLEN];
344  int id_len;
345  ssize_t ret;
346 
347  id_len = snprintf(id_str, sizeof(id_str), "%u", id);
348  ret = nfs_idmap_get_key(id_str, id_len, type, buf, buflen, idmap);
349  if (ret < 0)
350  return -EINVAL;
351  return ret;
352 }
353 
354 /* Name -> ID */
355 static int nfs_idmap_lookup_id(const char *name, size_t namelen, const char *type,
356  __u32 *id, struct idmap *idmap)
357 {
358  char id_str[NFS_UINT_MAXLEN];
359  long id_long;
360  ssize_t data_size;
361  int ret = 0;
362 
363  data_size = nfs_idmap_get_key(name, namelen, type, id_str, NFS_UINT_MAXLEN, idmap);
364  if (data_size <= 0) {
365  ret = -EINVAL;
366  } else {
367  ret = kstrtol(id_str, 10, &id_long);
368  *id = (__u32)id_long;
369  }
370  return ret;
371 }
372 
373 /* idmap classic begins here */
374 
375 enum {
376  Opt_find_uid, Opt_find_gid, Opt_find_user, Opt_find_group, Opt_find_err
377 };
378 
379 static const match_table_t nfs_idmap_tokens = {
380  { Opt_find_uid, "uid:%s" },
381  { Opt_find_gid, "gid:%s" },
382  { Opt_find_user, "user:%s" },
383  { Opt_find_group, "group:%s" },
384  { Opt_find_err, NULL }
385 };
386 
387 static int nfs_idmap_legacy_upcall(struct key_construction *, const char *, void *);
388 static ssize_t idmap_pipe_downcall(struct file *, const char __user *,
389  size_t);
390 static void idmap_release_pipe(struct inode *);
391 static void idmap_pipe_destroy_msg(struct rpc_pipe_msg *);
392 
393 static const struct rpc_pipe_ops idmap_upcall_ops = {
394  .upcall = rpc_pipe_generic_upcall,
395  .downcall = idmap_pipe_downcall,
396  .release_pipe = idmap_release_pipe,
397  .destroy_msg = idmap_pipe_destroy_msg,
398 };
399 
400 static struct key_type key_type_id_resolver_legacy = {
401  .name = "id_legacy",
402  .instantiate = user_instantiate,
403  .match = user_match,
404  .revoke = user_revoke,
405  .destroy = user_destroy,
406  .describe = user_describe,
407  .read = user_read,
408  .request_key = nfs_idmap_legacy_upcall,
409 };
410 
411 static void __nfs_idmap_unregister(struct rpc_pipe *pipe)
412 {
413  if (pipe->dentry)
414  rpc_unlink(pipe->dentry);
415 }
416 
417 static int __nfs_idmap_register(struct dentry *dir,
418  struct idmap *idmap,
419  struct rpc_pipe *pipe)
420 {
421  struct dentry *dentry;
422 
423  dentry = rpc_mkpipe_dentry(dir, "idmap", idmap, pipe);
424  if (IS_ERR(dentry))
425  return PTR_ERR(dentry);
426  pipe->dentry = dentry;
427  return 0;
428 }
429 
430 static void nfs_idmap_unregister(struct nfs_client *clp,
431  struct rpc_pipe *pipe)
432 {
433  struct net *net = clp->cl_net;
434  struct super_block *pipefs_sb;
435 
436  pipefs_sb = rpc_get_sb_net(net);
437  if (pipefs_sb) {
438  __nfs_idmap_unregister(pipe);
439  rpc_put_sb_net(net);
440  }
441 }
442 
443 static int nfs_idmap_register(struct nfs_client *clp,
444  struct idmap *idmap,
445  struct rpc_pipe *pipe)
446 {
447  struct net *net = clp->cl_net;
448  struct super_block *pipefs_sb;
449  int err = 0;
450 
451  pipefs_sb = rpc_get_sb_net(net);
452  if (pipefs_sb) {
453  if (clp->cl_rpcclient->cl_dentry)
454  err = __nfs_idmap_register(clp->cl_rpcclient->cl_dentry,
455  idmap, pipe);
456  rpc_put_sb_net(net);
457  }
458  return err;
459 }
460 
461 int
462 nfs_idmap_new(struct nfs_client *clp)
463 {
464  struct idmap *idmap;
465  struct rpc_pipe *pipe;
466  int error;
467 
468  idmap = kzalloc(sizeof(*idmap), GFP_KERNEL);
469  if (idmap == NULL)
470  return -ENOMEM;
471 
472  pipe = rpc_mkpipe_data(&idmap_upcall_ops, 0);
473  if (IS_ERR(pipe)) {
474  error = PTR_ERR(pipe);
475  kfree(idmap);
476  return error;
477  }
478  error = nfs_idmap_register(clp, idmap, pipe);
479  if (error) {
480  rpc_destroy_pipe_data(pipe);
481  kfree(idmap);
482  return error;
483  }
484  idmap->idmap_pipe = pipe;
485  mutex_init(&idmap->idmap_mutex);
486 
487  clp->cl_idmap = idmap;
488  return 0;
489 }
490 
491 void
492 nfs_idmap_delete(struct nfs_client *clp)
493 {
494  struct idmap *idmap = clp->cl_idmap;
495 
496  if (!idmap)
497  return;
498  nfs_idmap_unregister(clp, idmap->idmap_pipe);
499  rpc_destroy_pipe_data(idmap->idmap_pipe);
500  clp->cl_idmap = NULL;
501  kfree(idmap);
502 }
503 
504 static int __rpc_pipefs_event(struct nfs_client *clp, unsigned long event,
505  struct super_block *sb)
506 {
507  int err = 0;
508 
509  switch (event) {
510  case RPC_PIPEFS_MOUNT:
511  err = __nfs_idmap_register(clp->cl_rpcclient->cl_dentry,
512  clp->cl_idmap,
513  clp->cl_idmap->idmap_pipe);
514  break;
515  case RPC_PIPEFS_UMOUNT:
516  if (clp->cl_idmap->idmap_pipe) {
517  struct dentry *parent;
518 
519  parent = clp->cl_idmap->idmap_pipe->dentry->d_parent;
520  __nfs_idmap_unregister(clp->cl_idmap->idmap_pipe);
521  /*
522  * Note: This is a dirty hack. SUNRPC hook has been
523  * called already but simple_rmdir() call for the
524  * directory returned with error because of idmap pipe
525  * inside. Thus now we have to remove this directory
526  * here.
527  */
528  if (rpc_rmdir(parent))
529  printk(KERN_ERR "NFS: %s: failed to remove "
530  "clnt dir!\n", __func__);
531  }
532  break;
533  default:
534  printk(KERN_ERR "NFS: %s: unknown event: %ld\n", __func__,
535  event);
536  return -ENOTSUPP;
537  }
538  return err;
539 }
540 
541 static struct nfs_client *nfs_get_client_for_event(struct net *net, int event)
542 {
543  struct nfs_net *nn = net_generic(net, nfs_net_id);
544  struct dentry *cl_dentry;
545  struct nfs_client *clp;
546  int err;
547 
548 restart:
549  spin_lock(&nn->nfs_client_lock);
550  list_for_each_entry(clp, &nn->nfs_client_list, cl_share_link) {
551  /* Wait for initialisation to finish */
552  if (clp->cl_cons_state == NFS_CS_INITING) {
553  atomic_inc(&clp->cl_count);
554  spin_unlock(&nn->nfs_client_lock);
555  err = nfs_wait_client_init_complete(clp);
556  nfs_put_client(clp);
557  if (err)
558  return NULL;
559  goto restart;
560  }
561  /* Skip nfs_clients that failed to initialise */
562  if (clp->cl_cons_state < 0)
563  continue;
564  smp_rmb();
565  if (clp->rpc_ops != &nfs_v4_clientops)
566  continue;
567  cl_dentry = clp->cl_idmap->idmap_pipe->dentry;
568  if (((event == RPC_PIPEFS_MOUNT) && cl_dentry) ||
569  ((event == RPC_PIPEFS_UMOUNT) && !cl_dentry))
570  continue;
571  atomic_inc(&clp->cl_count);
572  spin_unlock(&nn->nfs_client_lock);
573  return clp;
574  }
575  spin_unlock(&nn->nfs_client_lock);
576  return NULL;
577 }
578 
579 static int rpc_pipefs_event(struct notifier_block *nb, unsigned long event,
580  void *ptr)
581 {
582  struct super_block *sb = ptr;
583  struct nfs_client *clp;
584  int error = 0;
585 
586  if (!try_module_get(THIS_MODULE))
587  return 0;
588 
589  while ((clp = nfs_get_client_for_event(sb->s_fs_info, event))) {
590  error = __rpc_pipefs_event(clp, event, sb);
591  nfs_put_client(clp);
592  if (error)
593  break;
594  }
595  module_put(THIS_MODULE);
596  return error;
597 }
598 
599 #define PIPEFS_NFS_PRIO 1
600 
601 static struct notifier_block nfs_idmap_block = {
602  .notifier_call = rpc_pipefs_event,
603  .priority = SUNRPC_PIPEFS_NFS_PRIO,
604 };
605 
606 int nfs_idmap_init(void)
607 {
608  int ret;
609  ret = nfs_idmap_init_keyring();
610  if (ret != 0)
611  goto out;
612  ret = rpc_pipefs_notifier_register(&nfs_idmap_block);
613  if (ret != 0)
614  nfs_idmap_quit_keyring();
615 out:
616  return ret;
617 }
618 
619 void nfs_idmap_quit(void)
620 {
621  rpc_pipefs_notifier_unregister(&nfs_idmap_block);
622  nfs_idmap_quit_keyring();
623 }
624 
625 static int nfs_idmap_prepare_message(char *desc, struct idmap *idmap,
626  struct idmap_msg *im,
627  struct rpc_pipe_msg *msg)
628 {
629  substring_t substr;
630  int token, ret;
631 
632  im->im_type = IDMAP_TYPE_GROUP;
633  token = match_token(desc, nfs_idmap_tokens, &substr);
634 
635  switch (token) {
636  case Opt_find_uid:
637  im->im_type = IDMAP_TYPE_USER;
638  case Opt_find_gid:
639  im->im_conv = IDMAP_CONV_NAMETOID;
640  ret = match_strlcpy(im->im_name, &substr, IDMAP_NAMESZ);
641  break;
642 
643  case Opt_find_user:
644  im->im_type = IDMAP_TYPE_USER;
645  case Opt_find_group:
646  im->im_conv = IDMAP_CONV_IDTONAME;
647  ret = match_int(&substr, &im->im_id);
648  break;
649 
650  default:
651  ret = -EINVAL;
652  goto out;
653  }
654 
655  msg->data = im;
656  msg->len = sizeof(struct idmap_msg);
657 
658 out:
659  return ret;
660 }
661 
662 static bool
663 nfs_idmap_prepare_pipe_upcall(struct idmap *idmap,
664  struct idmap_legacy_upcalldata *data)
665 {
666  if (idmap->idmap_upcall_data != NULL) {
667  WARN_ON_ONCE(1);
668  return false;
669  }
670  idmap->idmap_upcall_data = data;
671  return true;
672 }
673 
674 static void
675 nfs_idmap_complete_pipe_upcall_locked(struct idmap *idmap, int ret)
676 {
677  struct key_construction *cons = idmap->idmap_upcall_data->key_cons;
678 
679  kfree(idmap->idmap_upcall_data);
680  idmap->idmap_upcall_data = NULL;
681  complete_request_key(cons, ret);
682 }
683 
684 static void
685 nfs_idmap_abort_pipe_upcall(struct idmap *idmap, int ret)
686 {
687  if (idmap->idmap_upcall_data != NULL)
688  nfs_idmap_complete_pipe_upcall_locked(idmap, ret);
689 }
690 
691 static int nfs_idmap_legacy_upcall(struct key_construction *cons,
692  const char *op,
693  void *aux)
694 {
695  struct idmap_legacy_upcalldata *data;
696  struct rpc_pipe_msg *msg;
697  struct idmap_msg *im;
698  struct idmap *idmap = (struct idmap *)aux;
699  struct key *key = cons->key;
700  int ret = -ENOMEM;
701 
702  /* msg and im are freed in idmap_pipe_destroy_msg */
703  data = kzalloc(sizeof(*data), GFP_KERNEL);
704  if (!data)
705  goto out1;
706 
707  msg = &data->pipe_msg;
708  im = &data->idmap_msg;
709  data->idmap = idmap;
710  data->key_cons = cons;
711 
712  ret = nfs_idmap_prepare_message(key->description, idmap, im, msg);
713  if (ret < 0)
714  goto out2;
715 
716  ret = -EAGAIN;
717  if (!nfs_idmap_prepare_pipe_upcall(idmap, data))
718  goto out2;
719 
720  ret = rpc_queue_upcall(idmap->idmap_pipe, msg);
721  if (ret < 0)
722  nfs_idmap_abort_pipe_upcall(idmap, ret);
723 
724  return ret;
725 out2:
726  kfree(data);
727 out1:
728  complete_request_key(cons, ret);
729  return ret;
730 }
731 
732 static int nfs_idmap_instantiate(struct key *key, struct key *authkey, char *data)
733 {
734  return key_instantiate_and_link(key, data, strlen(data) + 1,
735  id_resolver_cache->thread_keyring,
736  authkey);
737 }
738 
739 static int nfs_idmap_read_and_verify_message(struct idmap_msg *im,
740  struct idmap_msg *upcall,
741  struct key *key, struct key *authkey)
742 {
743  char id_str[NFS_UINT_MAXLEN];
744  int ret = -ENOKEY;
745 
746  /* ret = -ENOKEY */
747  if (upcall->im_type != im->im_type || upcall->im_conv != im->im_conv)
748  goto out;
749  switch (im->im_conv) {
750  case IDMAP_CONV_NAMETOID:
751  if (strcmp(upcall->im_name, im->im_name) != 0)
752  break;
753  sprintf(id_str, "%d", im->im_id);
754  ret = nfs_idmap_instantiate(key, authkey, id_str);
755  break;
756  case IDMAP_CONV_IDTONAME:
757  if (upcall->im_id != im->im_id)
758  break;
759  ret = nfs_idmap_instantiate(key, authkey, im->im_name);
760  break;
761  default:
762  ret = -EINVAL;
763  }
764 out:
765  return ret;
766 }
767 
768 static ssize_t
769 idmap_pipe_downcall(struct file *filp, const char __user *src, size_t mlen)
770 {
771  struct rpc_inode *rpci = RPC_I(filp->f_path.dentry->d_inode);
772  struct idmap *idmap = (struct idmap *)rpci->private;
773  struct key_construction *cons;
774  struct idmap_msg im;
775  size_t namelen_in;
776  int ret = -ENOKEY;
777 
778  /* If instantiation is successful, anyone waiting for key construction
779  * will have been woken up and someone else may now have used
780  * idmap_key_cons - so after this point we may no longer touch it.
781  */
782  if (idmap->idmap_upcall_data == NULL)
783  goto out_noupcall;
784 
785  cons = idmap->idmap_upcall_data->key_cons;
786 
787  if (mlen != sizeof(im)) {
788  ret = -ENOSPC;
789  goto out;
790  }
791 
792  if (copy_from_user(&im, src, mlen) != 0) {
793  ret = -EFAULT;
794  goto out;
795  }
796 
797  if (!(im.im_status & IDMAP_STATUS_SUCCESS)) {
798  ret = -ENOKEY;
799  goto out;
800  }
801 
802  namelen_in = strnlen(im.im_name, IDMAP_NAMESZ);
803  if (namelen_in == 0 || namelen_in == IDMAP_NAMESZ) {
804  ret = -EINVAL;
805  goto out;
806 }
807 
808  ret = nfs_idmap_read_and_verify_message(&im,
809  &idmap->idmap_upcall_data->idmap_msg,
810  cons->key, cons->authkey);
811  if (ret >= 0) {
812  key_set_timeout(cons->key, nfs_idmap_cache_timeout);
813  ret = mlen;
814  }
815 
816 out:
817  nfs_idmap_complete_pipe_upcall_locked(idmap, ret);
818 out_noupcall:
819  return ret;
820 }
821 
822 static void
823 idmap_pipe_destroy_msg(struct rpc_pipe_msg *msg)
824 {
825  struct idmap_legacy_upcalldata *data = container_of(msg,
826  struct idmap_legacy_upcalldata,
827  pipe_msg);
828  struct idmap *idmap = data->idmap;
829 
830  if (msg->errno)
831  nfs_idmap_abort_pipe_upcall(idmap, msg->errno);
832 }
833 
834 static void
835 idmap_release_pipe(struct inode *inode)
836 {
837  struct rpc_inode *rpci = RPC_I(inode);
838  struct idmap *idmap = (struct idmap *)rpci->private;
839 
840  nfs_idmap_abort_pipe_upcall(idmap, -EPIPE);
841 }
842 
843 int nfs_map_name_to_uid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *uid)
844 {
845  struct idmap *idmap = server->nfs_client->cl_idmap;
846 
847  if (nfs_map_string_to_numeric(name, namelen, uid))
848  return 0;
849  return nfs_idmap_lookup_id(name, namelen, "uid", uid, idmap);
850 }
851 
852 int nfs_map_group_to_gid(const struct nfs_server *server, const char *name, size_t namelen, __u32 *gid)
853 {
854  struct idmap *idmap = server->nfs_client->cl_idmap;
855 
856  if (nfs_map_string_to_numeric(name, namelen, gid))
857  return 0;
858  return nfs_idmap_lookup_id(name, namelen, "gid", gid, idmap);
859 }
860 
861 int nfs_map_uid_to_name(const struct nfs_server *server, __u32 uid, char *buf, size_t buflen)
862 {
863  struct idmap *idmap = server->nfs_client->cl_idmap;
864  int ret = -EINVAL;
865 
866  if (!(server->caps & NFS_CAP_UIDGID_NOMAP))
867  ret = nfs_idmap_lookup_name(uid, "user", buf, buflen, idmap);
868  if (ret < 0)
869  ret = nfs_map_numeric_to_string(uid, buf, buflen);
870  return ret;
871 }
872 int nfs_map_gid_to_group(const struct nfs_server *server, __u32 gid, char *buf, size_t buflen)
873 {
874  struct idmap *idmap = server->nfs_client->cl_idmap;
875  int ret = -EINVAL;
876 
877  if (!(server->caps & NFS_CAP_UIDGID_NOMAP))
878  ret = nfs_idmap_lookup_name(gid, "group", buf, buflen, idmap);
879  if (ret < 0)
880  ret = nfs_map_numeric_to_string(gid, buf, buflen);
881  return ret;
882 }
Generated on Thu Jan 10 2013 13:02:42 for Linux Kernel by   doxygen 1.8.2