linux/fs/afs/security.c
<<
>>
Prefs
   1/* AFS security handling
   2 *
   3 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
   4 * Written by David Howells (dhowells@redhat.com)
   5 *
   6 * This program is free software; you can redistribute it and/or
   7 * modify it under the terms of the GNU General Public License
   8 * as published by the Free Software Foundation; either version
   9 * 2 of the License, or (at your option) any later version.
  10 */
  11
  12#include <linux/init.h>
  13#include <linux/slab.h>
  14#include <linux/fs.h>
  15#include <linux/ctype.h>
  16#include <linux/sched.h>
  17#include <keys/rxrpc-type.h>
  18#include "internal.h"
  19
  20/*
  21 * get a key
  22 */
  23struct key *afs_request_key(struct afs_cell *cell)
  24{
  25        struct key *key;
  26
  27        _enter("{%x}", key_serial(cell->anonymous_key));
  28
  29        _debug("key %s", cell->anonymous_key->description);
  30        key = request_key(&key_type_rxrpc, cell->anonymous_key->description,
  31                          NULL);
  32        if (IS_ERR(key)) {
  33                if (PTR_ERR(key) != -ENOKEY) {
  34                        _leave(" = %ld", PTR_ERR(key));
  35                        return key;
  36                }
  37
  38                /* act as anonymous user */
  39                _leave(" = {%x} [anon]", key_serial(cell->anonymous_key));
  40                return key_get(cell->anonymous_key);
  41        } else {
  42                /* act as authorised user */
  43                _leave(" = {%x} [auth]", key_serial(key));
  44                return key;
  45        }
  46}
  47
  48/*
  49 * dispose of a permits list
  50 */
  51void afs_zap_permits(struct rcu_head *rcu)
  52{
  53        struct afs_permits *permits =
  54                container_of(rcu, struct afs_permits, rcu);
  55        int loop;
  56
  57        _enter("{%d}", permits->count);
  58
  59        for (loop = permits->count - 1; loop >= 0; loop--)
  60                key_put(permits->permits[loop].key);
  61        kfree(permits);
  62}
  63
  64/*
  65 * dispose of a permits list in which all the key pointers have been copied
  66 */
  67static void afs_dispose_of_permits(struct rcu_head *rcu)
  68{
  69        struct afs_permits *permits =
  70                container_of(rcu, struct afs_permits, rcu);
  71
  72        _enter("{%d}", permits->count);
  73
  74        kfree(permits);
  75}
  76
  77/*
  78 * get the authorising vnode - this is the specified inode itself if it's a
  79 * directory or it's the parent directory if the specified inode is a file or
  80 * symlink
  81 * - the caller must release the ref on the inode
  82 */
  83static struct afs_vnode *afs_get_auth_inode(struct afs_vnode *vnode,
  84                                            struct key *key)
  85{
  86        struct afs_vnode *auth_vnode;
  87        struct inode *auth_inode;
  88
  89        _enter("");
  90
  91        if (S_ISDIR(vnode->vfs_inode.i_mode)) {
  92                auth_inode = igrab(&vnode->vfs_inode);
  93                ASSERT(auth_inode != NULL);
  94        } else {
  95                auth_inode = afs_iget(vnode->vfs_inode.i_sb, key,
  96                                      &vnode->status.parent, NULL, NULL);
  97                if (IS_ERR(auth_inode))
  98                        return ERR_CAST(auth_inode);
  99        }
 100
 101        auth_vnode = AFS_FS_I(auth_inode);
 102        _leave(" = {%x}", auth_vnode->fid.vnode);
 103        return auth_vnode;
 104}
 105
 106/*
 107 * clear the permit cache on a directory vnode
 108 */
 109void afs_clear_permits(struct afs_vnode *vnode)
 110{
 111        struct afs_permits *permits;
 112
 113        _enter("{%x:%u}", vnode->fid.vid, vnode->fid.vnode);
 114
 115        mutex_lock(&vnode->permits_lock);
 116        permits = vnode->permits;
 117        rcu_assign_pointer(vnode->permits, NULL);
 118        mutex_unlock(&vnode->permits_lock);
 119
 120        if (permits)
 121                call_rcu(&permits->rcu, afs_zap_permits);
 122        _leave("");
 123}
 124
 125/*
 126 * add the result obtained for a vnode to its or its parent directory's cache
 127 * for the key used to access it
 128 */
 129void afs_cache_permit(struct afs_vnode *vnode, struct key *key, long acl_order)
 130{
 131        struct afs_permits *permits, *xpermits;
 132        struct afs_permit *permit;
 133        struct afs_vnode *auth_vnode;
 134        int count, loop;
 135
 136        _enter("{%x:%u},%x,%lx",
 137               vnode->fid.vid, vnode->fid.vnode, key_serial(key), acl_order);
 138
 139        auth_vnode = afs_get_auth_inode(vnode, key);
 140        if (IS_ERR(auth_vnode)) {
 141                _leave(" [get error %ld]", PTR_ERR(auth_vnode));
 142                return;
 143        }
 144
 145        mutex_lock(&auth_vnode->permits_lock);
 146
 147        /* guard against a rename being detected whilst we waited for the
 148         * lock */
 149        if (memcmp(&auth_vnode->fid, &vnode->status.parent,
 150                   sizeof(struct afs_fid)) != 0) {
 151                _debug("renamed");
 152                goto out_unlock;
 153        }
 154
 155        /* have to be careful as the directory's callback may be broken between
 156         * us receiving the status we're trying to cache and us getting the
 157         * lock to update the cache for the status */
 158        if (auth_vnode->acl_order - acl_order > 0) {
 159                _debug("ACL changed?");
 160                goto out_unlock;
 161        }
 162
 163        /* always update the anonymous mask */
 164        _debug("anon access %x", vnode->status.anon_access);
 165        auth_vnode->status.anon_access = vnode->status.anon_access;
 166        if (key == vnode->volume->cell->anonymous_key)
 167                goto out_unlock;
 168
 169        xpermits = auth_vnode->permits;
 170        count = 0;
 171        if (xpermits) {
 172                /* see if the permit is already in the list
 173                 * - if it is then we just amend the list
 174                 */
 175                count = xpermits->count;
 176                permit = xpermits->permits;
 177                for (loop = count; loop > 0; loop--) {
 178                        if (permit->key == key) {
 179                                permit->access_mask =
 180                                        vnode->status.caller_access;
 181                                goto out_unlock;
 182                        }
 183                        permit++;
 184                }
 185        }
 186
 187        permits = kmalloc(sizeof(*permits) + sizeof(*permit) * (count + 1),
 188                          GFP_NOFS);
 189        if (!permits)
 190                goto out_unlock;
 191
 192        if (xpermits)
 193                memcpy(permits->permits, xpermits->permits,
 194                        count * sizeof(struct afs_permit));
 195
 196        _debug("key %x access %x",
 197               key_serial(key), vnode->status.caller_access);
 198        permits->permits[count].access_mask = vnode->status.caller_access;
 199        permits->permits[count].key = key_get(key);
 200        permits->count = count + 1;
 201
 202        rcu_assign_pointer(auth_vnode->permits, permits);
 203        if (xpermits)
 204                call_rcu(&xpermits->rcu, afs_dispose_of_permits);
 205
 206out_unlock:
 207        mutex_unlock(&auth_vnode->permits_lock);
 208        iput(&auth_vnode->vfs_inode);
 209        _leave("");
 210}
 211
 212/*
 213 * check with the fileserver to see if the directory or parent directory is
 214 * permitted to be accessed with this authorisation, and if so, what access it
 215 * is granted
 216 */
 217static int afs_check_permit(struct afs_vnode *vnode, struct key *key,
 218                            afs_access_t *_access)
 219{
 220        struct afs_permits *permits;
 221        struct afs_permit *permit;
 222        struct afs_vnode *auth_vnode;
 223        bool176                 224loop--) {
ref="+code=rcu" class="sref">key_gere
 225 226_enter("{%x:%u},%x,%,
 227vnode->fid.vid, vnode->fid.vnode, key_serial(key),  228 229auth_vnode = afs_get_auth_inode(vnode, key);
 230IS_ERR(auth_vnode)) {
 231_access)
 232_leave(" = {%d]", PTR_ERR(auth_vnode));
 233PTR_ERR(auth_vnode));
 234 235 236ASSERT(S_ISDIR(auth_vnode->vfs_inode);
i_mode)) {
 237 238/* see ifwith trmit is alse if the di;re tryve
 239key == auth_vnode->volume->cell->anonymous_key)
 240_debug("anon acces);
 241_access)
auth_vnode->status.anon_access;
 242auth_vtrus 243 244fida 245permitsignin t classpan href="fs/afs/security.c#L210" id="L136" c2ass="line" name="L146"> 246permits = fidauth_vnode->permits,  247permits) + sizeref="fs/afs/security.c#L95" id2="L128" c2ass="line" name="L148"> 248permit;
permits->permits[ 249loop = permits->count = loop > 0; loop--) {
 250permit;
key == key) {
 251_debug("anon afa> de lifor t);
 252_access)
permit->access_mask =
 253auth_vtrus 254 255 256permit->< href="fs/afs/security.c#L184" i2="L157" c2ass="line" name="L157"> 257 258 259mutex_signin t " classpan href="fs/afs/security.c#L210" id="L160" c2ass="line" name="L160"> 260 261 262 263/* see ifwith trmit */
 264                 */-&)pan>
 265_debug("anon ano +co< t is al);
 266 267permit"et_basa href="+code=auth_v_IASSERTvnode->_accesflags 268key_gere
statust_au/a>-&_fetch_" clasa href="+code=vnode" class="sref">vnode, auth_vnode->key);
 269key_gere
 270iput(&auth_vnode->vfs_inode);
 271_access)
 272_leave(" = {%d]&qut, key_gere
 273key_gere
 274 275_access)
vnode->status.caller_access;
 276 277 278iput(&auth_vnode->vfs_inode);
 279_leave("", _access)
 280 281 282 283 * chean>
 284 * permitwith trmit is ak
 285 * is gra-=-> 286 * add th t directory's cache 287 * for tn>
 288statust_au is akvfs_in/a>);
vfs_in/a>);
accessa> =
 289 290afs_vnode *vnode, struASSERTvfs_in/a>);
 291afs_access_t *_enteruninitialized_vasa href="+code=auth_vn class="sref">anon_ac/a>)
 292key *key,
 293key_gere
 294 295accessa> =
accessMAY_NOT_BLOCK
 296accessECHILD 297 298_enter("{%xx:%u},%x,%lx;x,%lx/span>,
 299vnode->fid.vid, vnode->fid.vnode, vnode->_accesflagsaccessa> =
 300 301key = anonymoessrequestclasa href="+code=vnode" class="sref">vnode, volume->cell-> 302IS_ERR(key),  303_leave(" = {%d]&quld [>),;, PTR_ERR(key),  304PTR_ERR(key);
 305 306 307/* guard  permit ro ake has expry&d,st anete accwith trmit to seet a r tn>
 308vnode, fid 309_debug("anon anott ro ake;);
 310key_gere
statust_au/a>-&_fetch_" clasa href="+code=vnode" class="sref">vnode, vnodekey);
 311key_gere
 312key_ge% 313_debug("anon anewt ro ake [fl=,%lx;, vnode->_accesflags 314 315 316/* guard with trmit is alse if the di;re tryve
 317key_gere
afs_check_permit(structf="+code=vnode" class="sref">vnode, key,
anon_ac/a>)
 318key_gere
 319key_ge% 320 321/* guard  a>(
 322_debug("anon aREQx accessACCx accessonx accesx/span>,
 323accessa> =
anon_ac/a>)
S_ISDIR(vfs_in/a>);
i_mode)) {
"anon adirx/span>,
"anon arver);
 324 325S_ISDIR(vfs_in/a>);
i_mode)) {
 326accessa> =
accessMAY_EXEC     href="fs/afs/security.c#L179" i3="L127" c3ass="line" name="L127"> 327anon_ac/a>)
ASSERT 328fid 329accessa> =
accessMAY_READ     href="fs/afs/security.c#L179" i3="L130" c3ass="line" name="L130"> 330anon_ac/a>)
access 331fid 332accessa> =
accessMAY_WRITE     href="fs/afs/security.c#L179" i3="L223" c3ass="line" name="L133"> 333anon_ac/a>)
access_I/* guard rmdir, unnamk, reL133 fro pan>
 334ASSERT/* guard create, mkdir, symnamk, reL133 hrean>
 335access_I/* guard wia>)ean>
 336fid 337 338fid 339 340 341anon_ac/a>)
ASSERT 342fid 343accessa> =
accessMAY_EXEC    e|tc="+code=count"MAY_READs="sref">accessMAY_READ      href="fs/afs/security.c#L179" i3="L144" c3ass="line" name="L144"> 344anon_ac/a>)
access 345fid 346accessa> =
accessMAY_WRITE     href="fs/afs/security.c#L179" i3="L127" c3ass="line" name="L147"> 347anon_ac/a>)
access_I 348fid 349 350 351 352iputkey);
 353key_gere
statusgeneric_ is akvfs_in/a>);
accessa> =
 354_leave(" = {%d]&qut, key_gere
 355key_gere
 356 357fid 358key_gere
GFP_NOEACCEs 359key_ge% 360iputkey);
 361_leave(" = {%d]&qut, key_gere
 362key_gere
 363 364


c/div>


The original LXR softwaingbynonymf="fs/afshttp://sourceforge.net/projects/lxss>LXR t">/unL21
lxs@namux.no


lxs.namux.no kindly hos be bynf="fs/afshttp://www.redpill-nampro.no">Redpill Lampro AS
) sincea>  5.
c/div>