Root/
1 | /* |
2 | * Mapping of UID/GIDs to name and vice versa. |
3 | * |
4 | * Copyright (c) 2002, 2003 The Regents of the University of |
5 | * Michigan. All rights reserved. |
6 | * |
7 | * Marius Aamodt Eriksen <marius@umich.edu> |
8 | * |
9 | * Redistribution and use in source and binary forms, with or without |
10 | * modification, are permitted provided that the following conditions |
11 | * are met: |
12 | * |
13 | * 1. Redistributions of source code must retain the above copyright |
14 | * notice, this list of conditions and the following disclaimer. |
15 | * 2. Redistributions in binary form must reproduce the above copyright |
16 | * notice, this list of conditions and the following disclaimer in the |
17 | * documentation and/or other materials provided with the distribution. |
18 | * 3. Neither the name of the University nor the names of its |
19 | * contributors may be used to endorse or promote products derived |
20 | * from this software without specific prior written permission. |
21 | * |
22 | * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED |
23 | * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF |
24 | * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE |
25 | * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE |
26 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
27 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
28 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR |
29 | * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF |
30 | * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING |
31 | * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS |
32 | * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
33 | */ |
34 | |
35 | #include <linux/module.h> |
36 | #include <linux/seq_file.h> |
37 | #include <linux/sched.h> |
38 | #include <linux/slab.h> |
39 | #include "idmap.h" |
40 | #include "nfsd.h" |
41 | |
42 | /* |
43 | * Cache entry |
44 | */ |
45 | |
46 | /* |
47 | * XXX we know that IDMAP_NAMESZ < PAGE_SIZE, but it's ugly to rely on |
48 | * that. |
49 | */ |
50 | |
51 | #define IDMAP_TYPE_USER 0 |
52 | #define IDMAP_TYPE_GROUP 1 |
53 | |
54 | struct ent { |
55 | struct cache_head h; |
56 | int type; /* User / Group */ |
57 | uid_t id; |
58 | char name[IDMAP_NAMESZ]; |
59 | char authname[IDMAP_NAMESZ]; |
60 | }; |
61 | |
62 | /* Common entry handling */ |
63 | |
64 | #define ENT_HASHBITS 8 |
65 | #define ENT_HASHMAX (1 << ENT_HASHBITS) |
66 | |
67 | static void |
68 | ent_init(struct cache_head *cnew, struct cache_head *citm) |
69 | { |
70 | struct ent *new = container_of(cnew, struct ent, h); |
71 | struct ent *itm = container_of(citm, struct ent, h); |
72 | |
73 | new->id = itm->id; |
74 | new->type = itm->type; |
75 | |
76 | strlcpy(new->name, itm->name, sizeof(new->name)); |
77 | strlcpy(new->authname, itm->authname, sizeof(new->name)); |
78 | } |
79 | |
80 | static void |
81 | ent_put(struct kref *ref) |
82 | { |
83 | struct ent *map = container_of(ref, struct ent, h.ref); |
84 | kfree(map); |
85 | } |
86 | |
87 | static struct cache_head * |
88 | ent_alloc(void) |
89 | { |
90 | struct ent *e = kmalloc(sizeof(*e), GFP_KERNEL); |
91 | if (e) |
92 | return &e->h; |
93 | else |
94 | return NULL; |
95 | } |
96 | |
97 | /* |
98 | * ID -> Name cache |
99 | */ |
100 | |
101 | static struct cache_head *idtoname_table[ENT_HASHMAX]; |
102 | |
103 | static uint32_t |
104 | idtoname_hash(struct ent *ent) |
105 | { |
106 | uint32_t hash; |
107 | |
108 | hash = hash_str(ent->authname, ENT_HASHBITS); |
109 | hash = hash_long(hash ^ ent->id, ENT_HASHBITS); |
110 | |
111 | /* Flip LSB for user/group */ |
112 | if (ent->type == IDMAP_TYPE_GROUP) |
113 | hash ^= 1; |
114 | |
115 | return hash; |
116 | } |
117 | |
118 | static void |
119 | idtoname_request(struct cache_detail *cd, struct cache_head *ch, char **bpp, |
120 | int *blen) |
121 | { |
122 | struct ent *ent = container_of(ch, struct ent, h); |
123 | char idstr[11]; |
124 | |
125 | qword_add(bpp, blen, ent->authname); |
126 | snprintf(idstr, sizeof(idstr), "%u", ent->id); |
127 | qword_add(bpp, blen, ent->type == IDMAP_TYPE_GROUP ? "group" : "user"); |
128 | qword_add(bpp, blen, idstr); |
129 | |
130 | (*bpp)[-1] = '\n'; |
131 | } |
132 | |
133 | static int |
134 | idtoname_upcall(struct cache_detail *cd, struct cache_head *ch) |
135 | { |
136 | return sunrpc_cache_pipe_upcall(cd, ch, idtoname_request); |
137 | } |
138 | |
139 | static int |
140 | idtoname_match(struct cache_head *ca, struct cache_head *cb) |
141 | { |
142 | struct ent *a = container_of(ca, struct ent, h); |
143 | struct ent *b = container_of(cb, struct ent, h); |
144 | |
145 | return (a->id == b->id && a->type == b->type && |
146 | strcmp(a->authname, b->authname) == 0); |
147 | } |
148 | |
149 | static int |
150 | idtoname_show(struct seq_file *m, struct cache_detail *cd, struct cache_head *h) |
151 | { |
152 | struct ent *ent; |
153 | |
154 | if (h == NULL) { |
155 | seq_puts(m, "#domain type id [name]\n"); |
156 | return 0; |
157 | } |
158 | ent = container_of(h, struct ent, h); |
159 | seq_printf(m, "%s %s %u", ent->authname, |
160 | ent->type == IDMAP_TYPE_GROUP ? "group" : "user", |
161 | ent->id); |
162 | if (test_bit(CACHE_VALID, &h->flags)) |
163 | seq_printf(m, " %s", ent->name); |
164 | seq_printf(m, "\n"); |
165 | return 0; |
166 | } |
167 | |
168 | static void |
169 | warn_no_idmapd(struct cache_detail *detail, int has_died) |
170 | { |
171 | printk("nfsd: nfsv4 idmapping failing: has idmapd %s?\n", |
172 | has_died ? "died" : "not been started"); |
173 | } |
174 | |
175 | |
176 | static int idtoname_parse(struct cache_detail *, char *, int); |
177 | static struct ent *idtoname_lookup(struct ent *); |
178 | static struct ent *idtoname_update(struct ent *, struct ent *); |
179 | |
180 | static struct cache_detail idtoname_cache = { |
181 | .owner = THIS_MODULE, |
182 | .hash_size = ENT_HASHMAX, |
183 | .hash_table = idtoname_table, |
184 | .name = "nfs4.idtoname", |
185 | .cache_put = ent_put, |
186 | .cache_upcall = idtoname_upcall, |
187 | .cache_parse = idtoname_parse, |
188 | .cache_show = idtoname_show, |
189 | .warn_no_listener = warn_no_idmapd, |
190 | .match = idtoname_match, |
191 | .init = ent_init, |
192 | .update = ent_init, |
193 | .alloc = ent_alloc, |
194 | }; |
195 | |
196 | static int |
197 | idtoname_parse(struct cache_detail *cd, char *buf, int buflen) |
198 | { |
199 | struct ent ent, *res; |
200 | char *buf1, *bp; |
201 | int len; |
202 | int error = -EINVAL; |
203 | |
204 | if (buf[buflen - 1] != '\n') |
205 | return (-EINVAL); |
206 | buf[buflen - 1]= '\0'; |
207 | |
208 | buf1 = kmalloc(PAGE_SIZE, GFP_KERNEL); |
209 | if (buf1 == NULL) |
210 | return (-ENOMEM); |
211 | |
212 | memset(&ent, 0, sizeof(ent)); |
213 | |
214 | /* Authentication name */ |
215 | if (qword_get(&buf, buf1, PAGE_SIZE) <= 0) |
216 | goto out; |
217 | memcpy(ent.authname, buf1, sizeof(ent.authname)); |
218 | |
219 | /* Type */ |
220 | if (qword_get(&buf, buf1, PAGE_SIZE) <= 0) |
221 | goto out; |
222 | ent.type = strcmp(buf1, "user") == 0 ? |
223 | IDMAP_TYPE_USER : IDMAP_TYPE_GROUP; |
224 | |
225 | /* ID */ |
226 | if (qword_get(&buf, buf1, PAGE_SIZE) <= 0) |
227 | goto out; |
228 | ent.id = simple_strtoul(buf1, &bp, 10); |
229 | if (bp == buf1) |
230 | goto out; |
231 | |
232 | /* expiry */ |
233 | ent.h.expiry_time = get_expiry(&buf); |
234 | if (ent.h.expiry_time == 0) |
235 | goto out; |
236 | |
237 | error = -ENOMEM; |
238 | res = idtoname_lookup(&ent); |
239 | if (!res) |
240 | goto out; |
241 | |
242 | /* Name */ |
243 | error = -EINVAL; |
244 | len = qword_get(&buf, buf1, PAGE_SIZE); |
245 | if (len < 0) |
246 | goto out; |
247 | if (len == 0) |
248 | set_bit(CACHE_NEGATIVE, &ent.h.flags); |
249 | else if (len >= IDMAP_NAMESZ) |
250 | goto out; |
251 | else |
252 | memcpy(ent.name, buf1, sizeof(ent.name)); |
253 | error = -ENOMEM; |
254 | res = idtoname_update(&ent, res); |
255 | if (res == NULL) |
256 | goto out; |
257 | |
258 | cache_put(&res->h, &idtoname_cache); |
259 | |
260 | error = 0; |
261 | out: |
262 | kfree(buf1); |
263 | |
264 | return error; |
265 | } |
266 | |
267 | |
268 | static struct ent * |
269 | idtoname_lookup(struct ent *item) |
270 | { |
271 | struct cache_head *ch = sunrpc_cache_lookup(&idtoname_cache, |
272 | &item->h, |
273 | idtoname_hash(item)); |
274 | if (ch) |
275 | return container_of(ch, struct ent, h); |
276 | else |
277 | return NULL; |
278 | } |
279 | |
280 | static struct ent * |
281 | idtoname_update(struct ent *new, struct ent *old) |
282 | { |
283 | struct cache_head *ch = sunrpc_cache_update(&idtoname_cache, |
284 | &new->h, &old->h, |
285 | idtoname_hash(new)); |
286 | if (ch) |
287 | return container_of(ch, struct ent, h); |
288 | else |
289 | return NULL; |
290 | } |
291 | |
292 | |
293 | /* |
294 | * Name -> ID cache |
295 | */ |
296 | |
297 | static struct cache_head *nametoid_table[ENT_HASHMAX]; |
298 | |
299 | static inline int |
300 | nametoid_hash(struct ent *ent) |
301 | { |
302 | return hash_str(ent->name, ENT_HASHBITS); |
303 | } |
304 | |
305 | static void |
306 | nametoid_request(struct cache_detail *cd, struct cache_head *ch, char **bpp, |
307 | int *blen) |
308 | { |
309 | struct ent *ent = container_of(ch, struct ent, h); |
310 | |
311 | qword_add(bpp, blen, ent->authname); |
312 | qword_add(bpp, blen, ent->type == IDMAP_TYPE_GROUP ? "group" : "user"); |
313 | qword_add(bpp, blen, ent->name); |
314 | |
315 | (*bpp)[-1] = '\n'; |
316 | } |
317 | |
318 | static int |
319 | nametoid_upcall(struct cache_detail *cd, struct cache_head *ch) |
320 | { |
321 | return sunrpc_cache_pipe_upcall(cd, ch, nametoid_request); |
322 | } |
323 | |
324 | static int |
325 | nametoid_match(struct cache_head *ca, struct cache_head *cb) |
326 | { |
327 | struct ent *a = container_of(ca, struct ent, h); |
328 | struct ent *b = container_of(cb, struct ent, h); |
329 | |
330 | return (a->type == b->type && strcmp(a->name, b->name) == 0 && |
331 | strcmp(a->authname, b->authname) == 0); |
332 | } |
333 | |
334 | static int |
335 | nametoid_show(struct seq_file *m, struct cache_detail *cd, struct cache_head *h) |
336 | { |
337 | struct ent *ent; |
338 | |
339 | if (h == NULL) { |
340 | seq_puts(m, "#domain type name [id]\n"); |
341 | return 0; |
342 | } |
343 | ent = container_of(h, struct ent, h); |
344 | seq_printf(m, "%s %s %s", ent->authname, |
345 | ent->type == IDMAP_TYPE_GROUP ? "group" : "user", |
346 | ent->name); |
347 | if (test_bit(CACHE_VALID, &h->flags)) |
348 | seq_printf(m, " %u", ent->id); |
349 | seq_printf(m, "\n"); |
350 | return 0; |
351 | } |
352 | |
353 | static struct ent *nametoid_lookup(struct ent *); |
354 | static struct ent *nametoid_update(struct ent *, struct ent *); |
355 | static int nametoid_parse(struct cache_detail *, char *, int); |
356 | |
357 | static struct cache_detail nametoid_cache = { |
358 | .owner = THIS_MODULE, |
359 | .hash_size = ENT_HASHMAX, |
360 | .hash_table = nametoid_table, |
361 | .name = "nfs4.nametoid", |
362 | .cache_put = ent_put, |
363 | .cache_upcall = nametoid_upcall, |
364 | .cache_parse = nametoid_parse, |
365 | .cache_show = nametoid_show, |
366 | .warn_no_listener = warn_no_idmapd, |
367 | .match = nametoid_match, |
368 | .init = ent_init, |
369 | .update = ent_init, |
370 | .alloc = ent_alloc, |
371 | }; |
372 | |
373 | static int |
374 | nametoid_parse(struct cache_detail *cd, char *buf, int buflen) |
375 | { |
376 | struct ent ent, *res; |
377 | char *buf1; |
378 | int error = -EINVAL; |
379 | |
380 | if (buf[buflen - 1] != '\n') |
381 | return (-EINVAL); |
382 | buf[buflen - 1]= '\0'; |
383 | |
384 | buf1 = kmalloc(PAGE_SIZE, GFP_KERNEL); |
385 | if (buf1 == NULL) |
386 | return (-ENOMEM); |
387 | |
388 | memset(&ent, 0, sizeof(ent)); |
389 | |
390 | /* Authentication name */ |
391 | if (qword_get(&buf, buf1, PAGE_SIZE) <= 0) |
392 | goto out; |
393 | memcpy(ent.authname, buf1, sizeof(ent.authname)); |
394 | |
395 | /* Type */ |
396 | if (qword_get(&buf, buf1, PAGE_SIZE) <= 0) |
397 | goto out; |
398 | ent.type = strcmp(buf1, "user") == 0 ? |
399 | IDMAP_TYPE_USER : IDMAP_TYPE_GROUP; |
400 | |
401 | /* Name */ |
402 | error = qword_get(&buf, buf1, PAGE_SIZE); |
403 | if (error <= 0 || error >= IDMAP_NAMESZ) |
404 | goto out; |
405 | memcpy(ent.name, buf1, sizeof(ent.name)); |
406 | |
407 | /* expiry */ |
408 | ent.h.expiry_time = get_expiry(&buf); |
409 | if (ent.h.expiry_time == 0) |
410 | goto out; |
411 | |
412 | /* ID */ |
413 | error = get_int(&buf, &ent.id); |
414 | if (error == -EINVAL) |
415 | goto out; |
416 | if (error == -ENOENT) |
417 | set_bit(CACHE_NEGATIVE, &ent.h.flags); |
418 | |
419 | error = -ENOMEM; |
420 | res = nametoid_lookup(&ent); |
421 | if (res == NULL) |
422 | goto out; |
423 | res = nametoid_update(&ent, res); |
424 | if (res == NULL) |
425 | goto out; |
426 | |
427 | cache_put(&res->h, &nametoid_cache); |
428 | error = 0; |
429 | out: |
430 | kfree(buf1); |
431 | |
432 | return (error); |
433 | } |
434 | |
435 | |
436 | static struct ent * |
437 | nametoid_lookup(struct ent *item) |
438 | { |
439 | struct cache_head *ch = sunrpc_cache_lookup(&nametoid_cache, |
440 | &item->h, |
441 | nametoid_hash(item)); |
442 | if (ch) |
443 | return container_of(ch, struct ent, h); |
444 | else |
445 | return NULL; |
446 | } |
447 | |
448 | static struct ent * |
449 | nametoid_update(struct ent *new, struct ent *old) |
450 | { |
451 | struct cache_head *ch = sunrpc_cache_update(&nametoid_cache, |
452 | &new->h, &old->h, |
453 | nametoid_hash(new)); |
454 | if (ch) |
455 | return container_of(ch, struct ent, h); |
456 | else |
457 | return NULL; |
458 | } |
459 | |
460 | /* |
461 | * Exported API |
462 | */ |
463 | |
464 | int |
465 | nfsd_idmap_init(void) |
466 | { |
467 | int rv; |
468 | |
469 | rv = cache_register(&idtoname_cache); |
470 | if (rv) |
471 | return rv; |
472 | rv = cache_register(&nametoid_cache); |
473 | if (rv) |
474 | cache_unregister(&idtoname_cache); |
475 | return rv; |
476 | } |
477 | |
478 | void |
479 | nfsd_idmap_shutdown(void) |
480 | { |
481 | cache_unregister(&idtoname_cache); |
482 | cache_unregister(&nametoid_cache); |
483 | } |
484 | |
485 | static int |
486 | idmap_lookup(struct svc_rqst *rqstp, |
487 | struct ent *(*lookup_fn)(struct ent *), struct ent *key, |
488 | struct cache_detail *detail, struct ent **item) |
489 | { |
490 | int ret; |
491 | |
492 | *item = lookup_fn(key); |
493 | if (!*item) |
494 | return -ENOMEM; |
495 | retry: |
496 | ret = cache_check(detail, &(*item)->h, &rqstp->rq_chandle); |
497 | |
498 | if (ret == -ETIMEDOUT) { |
499 | struct ent *prev_item = *item; |
500 | *item = lookup_fn(key); |
501 | if (*item != prev_item) |
502 | goto retry; |
503 | cache_put(&(*item)->h, detail); |
504 | } |
505 | return ret; |
506 | } |
507 | |
508 | static char * |
509 | rqst_authname(struct svc_rqst *rqstp) |
510 | { |
511 | struct auth_domain *clp; |
512 | |
513 | clp = rqstp->rq_gssclient ? rqstp->rq_gssclient : rqstp->rq_client; |
514 | return clp->name; |
515 | } |
516 | |
517 | static __be32 |
518 | idmap_name_to_id(struct svc_rqst *rqstp, int type, const char *name, u32 namelen, |
519 | uid_t *id) |
520 | { |
521 | struct ent *item, key = { |
522 | .type = type, |
523 | }; |
524 | int ret; |
525 | |
526 | if (namelen + 1 > sizeof(key.name)) |
527 | return nfserr_badowner; |
528 | memcpy(key.name, name, namelen); |
529 | key.name[namelen] = '\0'; |
530 | strlcpy(key.authname, rqst_authname(rqstp), sizeof(key.authname)); |
531 | ret = idmap_lookup(rqstp, nametoid_lookup, &key, &nametoid_cache, &item); |
532 | if (ret == -ENOENT) |
533 | return nfserr_badowner; |
534 | if (ret) |
535 | return nfserrno(ret); |
536 | *id = item->id; |
537 | cache_put(&item->h, &nametoid_cache); |
538 | return 0; |
539 | } |
540 | |
541 | static int |
542 | idmap_id_to_name(struct svc_rqst *rqstp, int type, uid_t id, char *name) |
543 | { |
544 | struct ent *item, key = { |
545 | .id = id, |
546 | .type = type, |
547 | }; |
548 | int ret; |
549 | |
550 | strlcpy(key.authname, rqst_authname(rqstp), sizeof(key.authname)); |
551 | ret = idmap_lookup(rqstp, idtoname_lookup, &key, &idtoname_cache, &item); |
552 | if (ret == -ENOENT) |
553 | return sprintf(name, "%u", id); |
554 | if (ret) |
555 | return ret; |
556 | ret = strlen(item->name); |
557 | BUG_ON(ret > IDMAP_NAMESZ); |
558 | memcpy(name, item->name, ret); |
559 | cache_put(&item->h, &idtoname_cache); |
560 | return ret; |
561 | } |
562 | |
563 | __be32 |
564 | nfsd_map_name_to_uid(struct svc_rqst *rqstp, const char *name, size_t namelen, |
565 | __u32 *id) |
566 | { |
567 | return idmap_name_to_id(rqstp, IDMAP_TYPE_USER, name, namelen, id); |
568 | } |
569 | |
570 | __be32 |
571 | nfsd_map_name_to_gid(struct svc_rqst *rqstp, const char *name, size_t namelen, |
572 | __u32 *id) |
573 | { |
574 | return idmap_name_to_id(rqstp, IDMAP_TYPE_GROUP, name, namelen, id); |
575 | } |
576 | |
577 | int |
578 | nfsd_map_uid_to_name(struct svc_rqst *rqstp, __u32 id, char *name) |
579 | { |
580 | return idmap_id_to_name(rqstp, IDMAP_TYPE_USER, id, name); |
581 | } |
582 | |
583 | int |
584 | nfsd_map_gid_to_name(struct svc_rqst *rqstp, __u32 id, char *name) |
585 | { |
586 | return idmap_id_to_name(rqstp, IDMAP_TYPE_GROUP, id, name); |
587 | } |
588 |
Branches:
ben-wpan
ben-wpan-stefan
javiroman/ks7010
jz-2.6.34
jz-2.6.34-rc5
jz-2.6.34-rc6
jz-2.6.34-rc7
jz-2.6.35
jz-2.6.36
jz-2.6.37
jz-2.6.38
jz-2.6.39
jz-3.0
jz-3.1
jz-3.11
jz-3.12
jz-3.13
jz-3.15
jz-3.16
jz-3.18-dt
jz-3.2
jz-3.3
jz-3.4
jz-3.5
jz-3.6
jz-3.6-rc2-pwm
jz-3.9
jz-3.9-clk
jz-3.9-rc8
jz47xx
jz47xx-2.6.38
master
Tags:
od-2011-09-04
od-2011-09-18
v2.6.34-rc5
v2.6.34-rc6
v2.6.34-rc7
v3.9