1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Establish a TLS session for a kernel socket consumer
4 * using the tlshd user space handler.
5 *
6 * Author: Chuck Lever <chuck.lever@oracle.com>
7 *
8 * Copyright (c) 2021-2023, Oracle and/or its affiliates.
9 */
10
11 #include <linux/types.h>
12 #include <linux/socket.h>
13 #include <linux/kernel.h>
14 #include <linux/module.h>
15 #include <linux/slab.h>
16 #include <linux/key.h>
17
18 #include <net/sock.h>
19 #include <net/handshake.h>
20 #include <net/genetlink.h>
21 #include <net/tls_prot.h>
22
23 #include <uapi/linux/keyctl.h>
24 #include <uapi/linux/handshake.h>
25 #include "handshake.h"
26
27 struct tls_handshake_req {
28 void (*th_consumer_done)(void *data, int status,
29 key_serial_t peerid);
30 void *th_consumer_data;
31
32 int th_type;
33 unsigned int th_timeout_ms;
34 int th_auth_mode;
35 const char *th_peername;
36 key_serial_t th_keyring;
37 key_serial_t th_certificate;
38 key_serial_t th_privkey;
39
40 unsigned int th_num_peerids;
41 key_serial_t th_peerid[5];
42 };
43
44 static struct tls_handshake_req *
tls_handshake_req_init(struct handshake_req * req,const struct tls_handshake_args * args)45 tls_handshake_req_init(struct handshake_req *req,
46 const struct tls_handshake_args *args)
47 {
48 struct tls_handshake_req *treq = handshake_req_private(req);
49
50 treq->th_timeout_ms = args->ta_timeout_ms;
51 treq->th_consumer_done = args->ta_done;
52 treq->th_consumer_data = args->ta_data;
53 treq->th_peername = args->ta_peername;
54 treq->th_keyring = args->ta_keyring;
55 treq->th_num_peerids = 0;
56 treq->th_certificate = TLS_NO_CERT;
57 treq->th_privkey = TLS_NO_PRIVKEY;
58 return treq;
59 }
60
tls_handshake_remote_peerids(struct tls_handshake_req * treq,struct genl_info * info)61 static void tls_handshake_remote_peerids(struct tls_handshake_req *treq,
62 struct genl_info *info)
63 {
64 struct nlattr *head = nlmsg_attrdata(info->nlhdr, GENL_HDRLEN);
65 int rem, len = nlmsg_attrlen(info->nlhdr, GENL_HDRLEN);
66 struct nlattr *nla;
67 unsigned int i;
68
69 i = 0;
70 nla_for_each_attr(nla, head, len, rem) {
71 if (nla_type(nla) == HANDSHAKE_A_DONE_REMOTE_AUTH)
72 i++;
73 }
74 if (!i)
75 return;
76 treq->th_num_peerids = min_t(unsigned int, i,
77 ARRAY_SIZE(treq->th_peerid));
78
79 i = 0;
80 nla_for_each_attr(nla, head, len, rem) {
81 if (nla_type(nla) == HANDSHAKE_A_DONE_REMOTE_AUTH)
82 treq->th_peerid[i++] = nla_get_u32(nla);
83 if (i >= treq->th_num_peerids)
84 break;
85 }
86 }
87
88 /**
89 * tls_handshake_done - callback to handle a CMD_DONE request
90 * @req: socket on which the handshake was performed
91 * @status: session status code
92 * @info: full results of session establishment
93 *
94 */
tls_handshake_done(struct handshake_req * req,unsigned int status,struct genl_info * info)95 static void tls_handshake_done(struct handshake_req *req,
96 unsigned int status, struct genl_info *info)
97 {
98 struct tls_handshake_req *treq = handshake_req_private(req);
99
100 treq->th_peerid[0] = TLS_NO_PEERID;
101 if (info)
102 tls_handshake_remote_peerids(treq, info);
103
104 if (!status)
105 set_bit(HANDSHAKE_F_REQ_SESSION, &req->hr_flags);
106
107 treq->th_consumer_done(treq->th_consumer_data, -status,
108 treq->th_peerid[0]);
109 }
110
111 #if IS_ENABLED(CONFIG_KEYS)
tls_handshake_private_keyring(struct tls_handshake_req * treq)112 static int tls_handshake_private_keyring(struct tls_handshake_req *treq)
113 {
114 key_ref_t process_keyring_ref, keyring_ref;
115 int ret;
116
117 if (treq->th_keyring == TLS_NO_KEYRING)
118 return 0;
119
120 process_keyring_ref = lookup_user_key(KEY_SPEC_PROCESS_KEYRING,
121 KEY_LOOKUP_CREATE,
122 KEY_NEED_WRITE);
123 if (IS_ERR(process_keyring_ref)) {
124 ret = PTR_ERR(process_keyring_ref);
125 goto out;
126 }
127
128 keyring_ref = lookup_user_key(treq->th_keyring, KEY_LOOKUP_CREATE,
129 KEY_NEED_LINK);
130 if (IS_ERR(keyring_ref)) {
131 ret = PTR_ERR(keyring_ref);
132 goto out_put_key;
133 }
134
135 ret = key_link(key_ref_to_ptr(process_keyring_ref),
136 key_ref_to_ptr(keyring_ref));
137
138 key_ref_put(keyring_ref);
139 out_put_key:
140 key_ref_put(process_keyring_ref);
141 out:
142 return ret;
143 }
144 #else
tls_handshake_private_keyring(struct tls_handshake_req * treq)145 static int tls_handshake_private_keyring(struct tls_handshake_req *treq)
146 {
147 return 0;
148 }
149 #endif
150
tls_handshake_put_peer_identity(struct sk_buff * msg,struct tls_handshake_req * treq)151 static int tls_handshake_put_peer_identity(struct sk_buff *msg,
152 struct tls_handshake_req *treq)
153 {
154 unsigned int i;
155
156 for (i = 0; i < treq->th_num_peerids; i++)
157 if (nla_put_u32(msg, HANDSHAKE_A_ACCEPT_PEER_IDENTITY,
158 treq->th_peerid[i]) < 0)
159 return -EMSGSIZE;
160 return 0;
161 }
162
tls_handshake_put_certificate(struct sk_buff * msg,struct tls_handshake_req * treq)163 static int tls_handshake_put_certificate(struct sk_buff *msg,
164 struct tls_handshake_req *treq)
165 {
166 struct nlattr *entry_attr;
167
168 if (treq->th_certificate == TLS_NO_CERT &&
169 treq->th_privkey == TLS_NO_PRIVKEY)
170 return 0;
171
172 entry_attr = nla_nest_start(msg, HANDSHAKE_A_ACCEPT_CERTIFICATE);
173 if (!entry_attr)
174 return -EMSGSIZE;
175
176 if (nla_put_s32(msg, HANDSHAKE_A_X509_CERT,
177 treq->th_certificate) ||
178 nla_put_s32(msg, HANDSHAKE_A_X509_PRIVKEY,
179 treq->th_privkey)) {
180 nla_nest_cancel(msg, entry_attr);
181 return -EMSGSIZE;
182 }
183
184 nla_nest_end(msg, entry_attr);
185 return 0;
186 }
187
188 /**
189 * tls_handshake_accept - callback to construct a CMD_ACCEPT response
190 * @req: handshake parameters to return
191 * @info: generic netlink message context
192 * @fd: file descriptor to be returned
193 *
194 * Returns zero on success, or a negative errno on failure.
195 */
tls_handshake_accept(struct handshake_req * req,struct genl_info * info,int fd)196 static int tls_handshake_accept(struct handshake_req *req,
197 struct genl_info *info, int fd)
198 {
199 struct tls_handshake_req *treq = handshake_req_private(req);
200 struct nlmsghdr *hdr;
201 struct sk_buff *msg;
202 int ret;
203
204 ret = tls_handshake_private_keyring(treq);
205 if (ret < 0)
206 goto out;
207
208 ret = -ENOMEM;
209 msg = genlmsg_new(GENLMSG_DEFAULT_SIZE, GFP_KERNEL);
210 if (!msg)
211 goto out;
212 hdr = handshake_genl_put(msg, info);
213 if (!hdr)
214 goto out_cancel;
215
216 ret = nla_put_s32(msg, HANDSHAKE_A_ACCEPT_SOCKFD, fd);
217 if (ret < 0)
218 goto out_cancel;
219 ret = nla_put_u32(msg, HANDSHAKE_A_ACCEPT_MESSAGE_TYPE, treq->th_type);
220 if (ret < 0)
221 goto out_cancel;
222 if (treq->th_peername) {
223 ret = nla_put_string(msg, HANDSHAKE_A_ACCEPT_PEERNAME,
224 treq->th_peername);
225 if (ret < 0)
226 goto out_cancel;
227 }
228 if (treq->th_timeout_ms) {
229 ret = nla_put_u32(msg, HANDSHAKE_A_ACCEPT_TIMEOUT, treq->th_timeout_ms);
230 if (ret < 0)
231 goto out_cancel;
232 }
233
234 ret = nla_put_u32(msg, HANDSHAKE_A_ACCEPT_AUTH_MODE,
235 treq->th_auth_mode);
236 if (ret < 0)
237 goto out_cancel;
238 switch (treq->th_auth_mode) {
239 case HANDSHAKE_AUTH_PSK:
240 ret = tls_handshake_put_peer_identity(msg, treq);
241 if (ret < 0)
242 goto out_cancel;
243 break;
244 case HANDSHAKE_AUTH_X509:
245 ret = tls_handshake_put_certificate(msg, treq);
246 if (ret < 0)
247 goto out_cancel;
248 break;
249 }
250
251 genlmsg_end(msg, hdr);
252 return genlmsg_reply(msg, info);
253
254 out_cancel:
255 genlmsg_cancel(msg, hdr);
256 out:
257 return ret;
258 }
259
260 static const struct handshake_proto tls_handshake_proto = {
261 .hp_handler_class = HANDSHAKE_HANDLER_CLASS_TLSHD,
262 .hp_privsize = sizeof(struct tls_handshake_req),
263 .hp_flags = BIT(HANDSHAKE_F_PROTO_NOTIFY),
264
265 .hp_accept = tls_handshake_accept,
266 .hp_done = tls_handshake_done,
267 };
268
269 /**
270 * tls_client_hello_anon - request an anonymous TLS handshake on a socket
271 * @args: socket and handshake parameters for this request
272 * @flags: memory allocation control flags
273 *
274 * Return values:
275 * %0: Handshake request enqueue; ->done will be called when complete
276 * %-ESRCH: No user agent is available
277 * %-ENOMEM: Memory allocation failed
278 */
tls_client_hello_anon(const struct tls_handshake_args * args,gfp_t flags)279 int tls_client_hello_anon(const struct tls_handshake_args *args, gfp_t flags)
280 {
281 struct tls_handshake_req *treq;
282 struct handshake_req *req;
283
284 req = handshake_req_alloc(&tls_handshake_proto, flags);
285 if (!req)
286 return -ENOMEM;
287 treq = tls_handshake_req_init(req, args);
288 treq->th_type = HANDSHAKE_MSG_TYPE_CLIENTHELLO;
289 treq->th_auth_mode = HANDSHAKE_AUTH_UNAUTH;
290
291 return handshake_req_submit(args->ta_sock, req, flags);
292 }
293 EXPORT_SYMBOL(tls_client_hello_anon);
294
295 /**
296 * tls_client_hello_x509 - request an x.509-based TLS handshake on a socket
297 * @args: socket and handshake parameters for this request
298 * @flags: memory allocation control flags
299 *
300 * Return values:
301 * %0: Handshake request enqueue; ->done will be called when complete
302 * %-ESRCH: No user agent is available
303 * %-ENOMEM: Memory allocation failed
304 */
tls_client_hello_x509(const struct tls_handshake_args * args,gfp_t flags)305 int tls_client_hello_x509(const struct tls_handshake_args *args, gfp_t flags)
306 {
307 struct tls_handshake_req *treq;
308 struct handshake_req *req;
309
310 req = handshake_req_alloc(&tls_handshake_proto, flags);
311 if (!req)
312 return -ENOMEM;
313 treq = tls_handshake_req_init(req, args);
314 treq->th_type = HANDSHAKE_MSG_TYPE_CLIENTHELLO;
315 treq->th_auth_mode = HANDSHAKE_AUTH_X509;
316 treq->th_certificate = args->ta_my_cert;
317 treq->th_privkey = args->ta_my_privkey;
318
319 return handshake_req_submit(args->ta_sock, req, flags);
320 }
321 EXPORT_SYMBOL(tls_client_hello_x509);
322
323 /**
324 * tls_client_hello_psk - request a PSK-based TLS handshake on a socket
325 * @args: socket and handshake parameters for this request
326 * @flags: memory allocation control flags
327 *
328 * Return values:
329 * %0: Handshake request enqueue; ->done will be called when complete
330 * %-EINVAL: Wrong number of local peer IDs
331 * %-ESRCH: No user agent is available
332 * %-ENOMEM: Memory allocation failed
333 */
tls_client_hello_psk(const struct tls_handshake_args * args,gfp_t flags)334 int tls_client_hello_psk(const struct tls_handshake_args *args, gfp_t flags)
335 {
336 struct tls_handshake_req *treq;
337 struct handshake_req *req;
338 unsigned int i;
339
340 if (!args->ta_num_peerids ||
341 args->ta_num_peerids > ARRAY_SIZE(treq->th_peerid))
342 return -EINVAL;
343
344 req = handshake_req_alloc(&tls_handshake_proto, flags);
345 if (!req)
346 return -ENOMEM;
347 treq = tls_handshake_req_init(req, args);
348 treq->th_type = HANDSHAKE_MSG_TYPE_CLIENTHELLO;
349 treq->th_auth_mode = HANDSHAKE_AUTH_PSK;
350 treq->th_num_peerids = args->ta_num_peerids;
351 for (i = 0; i < args->ta_num_peerids; i++)
352 treq->th_peerid[i] = args->ta_my_peerids[i];
353
354 return handshake_req_submit(args->ta_sock, req, flags);
355 }
356 EXPORT_SYMBOL(tls_client_hello_psk);
357
358 /**
359 * tls_server_hello_x509 - request a server TLS handshake on a socket
360 * @args: socket and handshake parameters for this request
361 * @flags: memory allocation control flags
362 *
363 * Return values:
364 * %0: Handshake request enqueue; ->done will be called when complete
365 * %-ESRCH: No user agent is available
366 * %-ENOMEM: Memory allocation failed
367 */
tls_server_hello_x509(const struct tls_handshake_args * args,gfp_t flags)368 int tls_server_hello_x509(const struct tls_handshake_args *args, gfp_t flags)
369 {
370 struct tls_handshake_req *treq;
371 struct handshake_req *req;
372
373 req = handshake_req_alloc(&tls_handshake_proto, flags);
374 if (!req)
375 return -ENOMEM;
376 treq = tls_handshake_req_init(req, args);
377 treq->th_type = HANDSHAKE_MSG_TYPE_SERVERHELLO;
378 treq->th_auth_mode = HANDSHAKE_AUTH_X509;
379 treq->th_certificate = args->ta_my_cert;
380 treq->th_privkey = args->ta_my_privkey;
381
382 return handshake_req_submit(args->ta_sock, req, flags);
383 }
384 EXPORT_SYMBOL(tls_server_hello_x509);
385
386 /**
387 * tls_server_hello_psk - request a server TLS handshake on a socket
388 * @args: socket and handshake parameters for this request
389 * @flags: memory allocation control flags
390 *
391 * Return values:
392 * %0: Handshake request enqueue; ->done will be called when complete
393 * %-ESRCH: No user agent is available
394 * %-ENOMEM: Memory allocation failed
395 */
tls_server_hello_psk(const struct tls_handshake_args * args,gfp_t flags)396 int tls_server_hello_psk(const struct tls_handshake_args *args, gfp_t flags)
397 {
398 struct tls_handshake_req *treq;
399 struct handshake_req *req;
400
401 req = handshake_req_alloc(&tls_handshake_proto, flags);
402 if (!req)
403 return -ENOMEM;
404 treq = tls_handshake_req_init(req, args);
405 treq->th_type = HANDSHAKE_MSG_TYPE_SERVERHELLO;
406 treq->th_auth_mode = HANDSHAKE_AUTH_PSK;
407 treq->th_num_peerids = 1;
408 treq->th_peerid[0] = args->ta_my_peerids[0];
409
410 return handshake_req_submit(args->ta_sock, req, flags);
411 }
412 EXPORT_SYMBOL(tls_server_hello_psk);
413
414 /**
415 * tls_handshake_cancel - cancel a pending handshake
416 * @sk: socket on which there is an ongoing handshake
417 *
418 * Request cancellation races with request completion. To determine
419 * who won, callers examine the return value from this function.
420 *
421 * Return values:
422 * %true - Uncompleted handshake request was canceled
423 * %false - Handshake request already completed or not found
424 */
tls_handshake_cancel(struct sock * sk)425 bool tls_handshake_cancel(struct sock *sk)
426 {
427 return handshake_req_cancel(sk);
428 }
429 EXPORT_SYMBOL(tls_handshake_cancel);
430
431 /**
432 * tls_handshake_close - send a Closure alert
433 * @sock: an open socket
434 *
435 */
tls_handshake_close(struct socket * sock)436 void tls_handshake_close(struct socket *sock)
437 {
438 struct handshake_req *req;
439
440 req = handshake_req_hash_lookup(sock->sk);
441 if (!req)
442 return;
443 if (!test_and_clear_bit(HANDSHAKE_F_REQ_SESSION, &req->hr_flags))
444 return;
445 tls_alert_send(sock, TLS_ALERT_LEVEL_WARNING,
446 TLS_ALERT_DESC_CLOSE_NOTIFY);
447 }
448 EXPORT_SYMBOL(tls_handshake_close);
449