1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* RxRPC security handling 3 * 4 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 */ 7 8 #include <linux/module.h> 9 #include <linux/net.h> 10 #include <linux/skbuff.h> 11 #include <linux/udp.h> 12 #include <linux/crypto.h> 13 #include <net/sock.h> 14 #include <net/af_rxrpc.h> 15 #include <keys/rxrpc-type.h> 16 #include "ar-internal.h" 17 18 static const struct rxrpc_security *rxrpc_security_types[] = { 19 [RXRPC_SECURITY_NONE] = &rxrpc_no_security, 20 #ifdef CONFIG_RXKAD 21 [RXRPC_SECURITY_RXKAD] = &rxkad, 22 #endif 23 }; 24 25 int __init rxrpc_init_security(void) 26 { 27 int i, ret; 28 29 for (i = 0; i < ARRAY_SIZE(rxrpc_security_types); i++) { 30 if (rxrpc_security_types[i]) { 31 ret = rxrpc_security_types[i]->init(); 32 if (ret < 0) 33 goto failed; 34 } 35 } 36 37 return 0; 38 39 failed: 40 for (i--; i >= 0; i--) 41 if (rxrpc_security_types[i]) 42 rxrpc_security_types[i]->exit(); 43 return ret; 44 } 45 46 void rxrpc_exit_security(void) 47 { 48 int i; 49 50 for (i = 0; i < ARRAY_SIZE(rxrpc_security_types); i++) 51 if (rxrpc_security_types[i]) 52 rxrpc_security_types[i]->exit(); 53 } 54 55 /* 56 * look up an rxrpc security module 57 */ 58 const struct rxrpc_security *rxrpc_security_lookup(u8 security_index) 59 { 60 if (security_index >= ARRAY_SIZE(rxrpc_security_types)) 61 return NULL; 62 return rxrpc_security_types[security_index]; 63 } 64 65 /* 66 * Initialise the security on a client call. 67 */ 68 int rxrpc_init_client_call_security(struct rxrpc_call *call) 69 { 70 const struct rxrpc_security *sec = &rxrpc_no_security; 71 struct rxrpc_key_token *token; 72 struct key *key = call->key; 73 int ret; 74 75 if (!key) 76 goto found; 77 78 ret = key_validate(key); 79 if (ret < 0) 80 return ret; 81 82 for (token = key->payload.data[0]; token; token = token->next) { 83 sec = rxrpc_security_lookup(token->security_index); 84 if (sec) 85 goto found; 86 } 87 return -EKEYREJECTED; 88 89 found: 90 call->security = sec; 91 call->security_ix = sec->security_index; 92 return 0; 93 } 94 95 /* 96 * initialise the security on a client connection 97 */ 98 int rxrpc_init_client_conn_security(struct rxrpc_connection *conn) 99 { 100 struct rxrpc_key_token *token; 101 struct key *key = conn->key; 102 int ret = 0; 103 104 _enter("{%d},{%x}", conn->debug_id, key_serial(key)); 105 106 for (token = key->payload.data[0]; token; token = token->next) { 107 if (token->security_index == conn->security->security_index) 108 goto found; 109 } 110 return -EKEYREJECTED; 111 112 found: 113 mutex_lock(&conn->security_lock); 114 if (conn->state == RXRPC_CONN_CLIENT_UNSECURED) { 115 ret = conn->security->init_connection_security(conn, token); 116 if (ret == 0) { 117 spin_lock(&conn->state_lock); 118 if (conn->state == RXRPC_CONN_CLIENT_UNSECURED) 119 conn->state = RXRPC_CONN_CLIENT; 120 spin_unlock(&conn->state_lock); 121 } 122 } 123 mutex_unlock(&conn->security_lock); 124 return ret; 125 } 126 127 /* 128 * Set the ops a server connection. 129 */ 130 const struct rxrpc_security *rxrpc_get_incoming_security(struct rxrpc_sock *rx, 131 struct sk_buff *skb) 132 { 133 const struct rxrpc_security *sec; 134 struct rxrpc_skb_priv *sp = rxrpc_skb(skb); 135 136 _enter(""); 137 138 sec = rxrpc_security_lookup(sp->hdr.securityIndex); 139 if (!sec) { 140 rxrpc_direct_abort(skb, rxrpc_abort_unsupported_security, 141 RX_INVALID_OPERATION, -EKEYREJECTED); 142 return NULL; 143 } 144 145 if (sp->hdr.securityIndex != RXRPC_SECURITY_NONE && 146 !rx->securities) { 147 rxrpc_direct_abort(skb, rxrpc_abort_no_service_key, 148 sec->no_key_abort, -EKEYREJECTED); 149 return NULL; 150 } 151 152 return sec; 153 } 154 155 /* 156 * Find the security key for a server connection. 157 */ 158 struct key *rxrpc_look_up_server_security(struct rxrpc_connection *conn, 159 struct sk_buff *skb, 160 u32 kvno, u32 enctype) 161 { 162 struct rxrpc_skb_priv *sp = rxrpc_skb(skb); 163 struct rxrpc_sock *rx; 164 struct key *key = ERR_PTR(-EKEYREJECTED); 165 key_ref_t kref = NULL; 166 char kdesc[5 + 1 + 3 + 1 + 12 + 1 + 12 + 1]; 167 int ret; 168 169 _enter(""); 170 171 if (enctype) 172 sprintf(kdesc, "%u:%u:%u:%u", 173 sp->hdr.serviceId, sp->hdr.securityIndex, kvno, enctype); 174 else if (kvno) 175 sprintf(kdesc, "%u:%u:%u", 176 sp->hdr.serviceId, sp->hdr.securityIndex, kvno); 177 else 178 sprintf(kdesc, "%u:%u", 179 sp->hdr.serviceId, sp->hdr.securityIndex); 180 181 read_lock(&conn->local->services_lock); 182 183 rx = conn->local->service; 184 if (!rx) 185 goto out; 186 187 /* look through the service's keyring */ 188 kref = keyring_search(make_key_ref(rx->securities, 1UL), 189 &key_type_rxrpc_s, kdesc, true); 190 if (IS_ERR(kref)) { 191 key = ERR_CAST(kref); 192 goto out; 193 } 194 195 key = key_ref_to_ptr(kref); 196 197 ret = key_validate(key); 198 if (ret < 0) { 199 key_put(key); 200 key = ERR_PTR(ret); 201 goto out; 202 } 203 204 out: 205 read_unlock(&conn->local->services_lock); 206 return key; 207 } 208