Lines Matching +full:im +full:-
45 #include <linux/key-type.h>
46 #include <keys/user-type.h>
47 #include <keys/request_key_auth-type.h>
78 if (idmap && idmap->user_ns) in idmap_userns()
79 return idmap->user_ns; in idmap_userns()
84 * nfs_fattr_init_names - initialise the nfs_fattr owner_name/group_name fields
93 fattr->owner_name = owner_name; in nfs_fattr_init_names()
94 fattr->group_name = group_name; in nfs_fattr_init_names()
99 fattr->valid &= ~NFS_ATTR_FATTR_OWNER_NAME; in nfs_fattr_free_owner_name()
100 kfree(fattr->owner_name->data); in nfs_fattr_free_owner_name()
105 fattr->valid &= ~NFS_ATTR_FATTR_GROUP_NAME; in nfs_fattr_free_group_name()
106 kfree(fattr->group_name->data); in nfs_fattr_free_group_name()
111 struct nfs4_string *owner = fattr->owner_name; in nfs_fattr_map_owner_name()
114 if (!(fattr->valid & NFS_ATTR_FATTR_OWNER_NAME)) in nfs_fattr_map_owner_name()
116 if (nfs_map_name_to_uid(server, owner->data, owner->len, &uid) == 0) { in nfs_fattr_map_owner_name()
117 fattr->uid = uid; in nfs_fattr_map_owner_name()
118 fattr->valid |= NFS_ATTR_FATTR_OWNER; in nfs_fattr_map_owner_name()
125 struct nfs4_string *group = fattr->group_name; in nfs_fattr_map_group_name()
128 if (!(fattr->valid & NFS_ATTR_FATTR_GROUP_NAME)) in nfs_fattr_map_group_name()
130 if (nfs_map_group_to_gid(server, group->data, group->len, &gid) == 0) { in nfs_fattr_map_group_name()
131 fattr->gid = gid; in nfs_fattr_map_group_name()
132 fattr->valid |= NFS_ATTR_FATTR_GROUP; in nfs_fattr_map_group_name()
138 * nfs_fattr_free_names - free up the NFSv4 owner and group strings
143 if (fattr->valid & NFS_ATTR_FATTR_OWNER_NAME) in nfs_fattr_free_names()
145 if (fattr->valid & NFS_ATTR_FATTR_GROUP_NAME) in nfs_fattr_free_names()
150 * nfs_fattr_map_and_free_names - map owner/group strings into uid/gid and free
208 return -ENOMEM; in nfs_idmap_init()
228 set_bit(KEY_FLAG_ROOT_CAN_CLEAR, &keyring->flags); in nfs_idmap_init()
229 cred->thread_keyring = keyring; in nfs_idmap_init()
230 cred->jit_keyring = KEY_REQKEY_DEFL_THREAD_KEYRING; in nfs_idmap_init()
245 key_revoke(id_resolver_cache->thread_keyring); in nfs_idmap_quit()
266 return -ENOMEM; in nfs_idmap_get_desc()
283 struct key *rkey = ERR_PTR(-EAGAIN); in nfs_idmap_request_key()
290 if (!idmap->user_ns || idmap->user_ns == &init_user_ns) in nfs_idmap_request_key()
293 mutex_lock(&idmap->idmap_mutex); in nfs_idmap_request_key()
296 mutex_unlock(&idmap->idmap_mutex); in nfs_idmap_request_key()
299 set_bit(KEY_FLAG_ROOT_CAN_INVAL, &rkey->flags); in nfs_idmap_request_key()
324 rkey->perm |= KEY_USR_VIEW; in nfs_idmap_get_key()
336 ret = payload->datalen; in nfs_idmap_get_key()
338 memcpy(data, payload->data, ret); in nfs_idmap_get_key()
340 ret = -EINVAL; in nfs_idmap_get_key()
349 /* ID -> Name */
360 return -EINVAL; in nfs_idmap_lookup_name()
364 /* Name -> ID */
375 ret = -EINVAL; in nfs_idmap_lookup_id()
426 struct idmap *idmap = pdo->pdo_data; in nfs_idmap_pipe_destroy()
427 struct rpc_pipe *pipe = idmap->idmap_pipe; in nfs_idmap_pipe_destroy()
429 if (pipe->dentry) { in nfs_idmap_pipe_destroy()
430 rpc_unlink(pipe->dentry); in nfs_idmap_pipe_destroy()
431 pipe->dentry = NULL; in nfs_idmap_pipe_destroy()
438 struct idmap *idmap = pdo->pdo_data; in nfs_idmap_pipe_create()
439 struct rpc_pipe *pipe = idmap->idmap_pipe; in nfs_idmap_pipe_create()
445 pipe->dentry = dentry; in nfs_idmap_pipe_create()
463 return -ENOMEM; in nfs_idmap_new()
465 mutex_init(&idmap->idmap_mutex); in nfs_idmap_new()
466 idmap->user_ns = get_user_ns(clp->cl_rpcclient->cl_cred->user_ns); in nfs_idmap_new()
468 rpc_init_pipe_dir_object(&idmap->idmap_pdo, in nfs_idmap_new()
477 idmap->idmap_pipe = pipe; in nfs_idmap_new()
479 error = rpc_add_pipe_dir_object(clp->cl_net, in nfs_idmap_new()
480 &clp->cl_rpcclient->cl_pipedir_objects, in nfs_idmap_new()
481 &idmap->idmap_pdo); in nfs_idmap_new()
485 clp->cl_idmap = idmap; in nfs_idmap_new()
488 rpc_destroy_pipe_data(idmap->idmap_pipe); in nfs_idmap_new()
490 get_user_ns(idmap->user_ns); in nfs_idmap_new()
498 struct idmap *idmap = clp->cl_idmap; in nfs_idmap_delete()
502 clp->cl_idmap = NULL; in nfs_idmap_delete()
503 rpc_remove_pipe_dir_object(clp->cl_net, in nfs_idmap_delete()
504 &clp->cl_rpcclient->cl_pipedir_objects, in nfs_idmap_delete()
505 &idmap->idmap_pdo); in nfs_idmap_delete()
506 rpc_destroy_pipe_data(idmap->idmap_pipe); in nfs_idmap_delete()
507 put_user_ns(idmap->user_ns); in nfs_idmap_delete()
512 struct idmap_msg *im, in nfs_idmap_prepare_message() argument
518 im->im_type = IDMAP_TYPE_GROUP; in nfs_idmap_prepare_message()
523 im->im_type = IDMAP_TYPE_USER; in nfs_idmap_prepare_message()
526 im->im_conv = IDMAP_CONV_NAMETOID; in nfs_idmap_prepare_message()
527 ret = match_strlcpy(im->im_name, &substr, IDMAP_NAMESZ); in nfs_idmap_prepare_message()
531 im->im_type = IDMAP_TYPE_USER; in nfs_idmap_prepare_message()
534 im->im_conv = IDMAP_CONV_IDTONAME; in nfs_idmap_prepare_message()
535 ret = match_int(&substr, &im->im_id); in nfs_idmap_prepare_message()
541 ret = -EINVAL; in nfs_idmap_prepare_message()
545 msg->data = im; in nfs_idmap_prepare_message()
546 msg->len = sizeof(struct idmap_msg); in nfs_idmap_prepare_message()
556 if (idmap->idmap_upcall_data != NULL) { in nfs_idmap_prepare_pipe_upcall()
560 idmap->idmap_upcall_data = data; in nfs_idmap_prepare_pipe_upcall()
567 struct key *authkey = idmap->idmap_upcall_data->authkey; in nfs_idmap_complete_pipe_upcall_locked()
569 kfree(idmap->idmap_upcall_data); in nfs_idmap_complete_pipe_upcall_locked()
570 idmap->idmap_upcall_data = NULL; in nfs_idmap_complete_pipe_upcall_locked()
578 if (idmap->idmap_upcall_data != NULL) in nfs_idmap_abort_pipe_upcall()
587 struct idmap_msg *im; in nfs_idmap_legacy_upcall() local
589 struct key *key = rka->target_key; in nfs_idmap_legacy_upcall()
590 int ret = -ENOKEY; in nfs_idmap_legacy_upcall()
595 /* msg and im are freed in idmap_pipe_destroy_msg */ in nfs_idmap_legacy_upcall()
596 ret = -ENOMEM; in nfs_idmap_legacy_upcall()
601 msg = &data->pipe_msg; in nfs_idmap_legacy_upcall()
602 im = &data->idmap_msg; in nfs_idmap_legacy_upcall()
603 data->idmap = idmap; in nfs_idmap_legacy_upcall()
604 data->authkey = key_get(authkey); in nfs_idmap_legacy_upcall()
606 ret = nfs_idmap_prepare_message(key->description, idmap, im, msg); in nfs_idmap_legacy_upcall()
610 ret = -EAGAIN; in nfs_idmap_legacy_upcall()
614 ret = rpc_queue_upcall(idmap->idmap_pipe, msg); in nfs_idmap_legacy_upcall()
629 id_resolver_cache->thread_keyring, in nfs_idmap_instantiate()
633 static int nfs_idmap_read_and_verify_message(struct idmap_msg *im, in nfs_idmap_read_and_verify_message() argument
639 int ret = -ENOKEY; in nfs_idmap_read_and_verify_message()
641 /* ret = -ENOKEY */ in nfs_idmap_read_and_verify_message()
642 if (upcall->im_type != im->im_type || upcall->im_conv != im->im_conv) in nfs_idmap_read_and_verify_message()
644 switch (im->im_conv) { in nfs_idmap_read_and_verify_message()
646 if (strcmp(upcall->im_name, im->im_name) != 0) in nfs_idmap_read_and_verify_message()
649 len = 1 + nfs_map_numeric_to_string(im->im_id, id_str, in nfs_idmap_read_and_verify_message()
654 if (upcall->im_id != im->im_id) in nfs_idmap_read_and_verify_message()
656 len = strlen(im->im_name); in nfs_idmap_read_and_verify_message()
657 ret = nfs_idmap_instantiate(key, authkey, im->im_name, len); in nfs_idmap_read_and_verify_message()
660 ret = -EINVAL; in nfs_idmap_read_and_verify_message()
671 struct idmap *idmap = (struct idmap *)rpci->private; in idmap_pipe_downcall()
673 struct idmap_msg im; in idmap_pipe_downcall() local
675 int ret = -ENOKEY; in idmap_pipe_downcall()
679 * idmap_key_cons - so after this point we may no longer touch it. in idmap_pipe_downcall()
681 if (idmap->idmap_upcall_data == NULL) in idmap_pipe_downcall()
684 authkey = idmap->idmap_upcall_data->authkey; in idmap_pipe_downcall()
687 if (mlen != sizeof(im)) { in idmap_pipe_downcall()
688 ret = -ENOSPC; in idmap_pipe_downcall()
692 if (copy_from_user(&im, src, mlen) != 0) { in idmap_pipe_downcall()
693 ret = -EFAULT; in idmap_pipe_downcall()
697 if (!(im.im_status & IDMAP_STATUS_SUCCESS)) { in idmap_pipe_downcall()
698 ret = -ENOKEY; in idmap_pipe_downcall()
702 namelen_in = strnlen(im.im_name, IDMAP_NAMESZ); in idmap_pipe_downcall()
704 ret = -EINVAL; in idmap_pipe_downcall()
708 ret = nfs_idmap_read_and_verify_message(&im, in idmap_pipe_downcall()
709 &idmap->idmap_upcall_data->idmap_msg, in idmap_pipe_downcall()
710 rka->target_key, authkey); in idmap_pipe_downcall()
712 key_set_timeout(rka->target_key, nfs_idmap_cache_timeout); in idmap_pipe_downcall()
728 struct idmap *idmap = data->idmap; in idmap_pipe_destroy_msg()
730 if (msg->errno) in idmap_pipe_destroy_msg()
731 nfs_idmap_abort_pipe_upcall(idmap, msg->errno); in idmap_pipe_destroy_msg()
738 struct idmap *idmap = (struct idmap *)rpci->private; in idmap_release_pipe()
740 nfs_idmap_abort_pipe_upcall(idmap, -EPIPE); in idmap_release_pipe()
745 struct idmap *idmap = server->nfs_client->cl_idmap; in nfs_map_name_to_uid()
746 __u32 id = -1; in nfs_map_name_to_uid()
754 ret = -ERANGE; in nfs_map_name_to_uid()
762 struct idmap *idmap = server->nfs_client->cl_idmap; in nfs_map_group_to_gid()
763 __u32 id = -1; in nfs_map_group_to_gid()
771 ret = -ERANGE; in nfs_map_group_to_gid()
779 struct idmap *idmap = server->nfs_client->cl_idmap; in nfs_map_uid_to_name()
780 int ret = -EINVAL; in nfs_map_uid_to_name()
784 if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) in nfs_map_uid_to_name()
793 struct idmap *idmap = server->nfs_client->cl_idmap; in nfs_map_gid_to_group()
794 int ret = -EINVAL; in nfs_map_gid_to_group()
798 if (!(server->caps & NFS_CAP_UIDGID_NOMAP)) in nfs_map_gid_to_group()