[v1,12/27] SUNRPC: Add XDR encoding helper for opaque_auth

Message ID	167319537874.7490.10030931409689592644.stgit@bazille.1015granger.net (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-nfs-owner@vger.kernel.org> Subject: [PATCH v1 12/27] SUNRPC: Add XDR encoding helper for opaque_auth From: Chuck Lever <cel@kernel.org> To: linux-nfs@vger.kernel.org Date: Sun, 08 Jan 2023 11:29:38 -0500 Message-ID: <167319537874.7490.10030931409689592644.stgit@bazille.1015granger.net> In-Reply-To: <167319499150.7490.2294168831574653380.stgit@bazille.1015granger.net> References: <167319499150.7490.2294168831574653380.stgit@bazille.1015granger.net> User-Agent: StGit/1.5 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Precedence: bulk
Series	Server-side RPC reply header parsing overhaul \| expand [v1,00/27] Server-side RPC reply header parsing overhaul [v1,01/27] SUNRPC: Clean up svcauth_gss_release() [v1,02/27] SUNRPC: Rename automatic variables in svcauth_gss_wrap_resp_integ() [v1,03/27] SUNRPC: Record gss_get_mic() errors in svcauth_gss_wrap_integ() [v1,04/27] SUNRPC: Replace checksum construction in svcauth_gss_wrap_integ() [v1,05/27] SUNRPC: Convert svcauth_gss_wrap_integ() to use xdr_stream() [v1,06/27] SUNRPC: Rename automatic variables in svcauth_gss_wrap_resp_priv() [v1,07/27] SUNRPC: Record gss_wrap() errors in svcauth_gss_wrap_priv() [v1,08/27] SUNRPC: Add @head and @tail variables in svcauth_gss_wrap_priv() [v1,09/27] SUNRPC: Convert svcauth_gss_wrap_priv() to use xdr_stream() [v1,10/27] SUNRPC: Check rq_auth_stat when preparing to wrap a response [v1,11/27] SUNRPC: Remove the rpc_stat variable in svc_process_common() [v1,12/27] SUNRPC: Add XDR encoding helper for opaque_auth [v1,13/27] SUNRPC: Push svcxdr_init_encode() into svc_process_common() [v1,14/27] SUNRPC: Move svcxdr_init_encode() into ->accept methods [v1,15/27] SUNRPC: Use xdr_stream to encode Reply verifier in svcauth_null_accept() [v1,16/27] SUNRPC: Use xdr_stream to encode Reply verifier in svcauth_unix_accept() [v1,17/27] SUNRPC: Use xdr_stream to encode Reply verifier in svcauth_tls_accept() [v1,18/27] SUNRPC: Convert unwrap data paths to use xdr_stream for replies [v1,19/27] SUNRPC: Use xdr_stream to encode replies in server-side GSS upcall helpers [v1,20/27] SUNRPC: Use xdr_stream for encoding GSS reply verifiers [v1,21/27] SUNRPC: Hoist init_encode out of svc_authenticate() [v1,22/27] SUNRPC: Convert RPC Reply header encoding to use xdr_stream [v1,23/27] SUNRPC: Final clean-up of svc_process_common() [v1,24/27] SUNRPC: Remove no-longer-used helper functions [v1,25/27] SUNRPC: Refactor RPC server dispatch method [v1,26/27] SUNRPC: Set rq_accept_statp inside ->accept methods [v1,27/27] SUNRPC: Go back to using gsd->body_start

Message ID

167319537874.7490.10030931409689592644.stgit@bazille.1015granger.net (mailing list archive)

State

New, archived

Headers

Subject: [PATCH v1 12/27] SUNRPC: Add XDR encoding helper for opaque_auth
From: Chuck Lever <cel@kernel.org>
To: linux-nfs@vger.kernel.org
Date: Sun, 08 Jan 2023 11:29:38 -0500
Message-ID: 
 <167319537874.7490.10030931409689592644.stgit@bazille.1015granger.net>
In-Reply-To: 
 <167319499150.7490.2294168831574653380.stgit@bazille.1015granger.net>
References: 
 <167319499150.7490.2294168831574653380.stgit@bazille.1015granger.net>
User-Agent: StGit/1.5
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Precedence: bulk

Series

Server-side RPC reply header parsing overhaul | expand

Commit Message

Chuck Lever Jan. 8, 2023, 4:29 p.m. UTC

From: Chuck Lever <chuck.lever@oracle.com>

RFC 5531 defines an MSG_ACCEPTED Reply message like this:

	struct accepted_reply {
		opaque_auth verf;
		union switch (accept_stat stat) {
		case SUCCESS:
		   ...

In the current server code, struct opaque_auth encoding is open-
coded. Introduce a helper that encodes an opaque_auth data item
within the context of a xdr_stream.

Done as part of hardening the server-side RPC header decoding and
encoding paths.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
 include/linux/sunrpc/xdr.h |    2 ++
 net/sunrpc/xdr.c           |   29 +++++++++++++++++++++++++++++
 2 files changed, 31 insertions(+)

diff --git a/include/linux/sunrpc/xdr.h b/include/linux/sunrpc/xdr.h
index 884df67009f4..f3b6eb9accd7 100644
--- a/include/linux/sunrpc/xdr.h
+++ b/include/linux/sunrpc/xdr.h
@@ -348,6 +348,8 @@  ssize_t xdr_stream_decode_string_dup(struct xdr_stream *xdr, char **str,
 		size_t maxlen, gfp_t gfp_flags);
 ssize_t xdr_stream_decode_opaque_auth(struct xdr_stream *xdr, u32 *flavor,
 		void **body, unsigned int *body_len);
+ssize_t xdr_stream_encode_opaque_auth(struct xdr_stream *xdr, u32 flavor,
+		void *body, unsigned int body_len);
 
 /**
  * xdr_align_size - Calculate padded size of an object
diff --git a/net/sunrpc/xdr.c b/net/sunrpc/xdr.c
index 56d87c784c9e..6b2ec24ec62d 100644
--- a/net/sunrpc/xdr.c
+++ b/net/sunrpc/xdr.c
@@ -2310,3 +2310,32 @@  ssize_t xdr_stream_decode_opaque_auth(struct xdr_stream *xdr, u32 *flavor,
 	return len + ret;
 }
 EXPORT_SYMBOL_GPL(xdr_stream_decode_opaque_auth);
+
+/**
+ * xdr_stream_encode_opaque_auth - Encode struct opaque_auth (RFC5531 S8.2)
+ * @xdr: pointer to xdr_stream
+ * @flavor: verifier flavor to encode
+ * @body: content of body to encode
+ * @body_len: length of body to encode
+ *
+ * Return values:
+ *   On success, returns length in bytes of XDR buffer consumed
+ *   %-EBADMSG on XDR buffer overflow
+ *   %-EMSGSIZE if the size of @body exceeds 400 octets
+ */
+ssize_t xdr_stream_encode_opaque_auth(struct xdr_stream *xdr, u32 flavor,
+				      void *body, unsigned int body_len)
+{
+	ssize_t ret, len;
+
+	if (unlikely(body_len > RPC_MAX_AUTH_SIZE))
+		return -EMSGSIZE;
+	len = xdr_stream_encode_u32(xdr, flavor);
+	if (unlikely(len < 0))
+		return len;
+	ret = xdr_stream_encode_opaque(xdr, body, body_len);
+	if (unlikely(ret < 0))
+		return ret;
+	return len + ret;
+}
+EXPORT_SYMBOL_GPL(xdr_stream_encode_opaque_auth);

[v1,12/27] SUNRPC: Add XDR encoding helper for opaque_auth

Commit Message

Patch