4 * Mapping of UID/GIDs to name and vice versa.
6 * Copyright (c) 2002, 2003 The Regents of the University of
7 * Michigan. All rights reserved.
9 * Marius Aamodt Eriksen <marius@umich.edu>
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
15 * 1. Redistributions of source code must retain the above copyright
16 * notice, this list of conditions and the following disclaimer.
17 * 2. Redistributions in binary form must reproduce the above copyright
18 * notice, this list of conditions and the following disclaimer in the
19 * documentation and/or other materials provided with the distribution.
20 * 3. Neither the name of the University nor the names of its
21 * contributors may be used to endorse or promote products derived
22 * from this software without specific prior written permission.
24 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
25 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
26 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
27 * DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
28 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
29 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
30 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
31 * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
32 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
33 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
34 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37 #include <linux/module.h>
38 #include <linux/init.h>
41 #include <linux/utsname.h>
42 #include <linux/errno.h>
43 #include <linux/string.h>
44 #include <linux/sunrpc/clnt.h>
45 #include <linux/nfs.h>
46 #include <linux/nfs4.h>
47 #include <linux/nfs_fs.h>
48 #include <linux/nfs_page.h>
49 #include <linux/sunrpc/cache.h>
50 #include <linux/nfsd_idmap.h>
51 #include <linux/list.h>
52 #include <linux/time.h>
53 #include <linux/seq_file.h>
54 #include <linux/sunrpc/svcauth.h>
61 * XXX we know that IDMAP_NAMESZ < PAGE_SIZE, but it's ugly to rely on
65 #define IDMAP_TYPE_USER 0
66 #define IDMAP_TYPE_GROUP 1
70 int type
; /* User / Group */
72 char name
[IDMAP_NAMESZ
];
73 char authname
[IDMAP_NAMESZ
];
76 /* Common entry handling */
78 #define ENT_HASHBITS 8
79 #define ENT_HASHMAX (1 << ENT_HASHBITS)
80 #define ENT_HASHMASK (ENT_HASHMAX - 1)
83 ent_init(struct cache_head
*cnew
, struct cache_head
*citm
)
85 struct ent
*new = container_of(cnew
, struct ent
, h
);
86 struct ent
*itm
= container_of(citm
, struct ent
, h
);
89 new->type
= itm
->type
;
91 strlcpy(new->name
, itm
->name
, sizeof(new->name
));
92 strlcpy(new->authname
, itm
->authname
, sizeof(new->name
));
96 ent_put(struct kref
*ref
)
98 struct ent
*map
= container_of(ref
, struct ent
, h
.ref
);
102 static struct cache_head
*
105 struct ent
*e
= kmalloc(sizeof(*e
), GFP_KERNEL
);
116 static struct cache_head
*idtoname_table
[ENT_HASHMAX
];
119 idtoname_hash(struct ent
*ent
)
123 hash
= hash_str(ent
->authname
, ENT_HASHBITS
);
124 hash
= hash_long(hash
^ ent
->id
, ENT_HASHBITS
);
126 /* Flip LSB for user/group */
127 if (ent
->type
== IDMAP_TYPE_GROUP
)
134 idtoname_request(struct cache_detail
*cd
, struct cache_head
*ch
, char **bpp
,
137 struct ent
*ent
= container_of(ch
, struct ent
, h
);
140 qword_add(bpp
, blen
, ent
->authname
);
141 snprintf(idstr
, sizeof(idstr
), "%u", ent
->id
);
142 qword_add(bpp
, blen
, ent
->type
== IDMAP_TYPE_GROUP
? "group" : "user");
143 qword_add(bpp
, blen
, idstr
);
149 idtoname_match(struct cache_head
*ca
, struct cache_head
*cb
)
151 struct ent
*a
= container_of(ca
, struct ent
, h
);
152 struct ent
*b
= container_of(cb
, struct ent
, h
);
154 return (a
->id
== b
->id
&& a
->type
== b
->type
&&
155 strcmp(a
->authname
, b
->authname
) == 0);
159 idtoname_show(struct seq_file
*m
, struct cache_detail
*cd
, struct cache_head
*h
)
164 seq_puts(m
, "#domain type id [name]\n");
167 ent
= container_of(h
, struct ent
, h
);
168 seq_printf(m
, "%s %s %u", ent
->authname
,
169 ent
->type
== IDMAP_TYPE_GROUP
? "group" : "user",
171 if (test_bit(CACHE_VALID
, &h
->flags
))
172 seq_printf(m
, " %s", ent
->name
);
178 warn_no_idmapd(struct cache_detail
*detail
)
180 printk("nfsd: nfsv4 idmapping failing: has idmapd %s?\n",
181 detail
->last_close
? "died" : "not been started");
185 static int idtoname_parse(struct cache_detail
*, char *, int);
186 static struct ent
*idtoname_lookup(struct ent
*);
187 static struct ent
*idtoname_update(struct ent
*, struct ent
*);
189 static struct cache_detail idtoname_cache
= {
190 .owner
= THIS_MODULE
,
191 .hash_size
= ENT_HASHMAX
,
192 .hash_table
= idtoname_table
,
193 .name
= "nfs4.idtoname",
194 .cache_put
= ent_put
,
195 .cache_request
= idtoname_request
,
196 .cache_parse
= idtoname_parse
,
197 .cache_show
= idtoname_show
,
198 .warn_no_listener
= warn_no_idmapd
,
199 .match
= idtoname_match
,
206 idtoname_parse(struct cache_detail
*cd
, char *buf
, int buflen
)
208 struct ent ent
, *res
;
213 if (buf
[buflen
- 1] != '\n')
215 buf
[buflen
- 1]= '\0';
217 buf1
= kmalloc(PAGE_SIZE
, GFP_KERNEL
);
221 memset(&ent
, 0, sizeof(ent
));
223 /* Authentication name */
224 if (qword_get(&buf
, buf1
, PAGE_SIZE
) <= 0)
226 memcpy(ent
.authname
, buf1
, sizeof(ent
.authname
));
229 if (qword_get(&buf
, buf1
, PAGE_SIZE
) <= 0)
231 ent
.type
= strcmp(buf1
, "user") == 0 ?
232 IDMAP_TYPE_USER
: IDMAP_TYPE_GROUP
;
235 if (qword_get(&buf
, buf1
, PAGE_SIZE
) <= 0)
237 ent
.id
= simple_strtoul(buf1
, &bp
, 10);
242 ent
.h
.expiry_time
= get_expiry(&buf
);
243 if (ent
.h
.expiry_time
== 0)
247 res
= idtoname_lookup(&ent
);
253 len
= qword_get(&buf
, buf1
, PAGE_SIZE
);
257 set_bit(CACHE_NEGATIVE
, &ent
.h
.flags
);
259 if (error
>= IDMAP_NAMESZ
) {
263 memcpy(ent
.name
, buf1
, sizeof(ent
.name
));
266 res
= idtoname_update(&ent
, res
);
270 cache_put(&res
->h
, &idtoname_cache
);
281 idtoname_lookup(struct ent
*item
)
283 struct cache_head
*ch
= sunrpc_cache_lookup(&idtoname_cache
,
285 idtoname_hash(item
));
287 return container_of(ch
, struct ent
, h
);
293 idtoname_update(struct ent
*new, struct ent
*old
)
295 struct cache_head
*ch
= sunrpc_cache_update(&idtoname_cache
,
299 return container_of(ch
, struct ent
, h
);
309 static struct cache_head
*nametoid_table
[ENT_HASHMAX
];
312 nametoid_hash(struct ent
*ent
)
314 return hash_str(ent
->name
, ENT_HASHBITS
);
318 nametoid_request(struct cache_detail
*cd
, struct cache_head
*ch
, char **bpp
,
321 struct ent
*ent
= container_of(ch
, struct ent
, h
);
323 qword_add(bpp
, blen
, ent
->authname
);
324 qword_add(bpp
, blen
, ent
->type
== IDMAP_TYPE_GROUP
? "group" : "user");
325 qword_add(bpp
, blen
, ent
->name
);
331 nametoid_match(struct cache_head
*ca
, struct cache_head
*cb
)
333 struct ent
*a
= container_of(ca
, struct ent
, h
);
334 struct ent
*b
= container_of(cb
, struct ent
, h
);
336 return (a
->type
== b
->type
&& strcmp(a
->name
, b
->name
) == 0 &&
337 strcmp(a
->authname
, b
->authname
) == 0);
341 nametoid_show(struct seq_file
*m
, struct cache_detail
*cd
, struct cache_head
*h
)
346 seq_puts(m
, "#domain type name [id]\n");
349 ent
= container_of(h
, struct ent
, h
);
350 seq_printf(m
, "%s %s %s", ent
->authname
,
351 ent
->type
== IDMAP_TYPE_GROUP
? "group" : "user",
353 if (test_bit(CACHE_VALID
, &h
->flags
))
354 seq_printf(m
, " %u", ent
->id
);
359 static struct ent
*nametoid_lookup(struct ent
*);
360 static struct ent
*nametoid_update(struct ent
*, struct ent
*);
361 static int nametoid_parse(struct cache_detail
*, char *, int);
363 static struct cache_detail nametoid_cache
= {
364 .owner
= THIS_MODULE
,
365 .hash_size
= ENT_HASHMAX
,
366 .hash_table
= nametoid_table
,
367 .name
= "nfs4.nametoid",
368 .cache_put
= ent_put
,
369 .cache_request
= nametoid_request
,
370 .cache_parse
= nametoid_parse
,
371 .cache_show
= nametoid_show
,
372 .warn_no_listener
= warn_no_idmapd
,
373 .match
= nametoid_match
,
380 nametoid_parse(struct cache_detail
*cd
, char *buf
, int buflen
)
382 struct ent ent
, *res
;
386 if (buf
[buflen
- 1] != '\n')
388 buf
[buflen
- 1]= '\0';
390 buf1
= kmalloc(PAGE_SIZE
, GFP_KERNEL
);
394 memset(&ent
, 0, sizeof(ent
));
396 /* Authentication name */
397 if (qword_get(&buf
, buf1
, PAGE_SIZE
) <= 0)
399 memcpy(ent
.authname
, buf1
, sizeof(ent
.authname
));
402 if (qword_get(&buf
, buf1
, PAGE_SIZE
) <= 0)
404 ent
.type
= strcmp(buf1
, "user") == 0 ?
405 IDMAP_TYPE_USER
: IDMAP_TYPE_GROUP
;
408 error
= qword_get(&buf
, buf1
, PAGE_SIZE
);
409 if (error
<= 0 || error
>= IDMAP_NAMESZ
)
411 memcpy(ent
.name
, buf1
, sizeof(ent
.name
));
414 ent
.h
.expiry_time
= get_expiry(&buf
);
415 if (ent
.h
.expiry_time
== 0)
419 error
= get_int(&buf
, &ent
.id
);
420 if (error
== -EINVAL
)
422 if (error
== -ENOENT
)
423 set_bit(CACHE_NEGATIVE
, &ent
.h
.flags
);
426 res
= nametoid_lookup(&ent
);
429 res
= nametoid_update(&ent
, res
);
433 cache_put(&res
->h
, &nametoid_cache
);
443 nametoid_lookup(struct ent
*item
)
445 struct cache_head
*ch
= sunrpc_cache_lookup(&nametoid_cache
,
447 nametoid_hash(item
));
449 return container_of(ch
, struct ent
, h
);
455 nametoid_update(struct ent
*new, struct ent
*old
)
457 struct cache_head
*ch
= sunrpc_cache_update(&nametoid_cache
,
461 return container_of(ch
, struct ent
, h
);
471 nfsd_idmap_init(void)
473 cache_register(&idtoname_cache
);
474 cache_register(&nametoid_cache
);
478 nfsd_idmap_shutdown(void)
480 if (cache_unregister(&idtoname_cache
))
481 printk(KERN_ERR
"nfsd: failed to unregister idtoname cache\n");
482 if (cache_unregister(&nametoid_cache
))
483 printk(KERN_ERR
"nfsd: failed to unregister nametoid cache\n");
487 * Deferred request handling
490 struct idmap_defer_req
{
491 struct cache_req req
;
492 struct cache_deferred_req deferred_req
;
493 wait_queue_head_t waitq
;
498 put_mdr(struct idmap_defer_req
*mdr
)
500 if (atomic_dec_and_test(&mdr
->count
))
505 get_mdr(struct idmap_defer_req
*mdr
)
507 atomic_inc(&mdr
->count
);
511 idmap_revisit(struct cache_deferred_req
*dreq
, int toomany
)
513 struct idmap_defer_req
*mdr
=
514 container_of(dreq
, struct idmap_defer_req
, deferred_req
);
516 wake_up(&mdr
->waitq
);
520 static struct cache_deferred_req
*
521 idmap_defer(struct cache_req
*req
)
523 struct idmap_defer_req
*mdr
=
524 container_of(req
, struct idmap_defer_req
, req
);
526 mdr
->deferred_req
.revisit
= idmap_revisit
;
528 return (&mdr
->deferred_req
);
532 do_idmap_lookup(struct ent
*(*lookup_fn
)(struct ent
*), struct ent
*key
,
533 struct cache_detail
*detail
, struct ent
**item
,
534 struct idmap_defer_req
*mdr
)
536 *item
= lookup_fn(key
);
539 return cache_check(detail
, &(*item
)->h
, &mdr
->req
);
543 do_idmap_lookup_nowait(struct ent
*(*lookup_fn
)(struct ent
*),
544 struct ent
*key
, struct cache_detail
*detail
,
549 *item
= lookup_fn(key
);
553 if (!test_bit(CACHE_VALID
, &(*item
)->h
.flags
)
554 || (*item
)->h
.expiry_time
< get_seconds()
555 || detail
->flush_time
> (*item
)->h
.last_refresh
)
558 if (test_bit(CACHE_NEGATIVE
, &(*item
)->h
.flags
))
562 cache_put(&(*item
)->h
, detail
);
569 idmap_lookup(struct svc_rqst
*rqstp
,
570 struct ent
*(*lookup_fn
)(struct ent
*), struct ent
*key
,
571 struct cache_detail
*detail
, struct ent
**item
)
573 struct idmap_defer_req
*mdr
;
576 mdr
= kzalloc(sizeof(*mdr
), GFP_KERNEL
);
579 atomic_set(&mdr
->count
, 1);
580 init_waitqueue_head(&mdr
->waitq
);
581 mdr
->req
.defer
= idmap_defer
;
582 ret
= do_idmap_lookup(lookup_fn
, key
, detail
, item
, mdr
);
583 if (ret
== -EAGAIN
) {
584 wait_event_interruptible_timeout(mdr
->waitq
,
585 test_bit(CACHE_VALID
, &(*item
)->h
.flags
), 1 * HZ
);
586 ret
= do_idmap_lookup_nowait(lookup_fn
, key
, detail
, item
);
593 rqst_authname(struct svc_rqst
*rqstp
)
595 struct auth_domain
*clp
;
597 clp
= rqstp
->rq_gssclient
? rqstp
->rq_gssclient
: rqstp
->rq_client
;
602 idmap_name_to_id(struct svc_rqst
*rqstp
, int type
, const char *name
, u32 namelen
,
605 struct ent
*item
, key
= {
610 if (namelen
+ 1 > sizeof(key
.name
))
612 memcpy(key
.name
, name
, namelen
);
613 key
.name
[namelen
] = '\0';
614 strlcpy(key
.authname
, rqst_authname(rqstp
), sizeof(key
.authname
));
615 ret
= idmap_lookup(rqstp
, nametoid_lookup
, &key
, &nametoid_cache
, &item
);
617 ret
= -ESRCH
; /* nfserr_badname */
621 cache_put(&item
->h
, &nametoid_cache
);
626 idmap_id_to_name(struct svc_rqst
*rqstp
, int type
, uid_t id
, char *name
)
628 struct ent
*item
, key
= {
634 strlcpy(key
.authname
, rqst_authname(rqstp
), sizeof(key
.authname
));
635 ret
= idmap_lookup(rqstp
, idtoname_lookup
, &key
, &idtoname_cache
, &item
);
637 return sprintf(name
, "%u", id
);
640 ret
= strlen(item
->name
);
641 BUG_ON(ret
> IDMAP_NAMESZ
);
642 memcpy(name
, item
->name
, ret
);
643 cache_put(&item
->h
, &idtoname_cache
);
648 nfsd_map_name_to_uid(struct svc_rqst
*rqstp
, const char *name
, size_t namelen
,
651 return idmap_name_to_id(rqstp
, IDMAP_TYPE_USER
, name
, namelen
, id
);
655 nfsd_map_name_to_gid(struct svc_rqst
*rqstp
, const char *name
, size_t namelen
,
658 return idmap_name_to_id(rqstp
, IDMAP_TYPE_GROUP
, name
, namelen
, id
);
662 nfsd_map_uid_to_name(struct svc_rqst
*rqstp
, __u32 id
, char *name
)
664 return idmap_id_to_name(rqstp
, IDMAP_TYPE_USER
, id
, name
);
668 nfsd_map_gid_to_name(struct svc_rqst
*rqstp
, __u32 id
, char *name
)
670 return idmap_id_to_name(rqstp
, IDMAP_TYPE_GROUP
, id
, name
);