linux/net/sunrpc/auth_gss/gss_rpc_xdr.h

/* SPDX-License-Identifier: GPL-2.0+ */
/*
 * GSS Proxy upcall module
 *
 *  Copyright (C) 2012 Simo Sorce <simo@redhat.com>
 */

#ifndef _LINUX_GSS_RPC_XDR_H
#define _LINUX_GSS_RPC_XDR_H

#include <linux/sunrpc/xdr.h>
#include <linux/sunrpc/clnt.h>
#include <linux/sunrpc/xprtsock.h>

#if IS_ENABLED(CONFIG_SUNRPC_DEBUG)
# define RPCDBG_FACILITY	RPCDBG_AUTH
#endif

#define LUCID_OPTION "exported_context_type"
#define LUCID_VALUE  "linux_lucid_v1"
#define CREDS_OPTION "exported_creds_type"
#define CREDS_VALUE  "linux_creds_v1"

typedef struct xdr_netobj gssx_buffer;
typedef struct xdr_netobj utf8string;
typedef struct xdr_netobj gssx_OID;

enum gssx_cred_usage {
	GSSX_C_INITIATE = 1,
	GSSX_C_ACCEPT = 2,
	GSSX_C_BOTH = 3,
};

struct gssx_option {
	gssx_buffer option;
	gssx_buffer value;
};

struct gssx_option_array {
	u32 count;
	struct gssx_option *data;
};

struct gssx_status {
	u64 major_status;
	gssx_OID mech;
	u64 minor_status;
	utf8string major_status_string;
	utf8string minor_status_string;
	gssx_buffer server_ctx;
	struct gssx_option_array options;
};

struct gssx_call_ctx {
	utf8string locale;
	gssx_buffer server_ctx;
	struct gssx_option_array options;
};

struct gssx_name_attr {
	gssx_buffer attr;
	gssx_buffer value;
	struct gssx_option_array extensions;
};

struct gssx_name_attr_array {
	u32 count;
	struct gssx_name_attr *data;
};

struct gssx_name {
	gssx_buffer display_name;
};
typedef struct gssx_name gssx_name;

struct gssx_cred_element {
	gssx_name MN;
	gssx_OID mech;
	u32 cred_usage;
	u64 initiator_time_rec;
	u64 acceptor_time_rec;
	struct gssx_option_array options;
};

struct gssx_cred_element_array {
	u32 count;
	struct gssx_cred_element *data;
};

struct gssx_cred {
	gssx_name desired_name;
	struct gssx_cred_element_array elements;
	gssx_buffer cred_handle_reference;
	u32 needs_release;
};

struct gssx_ctx {
	gssx_buffer exported_context_token;
	gssx_buffer state;
	u32 need_release;
	gssx_OID mech;
	gssx_name src_name;
	gssx_name targ_name;
	u64 lifetime;
	u64 ctx_flags;
	u32 locally_initiated;
	u32 open;
	struct gssx_option_array options;
};

struct gssx_cb {
	u64 initiator_addrtype;
	gssx_buffer initiator_address;
	u64 acceptor_addrtype;
	gssx_buffer acceptor_address;
	gssx_buffer application_data;
};


/* This structure is not defined in the protocol.
 * It is used in the kernel to carry around a big buffer
 * as a set of pages */
struct gssp_in_token {
	struct page **pages;	/* Array of contiguous pages */
	unsigned int page_base;	/* Start of page data */
	unsigned int page_len;	/* Length of page data */
};

struct gssx_arg_accept_sec_context {
	struct gssx_call_ctx call_ctx;
	struct gssx_ctx *context_handle;
	struct gssx_cred *cred_handle;
	struct gssp_in_token input_token;
	struct gssx_cb *input_cb;
	u32 ret_deleg_cred;
	struct gssx_option_array options;
	struct page **pages;
	unsigned int npages;
};

struct gssx_res_accept_sec_context {
	struct gssx_status status;
	struct gssx_ctx *context_handle;
	gssx_buffer *output_token;
	/* struct gssx_cred *delegated_cred_handle; not used in kernel */
	struct gssx_option_array options;
};


#define gssx_enc_indicate_mechs NULL
#define gssx_dec_indicate_mechs NULL
#define gssx_enc_get_call_context NULL
#define gssx_dec_get_call_context NULL
#define gssx_enc_import_and_canon_name NULL
#define gssx_dec_import_and_canon_name NULL
#define gssx_enc_export_cred NULL
#define gssx_dec_export_cred NULL
#define gssx_enc_import_cred NULL
#define gssx_dec_import_cred NULL
#define gssx_enc_acquire_cred NULL
#define gssx_dec_acquire_cred NULL
#define gssx_enc_store_cred NULL
#define gssx_dec_store_cred NULL
#define gssx_enc_init_sec_context NULL
#define gssx_dec_init_sec_context NULL
void gssx_enc_accept_sec_context(struct rpc_rqst *req,
				 struct xdr_stream *xdr,
				 const void *data);
int gssx_dec_accept_sec_context(struct rpc_rqst *rqstp,
				struct xdr_stream *xdr,
				void *data);
#define gssx_enc_release_handle NULL
#define gssx_dec_release_handle NULL
#define gssx_enc_get_mic NULL
#define gssx_dec_get_mic NULL
#define gssx_enc_verify NULL
#define gssx_dec_verify NULL
#define gssx_enc_wrap NULL
#define gssx_dec_wrap NULL
#define gssx_enc_unwrap NULL
#define gssx_dec_unwrap NULL
#define gssx_enc_wrap_size_limit NULL
#define gssx_dec_wrap_size_limit NULL

/* non implemented calls are set to 0 size */
#define GSSX_ARG_indicate_mechs_sz 0
#define GSSX_RES_indicate_mechs_sz 0
#define GSSX_ARG_get_call_context_sz 0
#define GSSX_RES_get_call_context_sz 0
#define GSSX_ARG_import_and_canon_name_sz 0
#define GSSX_RES_import_and_canon_name_sz 0
#define GSSX_ARG_export_cred_sz 0
#define GSSX_RES_export_cred_sz 0
#define GSSX_ARG_import_cred_sz 0
#define GSSX_RES_import_cred_sz 0
#define GSSX_ARG_acquire_cred_sz 0
#define GSSX_RES_acquire_cred_sz 0
#define GSSX_ARG_store_cred_sz 0
#define GSSX_RES_store_cred_sz 0
#define GSSX_ARG_init_sec_context_sz 0
#define GSSX_RES_init_sec_context_sz 0

#define GSSX_default_in_call_ctx_sz (4 + 4 + 4 + \
			8 + sizeof(LUCID_OPTION) + sizeof(LUCID_VALUE) + \
			8 + sizeof(CREDS_OPTION) + sizeof(CREDS_VALUE))
#define GSSX_default_in_ctx_hndl_sz (4 + 4+8 + 4 + 4 + 6*4 + 6*4 + 8 + 8 + \
					4 + 4 + 4)
#define GSSX_default_in_cred_sz 4 /* we send in no cred_handle */
#define GSSX_default_in_token_sz 4 /* does *not* include token data */
#define GSSX_default_in_cb_sz 4 /* we do not use channel bindings */
#define GSSX_ARG_accept_sec_context_sz (GSSX_default_in_call_ctx_sz + \
					GSSX_default_in_ctx_hndl_sz + \
					GSSX_default_in_cred_sz + \
					GSSX_default_in_token_sz + \
					GSSX_default_in_cb_sz + \
					4 /* no deleg creds boolean */ + \
					4) /* empty options */

/* somewhat arbitrary numbers but large enough (we ignore some of the data
 * sent down, but it is part of the protocol so we need enough space to take
 * it in) */
#define GSSX_default_status_sz 8 + 24 + 8 + 256 + 256 + 16 + 4
#define GSSX_max_output_handle_sz 128
#define GSSX_max_oid_sz 16
#define GSSX_max_princ_sz 256
#define GSSX_default_ctx_sz (GSSX_max_output_handle_sz + \
			     16 + 4 + GSSX_max_oid_sz + \
			     2 * GSSX_max_princ_sz + \
			     8 + 8 + 4 + 4 + 4)
#define GSSX_max_output_token_sz 1024
/* grouplist not included; we allocate separate pages for that: */
#define GSSX_max_creds_sz (4 + 4 + 4 /* + NGROUPS_MAX*4 */)
#define GSSX_RES_accept_sec_context_sz (GSSX_default_status_sz + \
					GSSX_default_ctx_sz + \
					GSSX_max_output_token_sz + \
					4 + GSSX_max_creds_sz)

#define GSSX_ARG_release_handle_sz 0
#define GSSX_RES_release_handle_sz 0
#define GSSX_ARG_get_mic_sz 0
#define GSSX_RES_get_mic_sz 0
#define GSSX_ARG_verify_sz 0
#define GSSX_RES_verify_sz 0
#define GSSX_ARG_wrap_sz 0
#define GSSX_RES_wrap_sz 0
#define GSSX_ARG_unwrap_sz 0
#define GSSX_RES_unwrap_sz 0
#define GSSX_ARG_wrap_size_limit_sz 0
#define GSSX_RES_wrap_size_limit_sz 0

#endif /* _LINUX_GSS_RPC_XDR_H */
SUNRPC: Add SPDX IDs to some net/sunrpc/auth_gss/ files Files under net/sunrpc/auth_gss/ do not yet have SPDX ID tags. This directory is somewhat complicated because most of these files have license boilerplate that is not strictly GPL 2.0. In this patch I add ID tags where there is an obvious match. The less recognizable licenses are still under research. For reference, SPDX IDs added in this patch correspond to the following license text: GPL-2.0 https://spdx.org/licenses/GPL-2.0.html GPL-2.0+ https://spdx.org/licenses/GPL-2.0+.html BSD-3-Clause https://spdx.org/licenses/BSD-3-Clause.html Cc: Simo Sorce <simo@redhat.com> Cc: Kate Stewart <kstewart@linuxfoundation.org> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com> 2019-02-11 19:25:15 +03:00			`/* SPDX-License-Identifier: GPL-2.0+ */`
SUNRPC: Add RPC based upcall mechanism for RPCGSS auth This patch implements a sunrpc client to use the services of the gssproxy userspace daemon. In particular it allows to perform calls in user space using an RPC call instead of custom hand-coded upcall/downcall messages. Currently only accept_sec_context is implemented as that is all is needed for the server case. File server modules like NFS and CIFS can use full gssapi services this way, once init_sec_context is also implemented. For the NFS server case this code allow to lift the limit of max 2k krb5 tickets. This limit is prevents legitimate kerberos deployments from using krb5 authentication with the Linux NFS server as they have normally ticket that are many kilobytes large. It will also allow to lift the limitation on the size of the credential set (uid,gid,gids) passed down from user space for users that have very many groups associated. Currently the downcall mechanism used by rpc.svcgssd is limited to around 2k secondary groups of the 65k allowed by kernel structures. Signed-off-by: Simo Sorce <simo@redhat.com> [bfields: containerization, concurrent upcalls, misc. fixes and cleanup] Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2012-05-26 02:09:55 +04:00			`/*`
			`* GSS Proxy upcall module`
			`*`
			`* Copyright (C) 2012 Simo Sorce <simo@redhat.com>`
			`*/`

			`#ifndef _LINUX_GSS_RPC_XDR_H`
			`#define _LINUX_GSS_RPC_XDR_H`

			`#include <linux/sunrpc/xdr.h>`
			`#include <linux/sunrpc/clnt.h>`
			`#include <linux/sunrpc/xprtsock.h>`

sunrpc: eliminate RPC_DEBUG It's always set to whatever CONFIG_SUNRPC_DEBUG is, so just use that. Signed-off-by: Jeff Layton <jlayton@primarydata.com> Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com> 2014-11-18 00:58:04 +03:00			`#if IS_ENABLED(CONFIG_SUNRPC_DEBUG)`
SUNRPC: Add RPC based upcall mechanism for RPCGSS auth This patch implements a sunrpc client to use the services of the gssproxy userspace daemon. In particular it allows to perform calls in user space using an RPC call instead of custom hand-coded upcall/downcall messages. Currently only accept_sec_context is implemented as that is all is needed for the server case. File server modules like NFS and CIFS can use full gssapi services this way, once init_sec_context is also implemented. For the NFS server case this code allow to lift the limit of max 2k krb5 tickets. This limit is prevents legitimate kerberos deployments from using krb5 authentication with the Linux NFS server as they have normally ticket that are many kilobytes large. It will also allow to lift the limitation on the size of the credential set (uid,gid,gids) passed down from user space for users that have very many groups associated. Currently the downcall mechanism used by rpc.svcgssd is limited to around 2k secondary groups of the 65k allowed by kernel structures. Signed-off-by: Simo Sorce <simo@redhat.com> [bfields: containerization, concurrent upcalls, misc. fixes and cleanup] Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2012-05-26 02:09:55 +04:00			`# define RPCDBG_FACILITY RPCDBG_AUTH`
			`#endif`

			`#define LUCID_OPTION "exported_context_type"`
			`#define LUCID_VALUE "linux_lucid_v1"`
			`#define CREDS_OPTION "exported_creds_type"`
			`#define CREDS_VALUE "linux_creds_v1"`

			`typedef struct xdr_netobj gssx_buffer;`
			`typedef struct xdr_netobj utf8string;`
			`typedef struct xdr_netobj gssx_OID;`

			`enum gssx_cred_usage {`
			`GSSX_C_INITIATE = 1,`
			`GSSX_C_ACCEPT = 2,`
			`GSSX_C_BOTH = 3,`
			`};`

			`struct gssx_option {`
			`gssx_buffer option;`
			`gssx_buffer value;`
			`};`

			`struct gssx_option_array {`
			`u32 count;`
			`struct gssx_option *data;`
			`};`

			`struct gssx_status {`
			`u64 major_status;`
			`gssx_OID mech;`
			`u64 minor_status;`
			`utf8string major_status_string;`
			`utf8string minor_status_string;`
			`gssx_buffer server_ctx;`
			`struct gssx_option_array options;`
			`};`

			`struct gssx_call_ctx {`
			`utf8string locale;`
			`gssx_buffer server_ctx;`
			`struct gssx_option_array options;`
			`};`

			`struct gssx_name_attr {`
			`gssx_buffer attr;`
			`gssx_buffer value;`
			`struct gssx_option_array extensions;`
			`};`

			`struct gssx_name_attr_array {`
			`u32 count;`
			`struct gssx_name_attr *data;`
			`};`

			`struct gssx_name {`
			`gssx_buffer display_name;`
			`};`
			`typedef struct gssx_name gssx_name;`

			`struct gssx_cred_element {`
			`gssx_name MN;`
			`gssx_OID mech;`
			`u32 cred_usage;`
			`u64 initiator_time_rec;`
			`u64 acceptor_time_rec;`
			`struct gssx_option_array options;`
			`};`

			`struct gssx_cred_element_array {`
			`u32 count;`
			`struct gssx_cred_element *data;`
			`};`

			`struct gssx_cred {`
			`gssx_name desired_name;`
			`struct gssx_cred_element_array elements;`
			`gssx_buffer cred_handle_reference;`
			`u32 needs_release;`
			`};`

			`struct gssx_ctx {`
			`gssx_buffer exported_context_token;`
			`gssx_buffer state;`
			`u32 need_release;`
			`gssx_OID mech;`
			`gssx_name src_name;`
			`gssx_name targ_name;`
			`u64 lifetime;`
			`u64 ctx_flags;`
			`u32 locally_initiated;`
			`u32 open;`
			`struct gssx_option_array options;`
			`};`

			`struct gssx_cb {`
			`u64 initiator_addrtype;`
			`gssx_buffer initiator_address;`
			`u64 acceptor_addrtype;`
			`gssx_buffer acceptor_address;`
			`gssx_buffer application_data;`
			`};`


			`/* This structure is not defined in the protocol.`
			`* It is used in the kernel to carry around a big buffer`
			`* as a set of pages */`
			`struct gssp_in_token {`
			`struct page *pages; / Array of contiguous pages */`
			`unsigned int page_base; /* Start of page data */`
			`unsigned int page_len; /* Length of page data */`
			`};`

			`struct gssx_arg_accept_sec_context {`
			`struct gssx_call_ctx call_ctx;`
			`struct gssx_ctx *context_handle;`
			`struct gssx_cred *cred_handle;`
			`struct gssp_in_token input_token;`
			`struct gssx_cb *input_cb;`
			`u32 ret_deleg_cred;`
			`struct gssx_option_array options;`
rpc: fix huge kmalloc's in gss-proxy The reply to a gssproxy can include up to NGROUPS_MAX gid's, which will take up more than a page. We therefore need to allocate an array of pages to hold the reply instead of trying to allocate a single huge buffer. Tested-by: Simo Sorce <simo@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2013-08-21 02:13:27 +04:00			`struct page **pages;`
			`unsigned int npages;`
SUNRPC: Add RPC based upcall mechanism for RPCGSS auth This patch implements a sunrpc client to use the services of the gssproxy userspace daemon. In particular it allows to perform calls in user space using an RPC call instead of custom hand-coded upcall/downcall messages. Currently only accept_sec_context is implemented as that is all is needed for the server case. File server modules like NFS and CIFS can use full gssapi services this way, once init_sec_context is also implemented. For the NFS server case this code allow to lift the limit of max 2k krb5 tickets. This limit is prevents legitimate kerberos deployments from using krb5 authentication with the Linux NFS server as they have normally ticket that are many kilobytes large. It will also allow to lift the limitation on the size of the credential set (uid,gid,gids) passed down from user space for users that have very many groups associated. Currently the downcall mechanism used by rpc.svcgssd is limited to around 2k secondary groups of the 65k allowed by kernel structures. Signed-off-by: Simo Sorce <simo@redhat.com> [bfields: containerization, concurrent upcalls, misc. fixes and cleanup] Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2012-05-26 02:09:55 +04:00			`};`

			`struct gssx_res_accept_sec_context {`
			`struct gssx_status status;`
			`struct gssx_ctx *context_handle;`
			`gssx_buffer *output_token;`
			`/* struct gssx_cred delegated_cred_handle; not used in kernel /`
			`struct gssx_option_array options;`
			`};`



			`#define gssx_enc_indicate_mechs NULL`
			`#define gssx_dec_indicate_mechs NULL`
			`#define gssx_enc_get_call_context NULL`
			`#define gssx_dec_get_call_context NULL`
			`#define gssx_enc_import_and_canon_name NULL`
			`#define gssx_dec_import_and_canon_name NULL`
			`#define gssx_enc_export_cred NULL`
			`#define gssx_dec_export_cred NULL`
			`#define gssx_enc_import_cred NULL`
			`#define gssx_dec_import_cred NULL`
			`#define gssx_enc_acquire_cred NULL`
			`#define gssx_dec_acquire_cred NULL`
			`#define gssx_enc_store_cred NULL`
			`#define gssx_dec_store_cred NULL`
			`#define gssx_enc_init_sec_context NULL`
			`#define gssx_dec_init_sec_context NULL`
			`void gssx_enc_accept_sec_context(struct rpc_rqst *req,`
			`struct xdr_stream *xdr,`
sunrpc/auth_gss: nfsd: fix encoder callback prototypes Declare the p_encode callbacks with the proper prototype instead of casting to kxdreproc_t and losing all type safety. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Jeff Layton <jlayton@redhat.com> Acked-by: Trond Myklebust <trond.myklebust@primarydata.com> 2017-05-08 15:54:06 +03:00			`const void *data);`
SUNRPC: Add RPC based upcall mechanism for RPCGSS auth This patch implements a sunrpc client to use the services of the gssproxy userspace daemon. In particular it allows to perform calls in user space using an RPC call instead of custom hand-coded upcall/downcall messages. Currently only accept_sec_context is implemented as that is all is needed for the server case. File server modules like NFS and CIFS can use full gssapi services this way, once init_sec_context is also implemented. For the NFS server case this code allow to lift the limit of max 2k krb5 tickets. This limit is prevents legitimate kerberos deployments from using krb5 authentication with the Linux NFS server as they have normally ticket that are many kilobytes large. It will also allow to lift the limitation on the size of the credential set (uid,gid,gids) passed down from user space for users that have very many groups associated. Currently the downcall mechanism used by rpc.svcgssd is limited to around 2k secondary groups of the 65k allowed by kernel structures. Signed-off-by: Simo Sorce <simo@redhat.com> [bfields: containerization, concurrent upcalls, misc. fixes and cleanup] Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2012-05-26 02:09:55 +04:00			`int gssx_dec_accept_sec_context(struct rpc_rqst *rqstp,`
			`struct xdr_stream *xdr,`
sunrpc/auth_gss: fix decoder callback prototypes Declare the p_decode callbacks with the proper prototype instead of casting to kxdrdproc_t and losing all type safety. Signed-off-by: Christoph Hellwig <hch@lst.de> Reviewed-by: Jeff Layton <jlayton@redhat.com> Acked-by: Trond Myklebust <trond.myklebust@primarydata.com> 2017-05-08 16:03:02 +03:00			`void *data);`
SUNRPC: Add RPC based upcall mechanism for RPCGSS auth This patch implements a sunrpc client to use the services of the gssproxy userspace daemon. In particular it allows to perform calls in user space using an RPC call instead of custom hand-coded upcall/downcall messages. Currently only accept_sec_context is implemented as that is all is needed for the server case. File server modules like NFS and CIFS can use full gssapi services this way, once init_sec_context is also implemented. For the NFS server case this code allow to lift the limit of max 2k krb5 tickets. This limit is prevents legitimate kerberos deployments from using krb5 authentication with the Linux NFS server as they have normally ticket that are many kilobytes large. It will also allow to lift the limitation on the size of the credential set (uid,gid,gids) passed down from user space for users that have very many groups associated. Currently the downcall mechanism used by rpc.svcgssd is limited to around 2k secondary groups of the 65k allowed by kernel structures. Signed-off-by: Simo Sorce <simo@redhat.com> [bfields: containerization, concurrent upcalls, misc. fixes and cleanup] Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2012-05-26 02:09:55 +04:00			`#define gssx_enc_release_handle NULL`
			`#define gssx_dec_release_handle NULL`
			`#define gssx_enc_get_mic NULL`
			`#define gssx_dec_get_mic NULL`
			`#define gssx_enc_verify NULL`
			`#define gssx_dec_verify NULL`
			`#define gssx_enc_wrap NULL`
			`#define gssx_dec_wrap NULL`
			`#define gssx_enc_unwrap NULL`
			`#define gssx_dec_unwrap NULL`
			`#define gssx_enc_wrap_size_limit NULL`
			`#define gssx_dec_wrap_size_limit NULL`

			`/* non implemented calls are set to 0 size */`
			`#define GSSX_ARG_indicate_mechs_sz 0`
			`#define GSSX_RES_indicate_mechs_sz 0`
			`#define GSSX_ARG_get_call_context_sz 0`
			`#define GSSX_RES_get_call_context_sz 0`
			`#define GSSX_ARG_import_and_canon_name_sz 0`
			`#define GSSX_RES_import_and_canon_name_sz 0`
			`#define GSSX_ARG_export_cred_sz 0`
			`#define GSSX_RES_export_cred_sz 0`
			`#define GSSX_ARG_import_cred_sz 0`
			`#define GSSX_RES_import_cred_sz 0`
			`#define GSSX_ARG_acquire_cred_sz 0`
			`#define GSSX_RES_acquire_cred_sz 0`
			`#define GSSX_ARG_store_cred_sz 0`
			`#define GSSX_RES_store_cred_sz 0`
			`#define GSSX_ARG_init_sec_context_sz 0`
			`#define GSSX_RES_init_sec_context_sz 0`

			`#define GSSX_default_in_call_ctx_sz (4 + 4 + 4 + \`
			`8 + sizeof(LUCID_OPTION) + sizeof(LUCID_VALUE) + \`
			`8 + sizeof(CREDS_OPTION) + sizeof(CREDS_VALUE))`
			`#define GSSX_default_in_ctx_hndl_sz (4 + 4+8 + 4 + 4 + 64 + 64 + 8 + 8 + \`
			`4 + 4 + 4)`
			`#define GSSX_default_in_cred_sz 4 /* we send in no cred_handle */`
			`#define GSSX_default_in_token_sz 4 /* does not include token data */`
			`#define GSSX_default_in_cb_sz 4 /* we do not use channel bindings */`
			`#define GSSX_ARG_accept_sec_context_sz (GSSX_default_in_call_ctx_sz + \`
			`GSSX_default_in_ctx_hndl_sz + \`
			`GSSX_default_in_cred_sz + \`
			`GSSX_default_in_token_sz + \`
			`GSSX_default_in_cb_sz + \`
			`4 /* no deleg creds boolean */ + \`
			`4) /* empty options */`

			`/* somewhat arbitrary numbers but large enough (we ignore some of the data`
			`* sent down, but it is part of the protocol so we need enough space to take`
			`* it in) */`
			`#define GSSX_default_status_sz 8 + 24 + 8 + 256 + 256 + 16 + 4`
			`#define GSSX_max_output_handle_sz 128`
			`#define GSSX_max_oid_sz 16`
			`#define GSSX_max_princ_sz 256`
			`#define GSSX_default_ctx_sz (GSSX_max_output_handle_sz + \`
			`16 + 4 + GSSX_max_oid_sz + \`
			`2 * GSSX_max_princ_sz + \`
			`8 + 8 + 4 + 4 + 4)`
			`#define GSSX_max_output_token_sz 1024`
rpc: fix huge kmalloc's in gss-proxy The reply to a gssproxy can include up to NGROUPS_MAX gid's, which will take up more than a page. We therefore need to allocate an array of pages to hold the reply instead of trying to allocate a single huge buffer. Tested-by: Simo Sorce <simo@redhat.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2013-08-21 02:13:27 +04:00			`/* grouplist not included; we allocate separate pages for that: */`
			`#define GSSX_max_creds_sz (4 + 4 + 4 /* + NGROUPS_MAX4 /)`
SUNRPC: Add RPC based upcall mechanism for RPCGSS auth This patch implements a sunrpc client to use the services of the gssproxy userspace daemon. In particular it allows to perform calls in user space using an RPC call instead of custom hand-coded upcall/downcall messages. Currently only accept_sec_context is implemented as that is all is needed for the server case. File server modules like NFS and CIFS can use full gssapi services this way, once init_sec_context is also implemented. For the NFS server case this code allow to lift the limit of max 2k krb5 tickets. This limit is prevents legitimate kerberos deployments from using krb5 authentication with the Linux NFS server as they have normally ticket that are many kilobytes large. It will also allow to lift the limitation on the size of the credential set (uid,gid,gids) passed down from user space for users that have very many groups associated. Currently the downcall mechanism used by rpc.svcgssd is limited to around 2k secondary groups of the 65k allowed by kernel structures. Signed-off-by: Simo Sorce <simo@redhat.com> [bfields: containerization, concurrent upcalls, misc. fixes and cleanup] Signed-off-by: J. Bruce Fields <bfields@redhat.com> 2012-05-26 02:09:55 +04:00			`#define GSSX_RES_accept_sec_context_sz (GSSX_default_status_sz + \`
			`GSSX_default_ctx_sz + \`
			`GSSX_max_output_token_sz + \`
			`4 + GSSX_max_creds_sz)`

			`#define GSSX_ARG_release_handle_sz 0`
			`#define GSSX_RES_release_handle_sz 0`
			`#define GSSX_ARG_get_mic_sz 0`
			`#define GSSX_RES_get_mic_sz 0`
			`#define GSSX_ARG_verify_sz 0`
			`#define GSSX_RES_verify_sz 0`
			`#define GSSX_ARG_wrap_sz 0`
			`#define GSSX_RES_wrap_sz 0`
			`#define GSSX_ARG_unwrap_sz 0`
			`#define GSSX_RES_unwrap_sz 0`
			`#define GSSX_ARG_wrap_size_limit_sz 0`
			`#define GSSX_RES_wrap_size_limit_sz 0`

			`#endif /* _LINUX_GSS_RPC_XDR_H */`