2010-08-04 15:16:33 +01:00
/* Upcall routine, designed to work as a key type and working through
* / sbin / request - key to contact userspace when handling DNS queries .
*
2020-04-28 00:01:32 +02:00
* See Documentation / networking / dns_resolver . rst
2010-08-04 15:16:33 +01:00
*
* Copyright ( c ) 2007 Igor Mammedov
* Author ( s ) : Igor Mammedov ( niallain @ gmail . com )
* Steve French ( sfrench @ us . ibm . com )
* Wang Lei ( wang840925 @ gmail . com )
* David Howells ( dhowells @ redhat . com )
*
* The upcall wrapper used to make an arbitrary DNS query .
*
* This function requires the appropriate userspace tool dns . upcall to be
* installed and something like the following lines should be added to the
* / etc / request - key . conf file :
*
* create dns_resolver * * / sbin / dns . upcall % k
*
* For example to use this module to query AFSDB RR :
*
* create dns_resolver afsdb : * * / sbin / dns . afsdb % k
*
* This library is free software ; you can redistribute it and / or modify
* it under the terms of the GNU Lesser General Public License as published
* by the Free Software Foundation ; either version 2.1 of the License , or
* ( at your option ) any later version .
*
* This library is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See
* the GNU Lesser General Public License for more details .
*
* You should have received a copy of the GNU Lesser General Public License
2013-12-06 09:13:44 -08:00
* along with this library ; if not , see < http : //www.gnu.org/licenses/>.
2010-08-04 15:16:33 +01:00
*/
# include <linux/module.h>
# include <linux/slab.h>
2017-02-02 17:54:15 +01:00
# include <linux/cred.h>
2010-08-04 15:16:33 +01:00
# include <linux/dns_resolver.h>
2010-08-06 03:13:47 +01:00
# include <linux/err.h>
2019-06-26 21:02:33 +01:00
# include <net/net_namespace.h>
2017-02-02 17:54:15 +01:00
2010-08-04 15:16:33 +01:00
# include <keys/dns_resolver-type.h>
# include <keys/user-type.h>
# include "internal.h"
2010-08-06 03:13:52 +01:00
/**
2010-08-04 15:16:33 +01:00
* dns_query - Query the DNS
2019-06-26 21:02:33 +01:00
* @ net : The network namespace to operate in .
2010-08-04 15:16:33 +01:00
* @ type : Query type ( or NULL for straight host - > IP lookup )
* @ name : Name to look up
* @ namelen : Length of name
* @ options : Request options ( or NULL if no options )
2018-02-06 06:26:30 +00:00
* @ _result : Where to place the returned data ( or NULL )
2010-08-04 15:16:33 +01:00
* @ _expiry : Where to store the result expiry time ( or NULL )
2019-05-03 18:26:55 +01:00
* @ invalidate : Always invalidate the key after use
2010-08-04 15:16:33 +01:00
*
2018-02-06 06:26:30 +00:00
* The data will be returned in the pointer at * result , if provided , and the
* caller is responsible for freeing it .
2010-08-04 15:16:33 +01:00
*
* The description should be of the form " [<query_type>:]<domain_name> " , and
* the options need to be appropriate for the query type requested . If no
* query_type is given , then the query is a straight hostname to IP address
* lookup .
*
* The DNS resolution lookup is performed by upcalling to userspace by way of
* requesting a key of type dns_resolver .
*
* Returns the size of the result on success , - ve error code otherwise .
*/
2019-06-26 21:02:33 +01:00
int dns_query ( struct net * net ,
const char * type , const char * name , size_t namelen ,
2019-05-03 18:26:55 +01:00
const char * options , char * * _result , time64_t * _expiry ,
bool invalidate )
2010-08-04 15:16:33 +01:00
{
struct key * rkey ;
2017-03-01 15:11:23 +00:00
struct user_key_payload * upayload ;
2010-08-04 15:16:33 +01:00
const struct cred * saved_cred ;
size_t typelen , desclen ;
char * desc , * cp ;
int ret , len ;
kenter ( " %s,%*.*s,%zu,%s " ,
type , ( int ) namelen , ( int ) namelen , name , namelen , options ) ;
2018-02-06 06:26:30 +00:00
if ( ! name | | namelen = = 0 )
2010-08-04 15:16:33 +01:00
return - EINVAL ;
/* construct the query key description as "[<type>:]<name>" */
typelen = 0 ;
desclen = 0 ;
if ( type ) {
typelen = strlen ( type ) ;
if ( typelen < 1 )
return - EINVAL ;
desclen + = typelen + 1 ;
}
2014-05-31 23:37:40 +02:00
if ( namelen < 3 | | namelen > 255 )
2010-08-04 15:16:33 +01:00
return - EINVAL ;
desclen + = namelen + 1 ;
desc = kmalloc ( desclen , GFP_KERNEL ) ;
if ( ! desc )
return - ENOMEM ;
cp = desc ;
if ( type ) {
memcpy ( cp , type , typelen ) ;
cp + = typelen ;
* cp + + = ' : ' ;
}
memcpy ( cp , name , namelen ) ;
cp + = namelen ;
* cp = ' \0 ' ;
if ( ! options )
options = " " ;
kdebug ( " call request_key(,%s,%s) " , desc , options ) ;
/* make the upcall, using special credentials to prevent the use of
* add_key ( ) to preinstall malicious redirections
*/
saved_cred = override_creds ( dns_resolver_cache ) ;
2019-07-10 18:43:43 -07:00
rkey = request_key_net ( & key_type_dns_resolver , desc , net , options ) ;
2010-08-04 15:16:33 +01:00
revert_creds ( saved_cred ) ;
kfree ( desc ) ;
if ( IS_ERR ( rkey ) ) {
ret = PTR_ERR ( rkey ) ;
goto out ;
}
down_read ( & rkey - > sem ) ;
2014-07-17 20:45:08 +01:00
set_bit ( KEY_FLAG_ROOT_CAN_INVAL , & rkey - > flags ) ;
2019-07-10 18:43:43 -07:00
rkey - > perm | = KEY_USR_VIEW ;
2010-08-04 15:16:33 +01:00
ret = key_validate ( rkey ) ;
if ( ret < 0 )
goto put ;
2010-08-11 09:37:58 +01:00
/* If the DNS server gave an error, return that to the caller */
2015-10-21 14:04:48 +01:00
ret = PTR_ERR ( rkey - > payload . data [ dns_key_error ] ) ;
2010-08-11 09:37:58 +01:00
if ( ret )
goto put ;
2017-03-01 15:11:23 +00:00
upayload = user_key_payload_locked ( rkey ) ;
2010-08-04 15:16:33 +01:00
len = upayload - > datalen ;
2018-02-06 06:26:30 +00:00
if ( _result ) {
ret = - ENOMEM ;
2018-10-04 14:27:55 +01:00
* _result = kmemdup_nul ( upayload - > data , len , GFP_KERNEL ) ;
2018-02-06 06:26:30 +00:00
if ( ! * _result )
goto put ;
}
2014-06-07 23:57:25 +02:00
2010-08-04 15:16:33 +01:00
if ( _expiry )
* _expiry = rkey - > expiry ;
ret = len ;
put :
up_read ( & rkey - > sem ) ;
2019-05-03 18:26:55 +01:00
if ( invalidate )
key_invalidate ( rkey ) ;
2010-08-04 15:16:33 +01:00
key_put ( rkey ) ;
out :
kleave ( " = %d " , ret ) ;
return ret ;
}
EXPORT_SYMBOL ( dns_query ) ;