11 Commits

Author SHA1 Message Date
Serge E. Hallyn
a8ba8bffbe Staging: p9auth: a few fixes
1. The memory into which we copy 'u1@u2' needs space for u1, @,
	u2, and a final \0 which strcat copies in.
2. Strsep changes the value of its first argument.  So use a
	temporary variable to pass to it, so we pass the original
	value to kfree!
3. Allocate an extra char to user_buf, because we need a trailing \0
	since we later kstrdup it.

I am about to send out an LTP testcase for this driver, but
in addition the correctness of the hashing can be verified as
follows:

 #include <stdio.h>
 #include <stdlib.h>
 #include <unistd.h>

int main(int argc, char *argv[])
{
        char in[41], out[20];
        unsigned int v;
        int i, ret;

        ret = read(STDIN_FILENO, in, 40);
        if (ret != 40)
                exit(1);
        in[40] = '\0';
        for (i = 0; i < 20; i++) {
                sscanf(&in[2*i], "%02x", &v);
                out[i] = v;
        }
        write(STDOUT_FILENO, out, 20);
}

as root, to test userid 501 switching to uid 0, choosing
'random' string 'ab':

echo -n "501@0" > plain
openssl sha1  -hmac 'ab' plain |awk '{ print $2 '} > dgst
./unhex < dgst > dgst.u
mknod /dev/caphash 504 0
mknod /dev/capuse 504 1
chmod ugo+w /dev/capuse
cat dgst.u > /dev/caphash

as uid 501,
echo "501@0@ab" > /dev/capuse
id -u  # should now show 0.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2009-10-09 13:47:24 -07:00
Serge E. Hallyn
f82ebea5c8 staging: p9auth: prevent some oopses and memory leaks
Before all testcases, do:
	mknod /dev/caphash c 253 0
	mknod /dev/capuse c 253 1

This patch does the following:

1. caphash write of > CAP_NODE_SIZE bytes overruns node_ptr->data
	(test: cat /etc/mime.types > /dev/caphash)
2. make sure we don't dereference a NULL cap_devices[0].head
	(test: cat serge@root@abab > /dev/capuse)
3. don't let strlen dereference a NULL target_user etc
	(test: echo ab > /dev/capuse)
4. Don't leak a bunch of memory in cap_write().  Note that
   technically node_ptr is not needed for the capuse write case.
   As a result I have a much more extensive patch splitting up
   cap_write(), but I thought a smaller patch that is easier to test
   and verify would be a better start.  To test:
	cnt=0
	while [ 1 ]; do
		echo /etc/mime.types > /dev/capuse
		if [ $((cnt%25)) -eq 0 ]; then
			head -2 /proc/meminfo
		fi
		cnt=$((cnt+1))
		sleep 0.3
	done
   Without this patch, it MemFree steadily drops.  With the patch,
   it does not.

I have *not* tested this driver (with or without these patches)
with factotum or anything - only using the tests described above.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2009-06-19 11:00:54 -07:00
Greg Kroah-Hartman
2418a628ff Staging: p9auth: clean up #includes
Not all of these files needed to be included, clean up the list.

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2009-04-03 14:54:24 -07:00
Greg Kroah-Hartman
6d0d63bd7a Staging: p9auth: use kzalloc
It's nicer than doing kmalloc/memset.

Also check the return value of all allocations, one was previously not
being checked properly.

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2009-04-03 14:54:24 -07:00
Greg Kroah-Hartman
0f386e2b4c Staging: p9auth: fix up sparse warnings
Everything needs to be static, as sparse complains and you don't want to
polute the global kernel symbol namespace.  So mark everything as such
and move one function around to prevent a forward declaration from being
needed.

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2009-04-03 14:54:23 -07:00
Greg Kroah-Hartman
77dc1139f4 Staging: p9auth: fix up codingstyle issues
This fixes up a number of scripts/codingstyle.pl warnings and errors

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2009-04-03 14:54:23 -07:00
Greg Kroah-Hartman
4bf0438332 Staging: p9auth: remove unneeded header file
The p9auth.h file is not needed, move the stuff into p9auth.c file and
delete it.

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2009-04-03 14:54:23 -07:00
Randy Dunlap
9752ef46c6 Staging: p9auth: fix dependency/build error
Fix p9auth dependency/build failure.  It needs to depend on
CRYPTO.

p9auth.c:(.text+0x107297): undefined reference to `crypto_alloc_base'
p9auth.c:(.text+0x1073d4): undefined reference to `crypto_destroy_tfm'

Signed-off-by: Randy Dunlap <randy.dunlap@oracle.com>
Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2009-04-03 14:54:23 -07:00
Greg Kroah-Hartman
00db8a8ecc Staging: p9auth: add to the kernel build
This adds the p9auth code to the kernel build

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2009-04-03 14:54:23 -07:00
Greg Kroah-Hartman
5dba082699 Staging: p9auth: fix credential logic
current->uid is no longer allowed in the 2.6.29 kernel, so use
the proper credential api to be able to alter the uid and euid values.

Note, this now builds properly, hopefully still works properly, would be
good for someone to test it out...

Cc: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2009-04-03 14:54:23 -07:00
Ashwin Ganti
55643171de Staging: add p9auth driver
This is a driver that adds Plan 9 style capability device
implementation.

From: Ashwin Ganti <ashwin.ganti@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2009-04-03 14:54:23 -07:00