mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2026-06-12 13:42:23 -04:00
5800b1cf3f
Allow the app to request that CHALLENGEs be passed to it through an out-of-band queue that allows recvmsg() to pick it up so that the app can add data to it with sendmsg(). This will allow the application (AFS or userspace) to interact with the process if it wants to and put values into user-defined fields. This will be used by AFS when talking to a fileserver to supply that fileserver with a crypto key by which callback RPCs can be encrypted (ie. notifications from the fileserver to the client). Signed-off-by: David Howells <dhowells@redhat.com> cc: Marc Dionne <marc.dionne@auristor.com> cc: Simon Horman <horms@kernel.org> cc: linux-afs@lists.infradead.org Link: https://patch.msgid.link/20250411095303.2316168-5-dhowells@redhat.com Signed-off-by: Jakub Kicinski <kuba@kernel.org>
96 lines
2.3 KiB
C
96 lines
2.3 KiB
C
// SPDX-License-Identifier: GPL-2.0-or-later
|
|
/* Null security operations.
|
|
*
|
|
* Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
|
|
* Written by David Howells (dhowells@redhat.com)
|
|
*/
|
|
|
|
#include <net/af_rxrpc.h>
|
|
#include "ar-internal.h"
|
|
|
|
static int none_init_connection_security(struct rxrpc_connection *conn,
|
|
struct rxrpc_key_token *token)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* Allocate an appropriately sized buffer for the amount of data remaining.
|
|
*/
|
|
static struct rxrpc_txbuf *none_alloc_txbuf(struct rxrpc_call *call, size_t remain, gfp_t gfp)
|
|
{
|
|
return rxrpc_alloc_data_txbuf(call, umin(remain, RXRPC_JUMBO_DATALEN), 1, gfp);
|
|
}
|
|
|
|
static int none_secure_packet(struct rxrpc_call *call, struct rxrpc_txbuf *txb)
|
|
{
|
|
txb->pkt_len = txb->len;
|
|
if (txb->len == RXRPC_JUMBO_DATALEN)
|
|
txb->jumboable = true;
|
|
return 0;
|
|
}
|
|
|
|
static int none_verify_packet(struct rxrpc_call *call, struct sk_buff *skb)
|
|
{
|
|
struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
|
|
|
|
sp->flags |= RXRPC_RX_VERIFIED;
|
|
return 0;
|
|
}
|
|
|
|
static void none_free_call_crypto(struct rxrpc_call *call)
|
|
{
|
|
}
|
|
|
|
static bool none_validate_challenge(struct rxrpc_connection *conn,
|
|
struct sk_buff *skb)
|
|
{
|
|
return rxrpc_abort_conn(conn, skb, RX_PROTOCOL_ERROR, -EPROTO,
|
|
rxrpc_eproto_rxnull_challenge);
|
|
}
|
|
|
|
static int none_sendmsg_respond_to_challenge(struct sk_buff *challenge,
|
|
struct msghdr *msg)
|
|
{
|
|
return -EINVAL;
|
|
}
|
|
|
|
static int none_verify_response(struct rxrpc_connection *conn,
|
|
struct sk_buff *skb)
|
|
{
|
|
return rxrpc_abort_conn(conn, skb, RX_PROTOCOL_ERROR, -EPROTO,
|
|
rxrpc_eproto_rxnull_response);
|
|
}
|
|
|
|
static void none_clear(struct rxrpc_connection *conn)
|
|
{
|
|
}
|
|
|
|
static int none_init(void)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static void none_exit(void)
|
|
{
|
|
}
|
|
|
|
/*
|
|
* RxRPC Kerberos-based security
|
|
*/
|
|
const struct rxrpc_security rxrpc_no_security = {
|
|
.name = "none",
|
|
.security_index = RXRPC_SECURITY_NONE,
|
|
.init = none_init,
|
|
.exit = none_exit,
|
|
.init_connection_security = none_init_connection_security,
|
|
.free_call_crypto = none_free_call_crypto,
|
|
.alloc_txbuf = none_alloc_txbuf,
|
|
.secure_packet = none_secure_packet,
|
|
.verify_packet = none_verify_packet,
|
|
.validate_challenge = none_validate_challenge,
|
|
.sendmsg_respond_to_challenge = none_sendmsg_respond_to_challenge,
|
|
.verify_response = none_verify_response,
|
|
.clear = none_clear,
|
|
};
|