From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org
Cc: dhowells@redhat.com, linux-afs@lists.infradead.org,
linux-kernel@vger.kernel.org
Subject: [PATCH net-next 00/23] rxrpc: Fixes and preparation for RxGK
Date: Thu, 01 Oct 2020 15:56:43 +0100 [thread overview]
Message-ID: <160156420377.1728886.5309670328610130816.stgit@warthog.procyon.org.uk> (raw)
Here are some fixes for problems encountered whilst writing the RxGK
security class (this will allow AF_RXRPC to use GSSAPI-negotiated tokens
and better crypto). The RxGK security class is not included in this
patchset.
Firstly, there's a keyrings patch to provide the original key description,
as provided to add_key(), to the preparser so that it can interpret the
content on that basis. Unfortunately, the rxrpc_s key type wasn't written
to interpret its payload as anything other than a string of bytes
comprising a key, but for RxGK, more information is required as multiple
Kerberos enctypes are supported.
Secondly, there's a bunch of rxrpc fixes:
(1) Fix bundle refcounting for exclusive connections.
(2) Fix the xdr encoding of the contents read from an rxrpc key.
(3) Fix a BUG() for a unsupported encoding type.
(4) Fix missing _bh lock annotations.
(5) Fix the loss of deferred final ACKs on socket shutdown.
(6) Fix acceptance handling for an incoming call where the incoming call
is encrypted.
(7) The server token keyring isn't network namespaced - it belongs to the
server, so there's no need.
(8) The default data packet size alignment should be 1, not 4. It only
needs to be something other than 1 if there are crypto requirements.
Thirdly, there are some preparatory changes:
(1) Remove the rxk5 security class key support. This class never went
anywhere and is now defunct. RxGK should be used instead.
(2) Support multiple tokens in a single key, provided they're loaded in a
single add_key() operation:
- Make preparatory moves to allow the choice of class to be made
higher up the stack.
- Fix some bugs in the XDR parsing.
- Display contained token types in /proc/keys
(3) Split the server key (rxrpc_s-type) into its own file. It has nothing
in common with the session key (rxrpc-type).
(4) Tidy up the connection security bits:
- The prime_packet_security() op is redundant.
- Don't retain the server key in the connection. It's only used once
in a service connection's life when the ticket gets decrypted. Look
it up on demand.
- Hand server key parsing off to the security class.
- Don't reserve the security header in the transmit data buffer, but
rather just add to the offset. RxGK has a more complicated
structure than rxkad.
- Organise the connection security into a union, thereby allowing
other security classes to add bits in the same space.
- Allow a security trailer to be reserved. RxGK may put the checksum
after the data.
- Allow a security class to give more information on a server key in
/proc/keys (such as the enctype).
- Don't use pskb_pull() in rxkad, but rather just add to the offset
when extracting data.
(5) Don't leak key material from server session keys back to userspace.
The patches are tagged here:
git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
rxrpc-next-20201010
and can also be found on this branch:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=rxrpc-next
David
---
David Howells (22):
keys: Provide the original description to the key preparser
rxrpc: Fix bundle counting for exclusive connections
rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read()
rxrpc: Fix some missing _bh annotations on locking conn->state_lock
rxrpc: Fix loss of final ack on shutdown
rxrpc: Fix accept on a connection that need securing
rxrpc: The server keyring isn't network-namespaced
rxrpc: Change basic data packet size alignment to 1
rxrpc: Remove the rxk5 security class as it's now defunct
rxrpc: List the held token types in the key description in /proc/keys
rxrpc: Allow for a security trailer in a packet
rxrpc: Merge prime_packet_security into init_connection_security
rxrpc: Support keys with multiple authentication tokens
rxrpc: Don't retain the server key in the connection
rxrpc: Split the server key type (rxrpc_s) into its own file
rxrpc: Hand server key parsing off to the security class
rxrpc: Don't reserve security header in Tx DATA skbuff
rxrpc: Organise connection security to use a union
rxrpc: Don't leak the service-side session key to userspace
rxrpc: Allow security classes to give more info on server keys
rxrpc: Make the parsing of xdr payloads more coherent
rxrpc: rxkad: Don't use pskb_pull() to advance through the response packet
Marc Dionne (1):
rxrpc: Fix rxkad token xdr encoding
include/keys/rxrpc-type.h | 56 +---
include/uapi/linux/rxrpc.h | 2 +-
net/rxrpc/Makefile | 1 +
net/rxrpc/ar-internal.h | 65 ++--
net/rxrpc/call_accept.c | 277 +++-------------
net/rxrpc/call_object.c | 5 +-
net/rxrpc/conn_client.c | 14 +-
net/rxrpc/conn_event.c | 22 +-
net/rxrpc/conn_object.c | 3 +-
net/rxrpc/conn_service.c | 2 -
net/rxrpc/insecure.c | 15 +-
net/rxrpc/key.c | 642 +++----------------------------------
net/rxrpc/recvmsg.c | 36 +--
net/rxrpc/rxkad.c | 197 ++++++++----
net/rxrpc/security.c | 98 ++++--
net/rxrpc/sendmsg.c | 49 ++-
net/rxrpc/server_key.c | 143 +++++++++
17 files changed, 513 insertions(+), 1114 deletions(-)
create mode 100644 net/rxrpc/server_key.c
next reply other threads:[~2020-10-01 14:56 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-01 14:56 David Howells [this message]
2020-10-01 14:56 ` [PATCH net-next 01/23] keys: Provide the original description to the key preparser David Howells
2020-10-01 14:56 ` [PATCH net-next 02/23] rxrpc: Fix bundle counting for exclusive connections David Howells
2020-10-01 14:57 ` [PATCH net-next 03/23] rxrpc: Fix rxkad token xdr encoding David Howells
2020-10-01 14:57 ` [PATCH net-next 04/23] rxrpc: Downgrade the BUG() for unsupported token type in rxrpc_read() David Howells
2020-10-01 14:57 ` [PATCH net-next 05/23] rxrpc: Fix some missing _bh annotations on locking conn->state_lock David Howells
2020-10-01 14:57 ` [PATCH net-next 06/23] rxrpc: Fix loss of final ack on shutdown David Howells
2020-10-01 14:57 ` [PATCH net-next 07/23] rxrpc: Fix accept on a connection that need securing David Howells
2020-10-01 14:57 ` [PATCH net-next 08/23] rxrpc: The server keyring isn't network-namespaced David Howells
2020-10-01 14:57 ` [PATCH net-next 09/23] rxrpc: Change basic data packet size alignment to 1 David Howells
2020-10-01 14:57 ` [PATCH net-next 10/23] rxrpc: Remove the rxk5 security class as it's now defunct David Howells
2020-10-01 14:57 ` [PATCH net-next 11/23] rxrpc: List the held token types in the key description in /proc/keys David Howells
2020-10-01 14:58 ` [PATCH net-next 12/23] rxrpc: Allow for a security trailer in a packet David Howells
2020-10-01 14:58 ` [PATCH net-next 13/23] rxrpc: Merge prime_packet_security into init_connection_security David Howells
2020-10-01 14:58 ` [PATCH net-next 14/23] rxrpc: Support keys with multiple authentication tokens David Howells
2020-10-01 14:58 ` [PATCH net-next 15/23] rxrpc: Don't retain the server key in the connection David Howells
2020-10-01 14:58 ` [PATCH net-next 16/23] rxrpc: Split the server key type (rxrpc_s) into its own file David Howells
2020-10-01 14:58 ` [PATCH net-next 17/23] rxrpc: Hand server key parsing off to the security class David Howells
2020-10-01 14:58 ` [PATCH net-next 18/23] rxrpc: Don't reserve security header in Tx DATA skbuff David Howells
2020-10-01 14:58 ` [PATCH net-next 19/23] rxrpc: Organise connection security to use a union David Howells
2020-10-01 14:59 ` [PATCH net-next 20/23] rxrpc: Don't leak the service-side session key to userspace David Howells
2020-10-01 14:59 ` [PATCH net-next 21/23] rxrpc: Allow security classes to give more info on server keys David Howells
2020-10-01 14:59 ` [PATCH net-next 22/23] rxrpc: Make the parsing of xdr payloads more coherent David Howells
2020-10-01 14:59 ` [PATCH net-next 23/23] rxrpc: rxkad: Don't use pskb_pull() to advance through the response packet David Howells
2020-10-02 23:03 ` [PATCH net-next 00/23] rxrpc: Fixes and preparation for RxGK David Miller
2020-10-03 20:01 ` David Howells
2020-10-03 21:17 ` David Miller
2020-10-03 21:24 ` David Howells
2020-10-03 21:32 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=160156420377.1728886.5309670328610130816.stgit@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=linux-afs@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).