[PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"

[PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"

[David Howells]

As the kernel has or will have filesystems (and possibly other services) that
want to obtain authentication tokens and/or encryption data on demand (via
GSSAPI for example), it would seem useful to provide an additional error code
to indicate a problem with the lookup, rather than overloading some other error
code.

We already have EKEYREJECTED, EKEYREVOKED and EKEYEXPIRED to indicate problems
with a token that we already have, but what if the authentication server just
isn't available?

Define ENOAUTHSERVICE to indicate "Authentication service unavailable".  This
can be used to indicate, for example, that an attempt was made by request_key()
to retrieve a key, but the authentication server (e.g. a KDC) it is supposed to
contact didn't answer or that it couldn't determine the location of a suitable
server.

One way this can be used is that the user of a network filesystem can get a TGT
from the KDC and stash it in their session keyring, then the filesystem can
attempt to automatically get a ticket for accessing the filesystem - but if the
server is uncontactable then the ticket can be negatively instantiated with
KEYCTL_REJECT, giving the error to be handed to future requests as
ENOAUTHSERVICE and a small timeout so that the key will expire from the cache
and allow a retry after a short while to prevent thrashing.

Signed-off-by: David Howells <dhowells@redhat.com>
---

 arch/alpha/include/asm/errno.h  |    1 +
 arch/mips/include/asm/errno.h   |    1 +
 arch/parisc/include/asm/errno.h |    1 +
 arch/sparc/include/asm/errno.h  |    1 +
 include/asm-generic/errno.h     |    1 +
 5 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/arch/alpha/include/asm/errno.h b/arch/alpha/include/asm/errno.h
index e5f29ca..5edc21e 100644
--- a/arch/alpha/include/asm/errno.h
+++ b/arch/alpha/include/asm/errno.h
@@ -121,6 +121,7 @@
 #define	ENOTRECOVERABLE	137	/* State not recoverable */
 
 #define	ERFKILL		138	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	139	/* Authentication service not available */
 
 #define EHWPOISON	139	/* Memory page has hardware error */
 
diff --git a/arch/mips/include/asm/errno.h b/arch/mips/include/asm/errno.h
index 6dcd358..9e0b83f 100644
--- a/arch/mips/include/asm/errno.h
+++ b/arch/mips/include/asm/errno.h
@@ -120,6 +120,7 @@
 #define	ENOTRECOVERABLE	166	/* State not recoverable */
 
 #define	ERFKILL		167	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	168	/* Authentication service not available */
 
 #define EHWPOISON	168	/* Memory page has hardware error */
 
diff --git a/arch/parisc/include/asm/errno.h b/arch/parisc/include/asm/errno.h
index 135ad60..c4598b6 100644
--- a/arch/parisc/include/asm/errno.h
+++ b/arch/parisc/include/asm/errno.h
@@ -121,6 +121,7 @@
 #define ENOTRECOVERABLE	255	/* State not recoverable */
 
 #define	ERFKILL		256	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	257	/* Authentication service not available */
 
 #define EHWPOISON	257	/* Memory page has hardware error */
 
diff --git a/arch/sparc/include/asm/errno.h b/arch/sparc/include/asm/errno.h
index c351aba..ab4f9f5 100644
--- a/arch/sparc/include/asm/errno.h
+++ b/arch/sparc/include/asm/errno.h
@@ -111,6 +111,7 @@
 #define	ENOTRECOVERABLE	133	/* State not recoverable */
 
 #define	ERFKILL		134	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	135	/* Authentication service not available */
 
 #define EHWPOISON	135	/* Memory page has hardware error */
 
diff --git a/include/asm-generic/errno.h b/include/asm-generic/errno.h
index a1331ce..52325ca 100644
--- a/include/asm-generic/errno.h
+++ b/include/asm-generic/errno.h
@@ -107,6 +107,7 @@
 #define	ENOTRECOVERABLE	131	/* State not recoverable */
 
 #define ERFKILL		132	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	133	/* Authentication service not available */
 
 #define EHWPOISON	133	/* Memory page has hardware error */
 

[PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors

[David Howells]

Now that the kernel has filesystems (and possibly other services) that want to
look up internet addresses corresponding to arbitrary hostnames retrieved from
the server, it would seem useful to provide a couple of error codes to indicate
problems with the look up, rather than overloading some other error code.

Define ENONAMESERVICE to indicate "Network name service unavailable".  This can
be used to indicate, for example, that an attempt was made by dns_query() to
make a query, but the name server (e.g. a DNS server) it is supposed to contact
didn't answer or that it couldn't determine the location of a suitable server.

Define ENAMEUNKNOWN to indicate "Network name unknown".  This can be used to
indicate, for example, that an attempt was made by dns_query() to make a query,
but the name server (e.g. a DNS server) replied indicating that it had no
matching records.

The DNS query upcall program can report these to keyctl_reject() so that cached
failed queries will respond with these errors until they expire.

Signed-off-by: David Howells <dhowells@redhat.com>
---

 arch/alpha/include/asm/errno.h  |    2 ++
 arch/mips/include/asm/errno.h   |    2 ++
 arch/parisc/include/asm/errno.h |    2 ++
 arch/sparc/include/asm/errno.h  |    2 ++
 include/asm-generic/errno.h     |    2 ++
 5 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/arch/alpha/include/asm/errno.h b/arch/alpha/include/asm/errno.h
index 5edc21e..d6e8582 100644
--- a/arch/alpha/include/asm/errno.h
+++ b/arch/alpha/include/asm/errno.h
@@ -122,6 +122,8 @@
 
 #define	ERFKILL		138	/* Operation not possible due to RF-kill */
 #define	ENOAUTHSERVICE	139	/* Authentication service not available */
+#define	ENONAMESERVICE	140	/* Network name service unavailable */
+#define	ENAMEUNKNOWN	141	/* Network name unknown */
 
 #define EHWPOISON	139	/* Memory page has hardware error */
 
diff --git a/arch/mips/include/asm/errno.h b/arch/mips/include/asm/errno.h
index 9e0b83f..5ae25aa 100644
--- a/arch/mips/include/asm/errno.h
+++ b/arch/mips/include/asm/errno.h
@@ -121,6 +121,8 @@
 
 #define	ERFKILL		167	/* Operation not possible due to RF-kill */
 #define	ENOAUTHSERVICE	168	/* Authentication service not available */
+#define	ENONAMESERVICE	169	/* Network name service unavailable */
+#define	ENAMEUNKNOWN	170	/* Network name unknown */
 
 #define EHWPOISON	168	/* Memory page has hardware error */
 
diff --git a/arch/parisc/include/asm/errno.h b/arch/parisc/include/asm/errno.h
index c4598b6..6b3bc7f 100644
--- a/arch/parisc/include/asm/errno.h
+++ b/arch/parisc/include/asm/errno.h
@@ -122,6 +122,8 @@
 
 #define	ERFKILL		256	/* Operation not possible due to RF-kill */
 #define	ENOAUTHSERVICE	257	/* Authentication service not available */
+#define	ENONAMESERVICE	258	/* Network name service unavailable */
+#define	ENAMEUNKNOWN	259	/* Network name unknown */
 
 #define EHWPOISON	257	/* Memory page has hardware error */
 
diff --git a/arch/sparc/include/asm/errno.h b/arch/sparc/include/asm/errno.h
index ab4f9f5..5fab088 100644
--- a/arch/sparc/include/asm/errno.h
+++ b/arch/sparc/include/asm/errno.h
@@ -112,6 +112,8 @@
 
 #define	ERFKILL		134	/* Operation not possible due to RF-kill */
 #define	ENOAUTHSERVICE	135	/* Authentication service not available */
+#define	ENONAMESERVICE	136	/* Network name service unavailable */
+#define	ENAMEUNKNOWN	137	/* Network name unknown */
 
 #define EHWPOISON	135	/* Memory page has hardware error */
 
diff --git a/include/asm-generic/errno.h b/include/asm-generic/errno.h
index 52325ca..719f60c 100644
--- a/include/asm-generic/errno.h
+++ b/include/asm-generic/errno.h
@@ -108,6 +108,8 @@
 
 #define ERFKILL		132	/* Operation not possible due to RF-kill */
 #define	ENOAUTHSERVICE	133	/* Authentication service not available */
+#define	ENONAMESERVICE	134	/* Network name service unavailable */
+#define	ENAMEUNKNOWN	135	/* Network name unknown */
 
 #define EHWPOISON	133	/* Memory page has hardware error */
 

Re: [PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors

[Jim Rees]

David Howells wrote:

  Define ENAMEUNKNOWN to indicate "Network name unknown".  This can be used to
  indicate, for example, that an attempt was made by dns_query() to make a query,
  but the name server (e.g. a DNS server) replied indicating that it had no
  matching records.

Would this be the same as NXDOMAIN?  That is, does it mean the name server
couldn't find a record, or does it mean that the record doesn't exist?

Re: [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"

[Joseph S. Myers]

On Wed, 8 Feb 2012, David Howells wrote:

>  #define ERFKILL		132	/* Operation not possible due to RF-kill */
> +#define	ENOAUTHSERVICE	133	/* Authentication service not available */
>  
>  #define EHWPOISON	133	/* Memory page has hardware error */

Defining the new error to have the same value as EHWPOISON seems rather 
odd....

-- 
Joseph S. Myers
joseph@codesourcery.com

Re: [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"

[Valdis.Kletnieks]

[-- Attachment #1: Type: text/plain, Size: 376 bytes --]

On Wed, 08 Feb 2012 12:29:05 GMT, David Howells said:

> +#define	ENOAUTHSERVICE	139	/* Authentication service not available */
>
>  #define EHWPOISON	139	/* Memory page has hardware error */

Was this an intentional overload of 139 (and so on for other archs)?
Just checking - I'm sure if it goes in like this, we'll see a patch to "fix" the
collision for 3.16.0 or so... ;)

[-- Attachment #2: Type: application/pgp-signature, Size: 865 bytes --]

Re: [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"

[David Howells]

Valdis.Kletnieks@vt.edu wrote:

> Was this an intentional overload of 139 (and so on for other archs)?  Just
> checking - I'm sure if it goes in like this, we'll see a patch to "fix" the
> collision for 3.16.0 or so... ;)

Ummm...  Odd...  I'm surprised StGIT managed to reapply my patches with no
warning.  I'll fix the numbering in them.

David

Re: [PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors

[David Howells]

Jim Rees <rees@umich.edu> wrote:

>   Define ENAMEUNKNOWN to indicate "Network name unknown".  This can be used to
>   indicate, for example, that an attempt was made by dns_query() to make a query,
>   but the name server (e.g. a DNS server) replied indicating that it had no
>   matching records.
> 
> Would this be the same as NXDOMAIN?  That is, does it mean the name server
> couldn't find a record, or does it mean that the record doesn't exist?

Is there a way to tell the difference?  Can you store a negative record in the
DNS?  Or is it that the DNS has records for the name, just not records of the
type you're looking for (eg. NO_ADDRESS/NO_DATA from gethostbyname())?

David

Re: [PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors

[Jim Rees]

David Howells wrote:

  Jim Rees <rees@umich.edu> wrote:
  
  >   Define ENAMEUNKNOWN to indicate "Network name unknown".  This can be used to
  >   indicate, for example, that an attempt was made by dns_query() to make a query,
  >   but the name server (e.g. a DNS server) replied indicating that it had no
  >   matching records.
  > 
  > Would this be the same as NXDOMAIN?  That is, does it mean the name server
  > couldn't find a record, or does it mean that the record doesn't exist?
  
  Is there a way to tell the difference?  Can you store a negative record in the
  DNS?  Or is it that the DNS has records for the name, just not records of the
  type you're looking for (eg. NO_ADDRESS/NO_DATA from gethostbyname())?

It's an important distinction to the resolver if you want to avoid dns
hijacking.  See rfc2308.  There doesn't seem to be a way to tell the
difference from the gethostbyname call, which was designed before this was a
problem.  The on-the-wire dns query protocol does make the distinction.

I suspect kernel dns clients won't need to know the difference, but I think
it's useful if we decide on and document the meaning of the error codes.
Maybe the answer is that ENAMEUNKNOWN means the same as a HOST_NOT_FOUND
from gethostbyname().

Re: [PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors

[David Howells]

Jim Rees <rees@umich.edu> wrote:

>   > Would this be the same as NXDOMAIN?  That is, does it mean the name server
>   > couldn't find a record, or does it mean that the record doesn't exist?
>   
>   Is there a way to tell the difference?  Can you store a negative record in
>   the DNS?  Or is it that the DNS has records for the name, just not records
>   of the type you're looking for (eg. NO_ADDRESS/NO_DATA from
>   gethostbyname())?
> 
> It's an important distinction to the resolver if you want to avoid dns
> hijacking.  See rfc2308.  There doesn't seem to be a way to tell the
> difference from the gethostbyname call, which was designed before this was a
> problem.  The on-the-wire dns query protocol does make the distinction.
> 
> I suspect kernel dns clients won't need to know the difference, but I think
> it's useful if we decide on and document the meaning of the error codes.
> Maybe the answer is that ENAMEUNKNOWN means the same as a HOST_NOT_FOUND
> from gethostbyname().

Should I propose an extra error code?  Perhaps giving:

	ENONAMESERVICE	"Network name service unavailable"
	ENAMEUNKNOWN	"Network name not known"
	ENONAMERECORD	"Network name query returned no records"

Note that ENONAMESERVICE covers all of: not having a name service configured,
not being able to contact the configured name server and the configured name
server not being able to chain to the authoritative name server.  However, I
think this is probably okay.

David

[PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"

[Trond Myklebust]

From: David Howells <dhowells@redhat.com>

As the kernel has or will have filesystems (and possibly other services) that
want to obtain authentication tokens and/or encryption data on demand (via
GSSAPI for example), it would seem useful to provide an additional error code
to indicate a problem with the lookup, rather than overloading some other error
code.

We already have EKEYREJECTED, EKEYREVOKED and EKEYEXPIRED to indicate problems
with a token that we already have, but what if the authentication server just
isn't available?

Define ENOAUTHSERVICE to indicate "Authentication service unavailable".  This
can be used to indicate, for example, that an attempt was made by request_key()
to retrieve a key, but the authentication server (e.g. a KDC) it is supposed to
contact didn't answer or that it couldn't determine the location of a suitable
server.

One way this can be used is that the user of a network filesystem can get a TGT
from the KDC and stash it in their session keyring, then the filesystem can
attempt to automatically get a ticket for accessing the filesystem - but if the
server is uncontactable then the ticket can be negatively instantiated with
KEYCTL_REJECT, giving the error to be handed to future requests as
ENOAUTHSERVICE and a small timeout so that the key will expire from the cache
and allow a retry after a short while to prevent thrashing.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
---
 arch/alpha/include/asm/errno.h  |    2 ++
 arch/mips/include/asm/errno.h   |    1 +
 arch/parisc/include/asm/errno.h |    1 +
 arch/sparc/include/asm/errno.h  |    1 +
 include/asm-generic/errno.h     |    1 +
 5 files changed, 6 insertions(+)

diff --git a/arch/alpha/include/asm/errno.h b/arch/alpha/include/asm/errno.h
index e5f29ca..dce5fc9 100644
--- a/arch/alpha/include/asm/errno.h
+++ b/arch/alpha/include/asm/errno.h
@@ -124,4 +124,6 @@
 
 #define EHWPOISON	139	/* Memory page has hardware error */
 
+#define	ENOAUTHSERVICE	140	/* Authentication service not available */
+
 #endif
diff --git a/arch/mips/include/asm/errno.h b/arch/mips/include/asm/errno.h
index 6dcd358..67c46bd 100644
--- a/arch/mips/include/asm/errno.h
+++ b/arch/mips/include/asm/errno.h
@@ -122,6 +122,7 @@
 #define	ERFKILL		167	/* Operation not possible due to RF-kill */
 
 #define EHWPOISON	168	/* Memory page has hardware error */
+#define	ENOAUTHSERVICE	169	/* Authentication service not available */
 
 #define EDQUOT		1133	/* Quota exceeded */
 
diff --git a/arch/parisc/include/asm/errno.h b/arch/parisc/include/asm/errno.h
index 135ad60..3a6ffcd 100644
--- a/arch/parisc/include/asm/errno.h
+++ b/arch/parisc/include/asm/errno.h
@@ -123,5 +123,6 @@
 #define	ERFKILL		256	/* Operation not possible due to RF-kill */
 
 #define EHWPOISON	257	/* Memory page has hardware error */
+#define	ENOAUTHSERVICE	258	/* Authentication service not available */
 
 #endif
diff --git a/arch/sparc/include/asm/errno.h b/arch/sparc/include/asm/errno.h
index c351aba..94a878f 100644
--- a/arch/sparc/include/asm/errno.h
+++ b/arch/sparc/include/asm/errno.h
@@ -113,5 +113,6 @@
 #define	ERFKILL		134	/* Operation not possible due to RF-kill */
 
 #define EHWPOISON	135	/* Memory page has hardware error */
+#define	ENOAUTHSERVICE	136	/* Authentication service not available */
 
 #endif
diff --git a/include/asm-generic/errno.h b/include/asm-generic/errno.h
index a1331ce..5e2b296 100644
--- a/include/asm-generic/errno.h
+++ b/include/asm-generic/errno.h
@@ -109,5 +109,6 @@
 #define ERFKILL		132	/* Operation not possible due to RF-kill */
 
 #define EHWPOISON	133	/* Memory page has hardware error */
+#define	ENOAUTHSERVICE	134	/* Authentication service not available */
 
 #endif
-- 
1.7.10.2

[PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"

[David Howells]

As the kernel has or will have filesystems (and possibly other services) that
want to obtain authentication tokens and/or encryption data on demand (via
GSSAPI for example), it would seem useful to provide an additional error code
to indicate a problem with the lookup, rather than overloading some other error
code.

We already have EKEYREJECTED, EKEYREVOKED and EKEYEXPIRED to indicate problems
with a token that we already have, but what if the authentication server just
isn't available?

Define ENOAUTHSERVICE to indicate "Authentication service unavailable".  This
can be used to indicate, for example, that an attempt was made by request_key()
to retrieve a key, but the authentication server (e.g. a KDC) it is supposed to
contact didn't answer or that it couldn't determine the location of a suitable
server.

One way this can be used is that the user of a network filesystem could get a
TGT from the KDC and stash it in their session keyring, then the filesystem can
attempt to automatically get a ticket for accessing the filesystem - but if the
server is uncontactable then the ticket can be negatively instantiated with
KEYCTL_REJECT, giving the error to be handed to future requests as
ENOAUTHSERVICE and a small timeout so that the key will expire from the cache
and allow a retry after a short while to prevent thrashing.

I envision that this error would primarily be generated by a kernel upcall for
the kernel to then pass back to the original userspace caller.  The kernel
itself might not actually pay any attention to it, except as a hint as to
whether to retry.

Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steven Whitehouse <swhiteho@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
Liked-by: Simo Sorce <simo@redhat.com>
---

 arch/alpha/include/asm/errno.h  |    2 ++
 arch/mips/include/asm/errno.h   |    1 +
 arch/parisc/include/asm/errno.h |    1 +
 arch/sparc/include/asm/errno.h  |    1 +
 include/asm-generic/errno.h     |    1 +
 5 files changed, 6 insertions(+), 0 deletions(-)

diff --git a/arch/alpha/include/asm/errno.h b/arch/alpha/include/asm/errno.h
index e5f29ca..dce5fc9 100644
--- a/arch/alpha/include/asm/errno.h
+++ b/arch/alpha/include/asm/errno.h
@@ -124,4 +124,6 @@
 
 #define EHWPOISON	139	/* Memory page has hardware error */
 
+#define	ENOAUTHSERVICE	140	/* Authentication service not available */
+
 #endif
diff --git a/arch/mips/include/asm/errno.h b/arch/mips/include/asm/errno.h
index 6dcd358..67c46bd 100644
--- a/arch/mips/include/asm/errno.h
+++ b/arch/mips/include/asm/errno.h
@@ -122,6 +122,7 @@
 #define	ERFKILL		167	/* Operation not possible due to RF-kill */
 
 #define EHWPOISON	168	/* Memory page has hardware error */
+#define	ENOAUTHSERVICE	169	/* Authentication service not available */
 
 #define EDQUOT		1133	/* Quota exceeded */
 
diff --git a/arch/parisc/include/asm/errno.h b/arch/parisc/include/asm/errno.h
index 135ad60..3a6ffcd 100644
--- a/arch/parisc/include/asm/errno.h
+++ b/arch/parisc/include/asm/errno.h
@@ -123,5 +123,6 @@
 #define	ERFKILL		256	/* Operation not possible due to RF-kill */
 
 #define EHWPOISON	257	/* Memory page has hardware error */
+#define	ENOAUTHSERVICE	258	/* Authentication service not available */
 
 #endif
diff --git a/arch/sparc/include/asm/errno.h b/arch/sparc/include/asm/errno.h
index c351aba..94a878f 100644
--- a/arch/sparc/include/asm/errno.h
+++ b/arch/sparc/include/asm/errno.h
@@ -113,5 +113,6 @@
 #define	ERFKILL		134	/* Operation not possible due to RF-kill */
 
 #define EHWPOISON	135	/* Memory page has hardware error */
+#define	ENOAUTHSERVICE	136	/* Authentication service not available */
 
 #endif
diff --git a/include/asm-generic/errno.h b/include/asm-generic/errno.h
index a1331ce..5e2b296 100644
--- a/include/asm-generic/errno.h
+++ b/include/asm-generic/errno.h
@@ -109,5 +109,6 @@
 #define ERFKILL		132	/* Operation not possible due to RF-kill */
 
 #define EHWPOISON	133	/* Memory page has hardware error */
+#define	ENOAUTHSERVICE	134	/* Authentication service not available */
 
 #endif

[PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"

[David Howells]

As the kernel has or will have filesystems (and possibly other services) that
want to obtain authentication tokens and/or encryption data on demand (via
GSSAPI for example), it would seem useful to provide an additional error code
to indicate a problem with the lookup, rather than overloading some other error
code.

We already have EKEYREJECTED, EKEYREVOKED and EKEYEXPIRED to indicate problems
with a token that we already have, but what if the authentication server just
isn't available?

Define ENOAUTHSERVICE to indicate "Authentication service unavailable".  This
can be used to indicate, for example, that an attempt was made by request_key()
to retrieve a key, but the authentication server (e.g. a KDC) it is supposed to
contact didn't answer or that it couldn't determine the location of a suitable
server.

One way this can be used is that the user of a network filesystem can get a TGT
from the KDC and stash it in their session keyring, then the filesystem can
attempt to automatically get a ticket for accessing the filesystem - but if the
server is uncontactable then the ticket can be negatively instantiated with
KEYCTL_REJECT, giving the error to be handed to future requests as
ENOAUTHSERVICE and a small timeout so that the key will expire from the cache
and allow a retry after a short while to prevent thrashing.

Signed-off-by: David Howells <dhowells@redhat.com>
---

 arch/alpha/include/asm/errno.h  |    1 +
 arch/mips/include/asm/errno.h   |    1 +
 arch/parisc/include/asm/errno.h |    1 +
 arch/sparc/include/asm/errno.h  |    1 +
 include/asm-generic/errno.h     |    1 +
 5 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/arch/alpha/include/asm/errno.h b/arch/alpha/include/asm/errno.h
index 98099bd..519663c 100644
--- a/arch/alpha/include/asm/errno.h
+++ b/arch/alpha/include/asm/errno.h
@@ -121,5 +121,6 @@
 #define	ENOTRECOVERABLE	137	/* State not recoverable */
 
 #define	ERFKILL		138	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	139	/* Authentication service not available */
 
 #endif
diff --git a/arch/mips/include/asm/errno.h b/arch/mips/include/asm/errno.h
index a0efc73..5fa7fed 100644
--- a/arch/mips/include/asm/errno.h
+++ b/arch/mips/include/asm/errno.h
@@ -120,6 +120,7 @@
 #define	ENOTRECOVERABLE	166	/* State not recoverable */
 
 #define	ERFKILL		167	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	168	/* Authentication service not available */
 
 #define EDQUOT		1133	/* Quota exceeded */
 
diff --git a/arch/parisc/include/asm/errno.h b/arch/parisc/include/asm/errno.h
index 9992abd..6a19346 100644
--- a/arch/parisc/include/asm/errno.h
+++ b/arch/parisc/include/asm/errno.h
@@ -121,5 +121,6 @@
 #define ENOTRECOVERABLE	255	/* State not recoverable */
 
 #define	ERFKILL		256	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	257	/* Authentication service not available */
 
 #endif
diff --git a/arch/sparc/include/asm/errno.h b/arch/sparc/include/asm/errno.h
index 4e2bc49..ab3a26a 100644
--- a/arch/sparc/include/asm/errno.h
+++ b/arch/sparc/include/asm/errno.h
@@ -111,5 +111,6 @@
 #define	ENOTRECOVERABLE	133	/* State not recoverable */
 
 #define	ERFKILL		134	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	135	/* Authentication service not available */
 
 #endif
diff --git a/include/asm-generic/errno.h b/include/asm-generic/errno.h
index 28cc03b..bcf1908 100644
--- a/include/asm-generic/errno.h
+++ b/include/asm-generic/errno.h
@@ -107,5 +107,6 @@
 #define	ENOTRECOVERABLE	131	/* State not recoverable */
 
 #define ERFKILL		132	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	133	/* Authentication service not available */
 
 #endif