[net,00/17] rxrpc: Prelude to gssapi support

Message ID	160616220405.830164.2239716599743995145.stgit@warthog.procyon.org.uk (mailing list archive)
Headers	show Return-Path: <netdev-owner@kernel.org> Subject: [PATCH net 00/17] rxrpc: Prelude to gssapi support From: David Howells <dhowells@redhat.com> To: netdev@vger.kernel.org Cc: dhowells@redhat.com, linux-afs@lists.infradead.org, linux-kernel@vger.kernel.org Date: Mon, 23 Nov 2020 20:10:04 +0000 Message-ID: <160616220405.830164.2239716599743995145.stgit@warthog.procyon.org.uk> User-Agent: StGit/0.23 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Precedence: bulk
Series	rxrpc: Prelude to gssapi support \| expand [net,00/17] rxrpc: Prelude to gssapi support [net-next,01/17] keys: Provide the original description to the key preparser [net-next,02/17] rxrpc: Remove the rxk5 security class as it's now defunct [net-next,03/17] rxrpc: List the held token types in the key description in /proc/keys [net-next,04/17] rxrpc: Support keys with multiple authentication tokens [net-next,05/17] rxrpc: Don't retain the server key in the connection [net-next,06/17] rxrpc: Split the server key type (rxrpc_s) into its own file [net-next,07/17] rxrpc: Hand server key parsing off to the security class [net-next,08/17] rxrpc: Don't leak the service-side session key to userspace [net-next,09/17] rxrpc: Allow security classes to give more info on server keys [net-next,10/17] rxrpc: Make the parsing of xdr payloads more coherent [net-next,11/17] rxrpc: Ignore unknown tokens in key payload unless no known tokens [net-next,12/17] rxrpc: Fix example key name in a comment [net-next,13/17] rxrpc: Merge prime_packet_security into init_connection_security [net-next,14/17] rxrpc: Don't reserve security header in Tx DATA skbuff [net-next,15/17] rxrpc: Organise connection security to use a union [net-next,16/17] rxrpc: rxkad: Don't use pskb_pull() to advance through the response packet [net-next,17/17] rxrpc: Ask the security class how much space to allow in a packet

Message ID

160616220405.830164.2239716599743995145.stgit@warthog.procyon.org.uk (mailing list archive)

Headers

Subject: [PATCH net 00/17] rxrpc: Prelude to gssapi support
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org
Cc: dhowells@redhat.com, linux-afs@lists.infradead.org,
        linux-kernel@vger.kernel.org
Date: Mon, 23 Nov 2020 20:10:04 +0000
Message-ID: 
 <160616220405.830164.2239716599743995145.stgit@warthog.procyon.org.uk>
User-Agent: StGit/0.23
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Precedence: bulk

Series

rxrpc: Prelude to gssapi support | expand

Message

David Howells Nov. 23, 2020, 8:10 p.m. UTC

Here are some patches that do some reorganisation of the security class
handling in rxrpc to allow implementation of the RxGK security class that
will allow AF_RXRPC to use GSSAPI-negotiated tokens and better crypto.  The
RxGK security class is not included in this patchset.

It does the following things:

 (1) Add a keyrings patch to provide the original key description, as
     provided to add_key(), to the payload preparser so that it can
     interpret the content on that basis.  Unfortunately, the rxrpc_s key
     type wasn't written to interpret its payload as anything other than a
     string of bytes comprising a key, but for RxGK, more information is
     required as multiple Kerberos enctypes are supported.

 (2) Remove the rxk5 security class key parsing.  The rxk5 class never got
     rolled out in OpenAFS and got replaced with rxgk.

 (3) Support the creation of rxrpc keys with multiple tokens of different
     types.  If some types are not supported, the ENOPKG error is
     suppressed if at least one other token's type is supported.

 (4) Punt the handling of server keys (rxrpc_s type) to the appropriate
     security class.

 (5) Organise the security bits in the rxrpc_connection struct into a
     union to make it easier to override for other classes.

 (6) Move some bits from core code into rxkad that won't be appropriate to
     rxgk.

The patches are tagged here:

	git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
	rxrpc-next-20201123

and can also be found on the following branch:

	http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=rxrpc-next

David
---
David Howells (17):
      keys: Provide the original description to the key preparser
      rxrpc: Remove the rxk5 security class as it's now defunct
      rxrpc: List the held token types in the key description in /proc/keys
      rxrpc: Support keys with multiple authentication tokens
      rxrpc: Don't retain the server key in the connection
      rxrpc: Split the server key type (rxrpc_s) into its own file
      rxrpc: Hand server key parsing off to the security class
      rxrpc: Don't leak the service-side session key to userspace
      rxrpc: Allow security classes to give more info on server keys
      rxrpc: Make the parsing of xdr payloads more coherent
      rxrpc: Ignore unknown tokens in key payload unless no known tokens
      rxrpc: Fix example key name in a comment
      rxrpc: Merge prime_packet_security into init_connection_security
      rxrpc: Don't reserve security header in Tx DATA skbuff
      rxrpc: Organise connection security to use a union
      rxrpc: rxkad: Don't use pskb_pull() to advance through the response packet
      rxrpc: Ask the security class how much space to allow in a packet


 include/keys/rxrpc-type.h |  56 +---
 net/rxrpc/Makefile        |   1 +
 net/rxrpc/ar-internal.h   |  63 ++--
 net/rxrpc/call_accept.c   |  14 +-
 net/rxrpc/conn_client.c   |   6 -
 net/rxrpc/conn_event.c    |   8 +-
 net/rxrpc/conn_object.c   |   2 -
 net/rxrpc/conn_service.c  |   2 -
 net/rxrpc/insecure.c      |  19 +-
 net/rxrpc/key.c           | 658 ++++----------------------------------
 net/rxrpc/rxkad.c         | 256 ++++++++++-----
 net/rxrpc/security.c      |  98 ++++--
 net/rxrpc/sendmsg.c       |  45 +--
 net/rxrpc/server_key.c    | 143 +++++++++
 14 files changed, 519 insertions(+), 852 deletions(-)
 create mode 100644 net/rxrpc/server_key.c

Comments

Jakub Kicinski Nov. 24, 2020, 8:08 p.m. UTC | #1

On Mon, 23 Nov 2020 20:10:04 +0000 David Howells wrote:
> Here are some patches that do some reorganisation of the security class
> handling in rxrpc to allow implementation of the RxGK security class that
> will allow AF_RXRPC to use GSSAPI-negotiated tokens and better crypto.  The
> RxGK security class is not included in this patchset.
> 
> It does the following things:
> 
>  (1) Add a keyrings patch to provide the original key description, as
>      provided to add_key(), to the payload preparser so that it can
>      interpret the content on that basis.  Unfortunately, the rxrpc_s key
>      type wasn't written to interpret its payload as anything other than a
>      string of bytes comprising a key, but for RxGK, more information is
>      required as multiple Kerberos enctypes are supported.
> 
>  (2) Remove the rxk5 security class key parsing.  The rxk5 class never got
>      rolled out in OpenAFS and got replaced with rxgk.
> 
>  (3) Support the creation of rxrpc keys with multiple tokens of different
>      types.  If some types are not supported, the ENOPKG error is
>      suppressed if at least one other token's type is supported.
> 
>  (4) Punt the handling of server keys (rxrpc_s type) to the appropriate
>      security class.
> 
>  (5) Organise the security bits in the rxrpc_connection struct into a
>      union to make it easier to override for other classes.
> 
>  (6) Move some bits from core code into rxkad that won't be appropriate to
>      rxgk.

Pulled into net-next, thank you!