net/rxrpc/rxgk_kdf.c
Source file repositories/reference/linux-study-clean/net/rxrpc/rxgk_kdf.c
File Facts
- System
- Linux kernel
- Corpus path
net/rxrpc/rxgk_kdf.c- Extension
.c- Size
- 7095 bytes
- Lines
- 289
- Domain
- Networking Core
- Bucket
- Sockets, Protocols, Packet Path, And Network Policy
- Inferred role
- Networking Core: implementation source
- Status
- source implementation candidate
Why This File Exists
Networking stack implementation surface: socket APIs, protocol dispatch, packet flow, routing, filtering, and network namespaces.
- Networking stack implementation surface: socket APIs, protocol dispatch, packet flow, routing, filtering, and network namespaces.
- Allocates kernel memory; connect allocation flags and lifetime to context constraints.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/key-type.hlinux/slab.hkeys/rxrpc-type.har-internal.hrxgk_common.h
Detected Declarations
function Copyrightfunction rxgk_putfunction rxgk_derive_transport_keyfunction rxgk_set_up_ciphersfunction rxgk_set_up_token_cipher
Annotated Snippet
crypto_aead_authsize(gk->resp_enc) != krb5->cksum_len) {
pr_notice("algo inconsistent with krb5 table %u!=%u or %u!=%u\n",
crypto_aead_blocksize(gk->resp_enc), krb5->block_len,
crypto_aead_authsize(gk->resp_enc), krb5->cksum_len);
ret = -EINVAL;
goto out;
}
if (service) {
switch (conn->security_level) {
case RXRPC_SECURITY_AUTH:
shash = crypto_krb5_prepare_checksum(
krb5, &TK, RXGK_SERVER_MIC_PACKET, gfp);
if (IS_ERR(shash))
goto hash_error;
gk->tx_Kc = shash;
shash = crypto_krb5_prepare_checksum(
krb5, &TK, RXGK_CLIENT_MIC_PACKET, gfp);
if (IS_ERR(shash))
goto hash_error;
gk->rx_Kc = shash;
break;
case RXRPC_SECURITY_ENCRYPT:
aead = crypto_krb5_prepare_encryption(
krb5, &TK, RXGK_SERVER_ENC_PACKET, gfp);
if (IS_ERR(aead))
goto aead_error;
gk->tx_enc = aead;
aead = crypto_krb5_prepare_encryption(
krb5, &TK, RXGK_CLIENT_ENC_PACKET, gfp);
if (IS_ERR(aead))
goto aead_error;
gk->rx_enc = aead;
break;
}
} else {
switch (conn->security_level) {
case RXRPC_SECURITY_AUTH:
shash = crypto_krb5_prepare_checksum(
krb5, &TK, RXGK_CLIENT_MIC_PACKET, gfp);
if (IS_ERR(shash))
goto hash_error;
gk->tx_Kc = shash;
shash = crypto_krb5_prepare_checksum(
krb5, &TK, RXGK_SERVER_MIC_PACKET, gfp);
if (IS_ERR(shash))
goto hash_error;
gk->rx_Kc = shash;
break;
case RXRPC_SECURITY_ENCRYPT:
aead = crypto_krb5_prepare_encryption(
krb5, &TK, RXGK_CLIENT_ENC_PACKET, gfp);
if (IS_ERR(aead))
goto aead_error;
gk->tx_enc = aead;
aead = crypto_krb5_prepare_encryption(
krb5, &TK, RXGK_SERVER_ENC_PACKET, gfp);
if (IS_ERR(aead))
goto aead_error;
gk->rx_enc = aead;
break;
}
}
ret = 0;
out:
kfree_sensitive(buffer);
return ret;
aead_error:
ret = PTR_ERR(aead);
goto out;
hash_error:
ret = PTR_ERR(shash);
goto out;
}
/*
* Derive a transport key for a connection and then derive a bunch of usage
* keys from it and set up ciphers using them.
*/
struct rxgk_context *rxgk_generate_transport_key(struct rxrpc_connection *conn,
const struct rxgk_key *key,
unsigned int key_number,
gfp_t gfp)
{
struct rxgk_context *gk;
unsigned long lifetime;
int ret = -ENOPKG;
_enter("");
Annotation
- Immediate include surface: `linux/key-type.h`, `linux/slab.h`, `keys/rxrpc-type.h`, `ar-internal.h`, `rxgk_common.h`.
- Detected declarations: `function Copyright`, `function rxgk_put`, `function rxgk_derive_transport_key`, `function rxgk_set_up_ciphers`, `function rxgk_set_up_token_cipher`.
- Atlas domain: Networking Core / Sockets, Protocols, Packet Path, And Network Policy.
- Implementation status: source implementation candidate.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.