net/rxrpc/rxkad.c

Source file repositories/reference/linux-study-clean/net/rxrpc/rxkad.c

File Facts

System
Linux kernel
Corpus path
net/rxrpc/rxkad.c
Extension
.c
Size
29091 bytes
Lines
1142
Domain
Networking Core
Bucket
Sockets, Protocols, Packet Path, And Network Policy
Inferred role
Networking Core: exported/initcall integration point
Status
integration implementation candidate

Why This File Exists

Networking stack implementation surface: socket APIs, protocol dispatch, packet flow, routing, filtering, and network namespaces.

Dependency Surface

Detected Declarations

Annotated Snippet

struct rxkad_level1_hdr {
	__be32	data_size;	/* true data size (excluding padding) */
};

struct rxkad_level2_hdr {
	__be32	data_size;	/* true data size (excluding padding) */
	__be32	checksum;	/* decrypted data checksum */
};

static void rxkad_prime_packet_security(struct rxrpc_connection *conn,
					const struct fcrypt_key *cipher);

/*
 * Parse the information from a server key
 *
 * The data should be the 8-byte secret key.
 */
static int rxkad_preparse_server_key(struct key_preparsed_payload *prep)
{
	struct des_ctx *des_key;
	int err;

	if (prep->datalen != 8)
		return -EINVAL;

	memcpy(&prep->payload.data[2], prep->data, 8);

	des_key = kmalloc_obj(*des_key);
	if (!des_key) {
		_leave(" = -ENOMEM");
		return -ENOMEM;
	}

	err = des_expand_key(des_key, prep->data, 8);
	if (err) {
		kfree_sensitive(des_key);
		_leave(" = %d", err);
		return err;
	}

	prep->payload.data[0] = des_key;
	_leave(" = 0");
	return 0;
}

static void rxkad_free_preparse_server_key(struct key_preparsed_payload *prep)
{
	kfree_sensitive(prep->payload.data[0]);
}

static void rxkad_destroy_server_key(struct key *key)
{
	kfree_sensitive(key->payload.data[0]);
	key->payload.data[0] = NULL;
}

/*
 * initialise connection security
 */
static int rxkad_init_connection_security(struct rxrpc_connection *conn,
					  struct rxrpc_key_token *token)
{
	struct fcrypt_key *ci;
	int ret;

	_enter("{%d},{%x}", conn->debug_id, key_serial(conn->key));

	conn->security_ix = token->security_index;

	ci = kmalloc_obj(*ci);
	if (!ci) {
		ret = -ENOMEM;
		goto error;
	}
	fcrypt_preparekey(ci, token->kad->session_key);

	switch (conn->security_level) {
	case RXRPC_SECURITY_PLAIN:
	case RXRPC_SECURITY_AUTH:
	case RXRPC_SECURITY_ENCRYPT:
		break;
	default:
		ret = -EKEYREJECTED;
		goto error_ci;
	}

	rxkad_prime_packet_security(conn, ci);

	conn->rxkad.cipher = ci;
	return 0;

Annotation

Implementation Notes