net/rxrpc/security.c
Source file repositories/reference/linux-study-clean/net/rxrpc/security.c
File Facts
- System
- Linux kernel
- Corpus path
net/rxrpc/security.c- Extension
.c- Size
- 4641 bytes
- Lines
- 211
- Domain
- Networking Core
- Bucket
- Sockets, Protocols, Packet Path, And Network Policy
- Inferred role
- Networking Core: implementation source
- Status
- source implementation candidate
Why This File Exists
Networking stack implementation surface: socket APIs, protocol dispatch, packet flow, routing, filtering, and network namespaces.
- Networking stack implementation surface: socket APIs, protocol dispatch, packet flow, routing, filtering, and network namespaces.
- Uses kernel synchronization; read lock ordering, sleepability, and interrupt context assumptions before translating.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
linux/module.hlinux/net.hlinux/skbuff.hlinux/udp.hlinux/crypto.hnet/sock.hnet/af_rxrpc.hkeys/rxrpc-type.har-internal.h
Detected Declarations
function rxrpc_init_securityfunction rxrpc_exit_securityfunction rxrpc_init_client_call_securityfunction rxrpc_init_client_conn_security
Annotated Snippet
if (rxrpc_security_types[i]) {
ret = rxrpc_security_types[i]->init();
if (ret < 0)
goto failed;
}
}
return 0;
failed:
for (i--; i >= 0; i--)
if (rxrpc_security_types[i])
rxrpc_security_types[i]->exit();
return ret;
}
void rxrpc_exit_security(void)
{
int i;
for (i = 0; i < ARRAY_SIZE(rxrpc_security_types); i++)
if (rxrpc_security_types[i])
rxrpc_security_types[i]->exit();
}
/*
* look up an rxrpc security module
*/
const struct rxrpc_security *rxrpc_security_lookup(u8 security_index)
{
if (security_index >= ARRAY_SIZE(rxrpc_security_types))
return NULL;
return rxrpc_security_types[security_index];
}
/*
* Initialise the security on a client call.
*/
int rxrpc_init_client_call_security(struct rxrpc_call *call)
{
const struct rxrpc_security *sec = &rxrpc_no_security;
struct rxrpc_key_token *token;
struct key *key = call->key;
int ret;
if (!key)
goto found;
ret = key_validate(key);
if (ret < 0)
return ret;
for (token = key->payload.data[0]; token; token = token->next) {
sec = rxrpc_security_lookup(token->security_index);
if (sec)
goto found;
}
return -EKEYREJECTED;
found:
call->security = sec;
call->security_ix = sec->security_index;
return 0;
}
/*
* initialise the security on a client connection
*/
int rxrpc_init_client_conn_security(struct rxrpc_connection *conn)
{
struct rxrpc_key_token *token;
struct key *key = conn->key;
int ret = 0;
_enter("{%d},{%x}", conn->debug_id, key_serial(key));
for (token = key->payload.data[0]; token; token = token->next) {
if (token->security_index == conn->security->security_index)
goto found;
}
return -EKEYREJECTED;
found:
mutex_lock(&conn->security_lock);
if (conn->state == RXRPC_CONN_CLIENT_UNSECURED) {
ret = conn->security->init_connection_security(conn, token);
if (ret == 0) {
spin_lock_irq(&conn->state_lock);
if (conn->state == RXRPC_CONN_CLIENT_UNSECURED)
conn->state = RXRPC_CONN_CLIENT;
Annotation
- Immediate include surface: `linux/module.h`, `linux/net.h`, `linux/skbuff.h`, `linux/udp.h`, `linux/crypto.h`, `net/sock.h`, `net/af_rxrpc.h`, `keys/rxrpc-type.h`.
- Detected declarations: `function rxrpc_init_security`, `function rxrpc_exit_security`, `function rxrpc_init_client_call_security`, `function rxrpc_init_client_conn_security`.
- Atlas domain: Networking Core / Sockets, Protocols, Packet Path, And Network Policy.
- Implementation status: source implementation candidate.
- Synchronization appears in or near this file; preserve lock ordering, sleepability, and interrupt-context constraints.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.