diff options
| author |   David Howells <dhowells@redhat.com> | 2025-04-11 10:52:53 +0100 |
|---|---|---|
| committer |   Jakub Kicinski <kuba@kernel.org> | 2025-04-14 17:36:42 -0700 |
| commit | 9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a (patch) | |
| tree | e1fbbcff473811230f854fb51a19067eee9dbfc7 /fs/afs | |
| parent | rxrpc: rxgk: Provide infrastructure and key derivation (diff) | |
| download | wireguard-linux-9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a.tar.xz wireguard-linux-9d1d2b59341f58126a69b51f9f5f8ccb9f12e54a.zip | |
rxrpc: rxgk: Implement the yfs-rxgk security class (GSSAPI)
Implement the basic parts of the yfs-rxgk security class (security index 6)
to support GSSAPI-negotiated security.
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: Herbert Xu <herbert@gondor.apana.org.au>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Simon Horman <horms@kernel.org>
cc: linux-afs@lists.infradead.org
Link: https://patch.msgid.link/20250411095303.2316168-9-dhowells@redhat.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'fs/afs')
| -rw-r--r-- | fs/afs/cm_security.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/fs/afs/cm_security.c b/fs/afs/cm_security.c index efe6a23c8477..e8eb63e4d124 100644 --- a/fs/afs/cm_security.c +++ b/fs/afs/cm_security.c @@ -6,6 +6,7 @@ */ #include <linux/slab.h> +#include <crypto/krb5.h> #include "internal.h" #include "afs_fs.h" #include "protocol_yfs.h" @@ -17,6 +18,9 @@ */ static int afs_respond_to_challenge(struct sk_buff *challenge) { +#ifdef CONFIG_RXGK + struct krb5_buffer appdata = {}; +#endif struct rxrpc_peer *peer; unsigned long peer_data; u16 service_id; @@ -44,8 +48,16 @@ static int afs_respond_to_challenge(struct sk_buff *challenge) } switch (security_index) { +#ifdef CONFIG_RXKAD case RXRPC_SECURITY_RXKAD: return rxkad_kernel_respond_to_challenge(challenge); +#endif + +#ifdef CONFIG_RXGK + case RXRPC_SECURITY_RXGK: + case RXRPC_SECURITY_YFS_RXGK: + return rxgk_kernel_respond_to_challenge(challenge, &appdata); +#endif default: return rxrpc_kernel_reject_challenge(challenge, RX_USER_ABORT, -EPROTO, |