summaryrefslogtreecommitdiffstats
path: root/net/sunrpc/auth_gss/gss_krb5_keys.c
Commit message (Collapse)AuthorAgeFilesLines
* gss_krb5: Remove VLA usage of skcipherKees Cook2018-09-281-5/+4Star
| | | | | | | | | | | | | | | | | | In the quest to remove all stack VLA usage from the kernel[1], this replaces struct crypto_skcipher and SKCIPHER_REQUEST_ON_STACK() usage with struct crypto_sync_skcipher and SYNC_SKCIPHER_REQUEST_ON_STACK(), which uses a fixed stack size. [1] https://lkml.kernel.org/r/CA+55aFzCG-zNmZwX4A2FQpadafLfEzK6CC=qPXydAacU1RqZWA@mail.gmail.com Cc: Trond Myklebust <trond.myklebust@hammerspace.com> Cc: Anna Schumaker <anna.schumaker@netapp.com> Cc: "J. Bruce Fields" <bfields@fieldses.org> Cc: Jeff Layton <jlayton@kernel.org> Cc: YueHaibing <yuehaibing@huawei.com> Cc: linux-nfs@vger.kernel.org Signed-off-by: Kees Cook <keescook@chromium.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* sunrpc: whitespace fixesStephen Hemminger2018-07-311-1/+0Star
| | | | | | | Remove trailing whitespace and blank line at EOF Signed-off-by: Stephen Hemminger <stephen@networkplumber.org> Signed-off-by: Anna Schumaker <Anna.Schumaker@Netapp.com>
* sunrpc: Use skcipher and ahash/shashHerbert Xu2016-01-271-6/+6
| | | | | | | | This patch replaces uses of blkcipher with skcipher and the long obsolete hash interface with either shash (for non-SG users) and ahash. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* sunrpc: eliminate RPC_DEBUGJeff Layton2014-11-241-1/+1
| | | | | | | It's always set to whatever CONFIG_SUNRPC_DEBUG is, so just use that. Signed-off-by: Jeff Layton <jlayton@primarydata.com> Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
* gss_krb5: use lcm from kernel libLuis Henriques2014-01-241-13/+4Star
| | | | | | | | Replace hardcoded lowest common multiple algorithm by the lcm() function in kernel lib. Signed-off-by: Luis Henriques <luis.henriques@canonical.com> Signed-off-by: J. Bruce Fields <bfields@redhat.com>
* NFS: Don't use GFP_KERNEL in rpcsec_gss downcallsTrond Myklebust2010-05-141-4/+5
| | | | | | | Again, we can deadlock if the memory reclaim triggers a writeback that requires a rpcsec_gss credential lookup. Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* gss_krb5: add remaining pieces to enable AES encryption supportKevin Coffman2010-05-141-0/+30
| | | | | | | | | Add the remaining pieces to enable support for Kerberos AES encryption types. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* gss_krb5: add support for triple-des encryptionKevin Coffman2010-05-141-0/+53
| | | | | | | | Add the final pieces to support the triple-des encryption type. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* gss_krb5: handle new context format from gssdKevin Coffman2010-05-141-1/+1
| | | | | | | | | | For encryption types other than DES, gssd sends down context information in a new format. This new format includes the information needed to support the new Kerberos GSS-API tokens defined in rfc4121. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
* gss_krb5: import functionality to derive keys into the kernelKevin Coffman2010-05-141-0/+252
Import the code to derive Kerberos keys from a base key into the kernel. This will allow us to change the format of the context information sent down from gssd to include only a single key. Signed-off-by: Kevin Coffman <kwc@citi.umich.edu> Signed-off-by: Steve Dickson <steved@redhat.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
generated by cgit v1.2.3-55-g7522 (git 2.39.0) at 2024-07-13 06:17:40 +0200