86 static struct rxgk_context *rxgk_rekey(struct rxrpc_connection *conn,  in rxgk_rekey()  argument
90 	unsigned int key_number, current_key, mask = ARRAY_SIZE(conn->rxgk.keys) - 1;  in rxgk_rekey()
95 	mutex_lock(&conn->security_lock);  in rxgk_rekey()
97 	current_key = conn->rxgk.key_number;  in rxgk_rekey()
111 	gk = conn->rxgk.keys[key_number & mask];  in rxgk_rekey()
120 	mutex_unlock(&conn->security_lock);  in rxgk_rekey()
125 	trace_rxrpc_rxgk_rekey(conn, current_key,  in rxgk_rekey()
130 		set_bit(RXRPC_CONN_DONT_REUSE, &conn->flags);  in rxgk_rekey()
133 	if (WARN_ON(conn->rxgk.keys[key_number & mask]))  in rxgk_rekey()
138 	gk = conn->rxgk.keys[current_key & mask];  in rxgk_rekey()
139 	gk = rxgk_generate_transport_key(conn, gk->key, key_number, GFP_NOFS);  in rxgk_rekey()
141 		mutex_unlock(&conn->security_lock);  in rxgk_rekey()
145 	write_lock(&conn->security_use_lock);  in rxgk_rekey()
148 		conn->rxgk.key_number = current_key;  in rxgk_rekey()
149 		dead = conn->rxgk.keys[(current_key - 2) & mask];  in rxgk_rekey()
150 		conn->rxgk.keys[(current_key - 2) & mask] = NULL;  in rxgk_rekey()
152 	conn->rxgk.keys[current_key & mask] = gk;  in rxgk_rekey()
153 	write_unlock(&conn->security_use_lock);  in rxgk_rekey()
157 	mutex_unlock(&conn->security_lock);  in rxgk_rekey()
167 static struct rxgk_context *rxgk_get_key(struct rxrpc_connection *conn,  in rxgk_get_key()  argument
171 	unsigned int key_number, current_key, mask = ARRAY_SIZE(conn->rxgk.keys) - 1;  in rxgk_get_key()
174 	       conn->rxgk.key_number, specific_key_number ? *specific_key_number : -1);  in rxgk_get_key()
176 	read_lock(&conn->security_use_lock);  in rxgk_get_key()
178 	current_key = conn->rxgk.key_number;  in rxgk_get_key()
196 	gk = conn->rxgk.keys[key_number & mask];  in rxgk_get_key()
212 	read_unlock(&conn->security_use_lock);  in rxgk_get_key()
219 	gk = conn->rxgk.keys[current_key & mask];  in rxgk_get_key()
223 	read_unlock(&conn->security_use_lock);  in rxgk_get_key()
224 	return rxgk_rekey(conn, specific_key_number);  in rxgk_get_key()
226 	read_unlock(&conn->security_use_lock);  in rxgk_get_key()
233 static int rxgk_init_connection_security(struct rxrpc_connection *conn,  in rxgk_init_connection_security()  argument
240 	       conn->debug_id, conn->rxgk.key_number, key_serial(conn->key));  in rxgk_init_connection_security()
242 	conn->security_ix = token->security_index;  in rxgk_init_connection_security()
243 	conn->security_level = token->rxgk->level;  in rxgk_init_connection_security()
245 	if (rxrpc_conn_is_client(conn)) {  in rxgk_init_connection_security()
246 		conn->rxgk.start_time = ktime_get();  in rxgk_init_connection_security()
247 		do_div(conn->rxgk.start_time, 100);  in rxgk_init_connection_security()
250 	gk = rxgk_generate_transport_key(conn, token->rxgk, conn->rxgk.key_number,  in rxgk_init_connection_security()
254 	conn->rxgk.enctype = gk->krb5->etype;  in rxgk_init_connection_security()
255 	conn->rxgk.keys[gk->key_number & 3] = gk;  in rxgk_init_connection_security()
257 	switch (conn->security_level) {  in rxgk_init_connection_security()
290 	switch (call->conn->security_level) {  in rxgk_alloc_txbuf()
304 	gk = rxgk_get_key(call->conn, NULL);  in rxgk_alloc_txbuf()
358 	hdr->epoch	= htonl(call->conn->proto.epoch);  in rxgk_secure_packet_integrity()
401 	hdr->epoch	 = htonl(call->conn->proto.epoch);  in rxgk_secure_packet_encrypted()
436 	       call->debug_id, key_serial(call->conn->key), txb->seq, txb->len);  in rxgk_secure_packet()
438 	gk = rxgk_get_key(call->conn, NULL);  in rxgk_secure_packet()
442 	ret = key_validate(call->conn->key);  in rxgk_secure_packet()
451 	switch (call->conn->security_level) {  in rxgk_secure_packet()
490 	hdr->epoch	= htonl(call->conn->proto.epoch);  in rxgk_verify_packet_integrity()
555 	if (ntohl(hdr.epoch)		!= call->conn->proto.epoch ||  in rxgk_verify_packet_encrypted()
586 	       call->debug_id, key_serial(call->conn->key), sp->hdr.seq);  in rxgk_verify_packet()
588 	gk = rxgk_get_key(call->conn, &key_number);  in rxgk_verify_packet()
600 	switch (call->conn->security_level) {  in rxgk_verify_packet()
632 static int rxgk_issue_challenge(struct rxrpc_connection *conn)  in rxgk_issue_challenge()  argument
638 	size_t len = sizeof(*whdr) + sizeof(conn->rxgk.nonce);  in rxgk_issue_challenge()
642 	_enter("{%d}", conn->debug_id);  in rxgk_issue_challenge()
644 	get_random_bytes(&conn->rxgk.nonce, sizeof(conn->rxgk.nonce));  in rxgk_issue_challenge()
646 	/* We can't use conn->tx_alloc without a lock */  in rxgk_issue_challenge()
647 	page = rxgk_alloc_packet(sizeof(*whdr) + sizeof(conn->rxgk.nonce));  in rxgk_issue_challenge()
654 	msg.msg_name	= &conn->peer->srx.transport;  in rxgk_issue_challenge()
655 	msg.msg_namelen	= conn->peer->srx.transport_len;  in rxgk_issue_challenge()
661 	whdr->epoch	= htonl(conn->proto.epoch);  in rxgk_issue_challenge()
662 	whdr->cid	= htonl(conn->proto.cid);  in rxgk_issue_challenge()
666 	whdr->flags	= conn->out_clientflag;  in rxgk_issue_challenge()
668 	whdr->securityIndex = conn->security_ix;  in rxgk_issue_challenge()
670 	whdr->serviceId	= htons(conn->service_id);  in rxgk_issue_challenge()
672 	memcpy(whdr + 1, conn->rxgk.nonce, sizeof(conn->rxgk.nonce));  in rxgk_issue_challenge()
674 	serial = rxrpc_get_next_serials(conn, 1);  in rxgk_issue_challenge()
677 	trace_rxrpc_tx_challenge(conn, serial, 0, *(u32 *)&conn->rxgk.nonce);  in rxgk_issue_challenge()
679 	ret = do_udp_sendmsg(conn->local->socket, &msg, len);  in rxgk_issue_challenge()
681 		conn->peer->last_tx_at = ktime_get_seconds();  in rxgk_issue_challenge()
685 		trace_rxrpc_tx_fail(conn->debug_id, serial, ret,  in rxgk_issue_challenge()
690 	trace_rxrpc_tx_packet(conn->debug_id, whdr,  in rxgk_issue_challenge()
699 static bool rxgk_validate_challenge(struct rxrpc_connection *conn,  in rxgk_validate_challenge()  argument
705 	if (!conn->key) {  in rxgk_validate_challenge()
706 		rxrpc_abort_conn(conn, skb, RX_PROTOCOL_ERROR, -EPROTO,  in rxgk_validate_challenge()
711 	if (key_validate(conn->key) < 0) {  in rxgk_validate_challenge()
712 		rxrpc_abort_conn(conn, skb, RXGK_EXPIRED, -EPROTO,  in rxgk_validate_challenge()
719 		rxrpc_abort_conn(conn, skb, RXGK_PACKETSHORT, -EPROTO,  in rxgk_validate_challenge()
724 	trace_rxrpc_rx_challenge(conn, sp->hdr.serial, 0, *(u32 *)nonce, 0);  in rxgk_validate_challenge()
738 	return sp->chall.conn->rxgk.enctype;  in rxgk_kernel_query_challenge()
746 static int rxgk_challenge_to_recvmsg(struct rxrpc_connection *conn,  in rxgk_challenge_to_recvmsg()  argument
752 	chall.base.service_id		= conn->service_id;  in rxgk_challenge_to_recvmsg()
753 	chall.base.security_index	= conn->security_ix;  in rxgk_challenge_to_recvmsg()
754 	chall.enctype			= conn->rxgk.enctype;  in rxgk_challenge_to_recvmsg()
780 static noinline ssize_t rxgk_insert_response_header(struct rxrpc_connection *conn,  in rxgk_insert_response_header()  argument
798 	h.whdr.epoch		= htonl(conn->proto.epoch);  in rxgk_insert_response_header()
799 	h.whdr.cid		= htonl(conn->proto.cid);  in rxgk_insert_response_header()
804 	h.whdr.flags		= conn->out_clientflag;  in rxgk_insert_response_header()
806 	h.whdr.securityIndex	= conn->security_ix;  in rxgk_insert_response_header()
808 	h.whdr.serviceId	= htons(conn->service_id);  in rxgk_insert_response_header()
809 	h.start_time_msw	= htonl(upper_32_bits(conn->rxgk.start_time));  in rxgk_insert_response_header()
810 	h.start_time_lsw	= htonl(lower_32_bits(conn->rxgk.start_time));  in rxgk_insert_response_header()
829 static ssize_t rxgk_construct_authenticator(struct rxrpc_connection *conn,  in rxgk_construct_authenticator()  argument
872 	b.level			= htonl(conn->security_level);  in rxgk_construct_authenticator()
873 	b.epoch			= htonl(conn->proto.epoch);  in rxgk_construct_authenticator()
874 	b.cid			= htonl(conn->proto.cid);  in rxgk_construct_authenticator()
876 	b.call_numbers[0]	= htonl(conn->channels[0].call_counter);  in rxgk_construct_authenticator()
877 	b.call_numbers[1]	= htonl(conn->channels[1].call_counter);  in rxgk_construct_authenticator()
878 	b.call_numbers[2]	= htonl(conn->channels[2].call_counter);  in rxgk_construct_authenticator()
879 	b.call_numbers[3]	= htonl(conn->channels[3].call_counter);  in rxgk_construct_authenticator()
887 static ssize_t rxgk_encrypt_authenticator(struct rxrpc_connection *conn,  in rxgk_encrypt_authenticator()  argument
915 static int rxgk_construct_response(struct rxrpc_connection *conn,  in rxgk_construct_response()  argument
926 	gk = rxgk_get_key(conn, NULL);  in rxgk_construct_response()
943 	ret = rxgk_insert_response_header(conn, gk, response, 0);  in rxgk_construct_response()
958 	ret = rxgk_construct_authenticator(conn, challenge, appdata, response,  in rxgk_construct_response()
964 	ret = rxgk_encrypt_authenticator(conn, gk, response,  in rxgk_construct_response()
990 	rxrpc_post_response(conn, response);  in rxgk_construct_response()
1004 static int rxgk_respond_to_challenge(struct rxrpc_connection *conn,  in rxgk_respond_to_challenge()  argument
1008 	_enter("{%d,%x}", conn->debug_id, key_serial(conn->key));  in rxgk_respond_to_challenge()
1010 	if (key_validate(conn->key) < 0)  in rxgk_respond_to_challenge()
1011 		return rxrpc_abort_conn(conn, NULL, RXGK_EXPIRED, -EPROTO,  in rxgk_respond_to_challenge()
1014 	return rxgk_construct_response(conn, challenge, appdata);  in rxgk_respond_to_challenge()
1017 static int rxgk_respond_to_challenge_no_appdata(struct rxrpc_connection *conn,  in rxgk_respond_to_challenge_no_appdata()  argument
1022 	return rxgk_respond_to_challenge(conn, challenge, &appdata);  in rxgk_respond_to_challenge_no_appdata()
1040 	return rxgk_respond_to_challenge(csp->chall.conn, challenge, appdata);  in rxgk_kernel_respond_to_challenge()
1079 static int rxgk_do_verify_authenticator(struct rxrpc_connection *conn,  in rxgk_do_verify_authenticator()  argument
1088 	if (memcmp(p, conn->rxgk.nonce, 20) != 0)  in rxgk_do_verify_authenticator()
1089 		return rxrpc_abort_conn(conn, skb, RXGK_NOTAUTH, -EPROTO,  in rxgk_do_verify_authenticator()
1095 		return rxrpc_abort_conn(conn, skb, RXGK_NOTAUTH, -EPROTO,  in rxgk_do_verify_authenticator()
1100 		return rxrpc_abort_conn(conn, skb, RXGK_NOTAUTH, -EPROTO,  in rxgk_do_verify_authenticator()
1108 	if (level	!= conn->security_level ||  in rxgk_do_verify_authenticator()
1109 	    epoch	!= conn->proto.epoch ||  in rxgk_do_verify_authenticator()
1110 	    cid		!= conn->proto.cid ||  in rxgk_do_verify_authenticator()
1112 		return rxrpc_abort_conn(conn, skb, RXGK_NOTAUTH, -EPROTO,  in rxgk_do_verify_authenticator()
1116 		return rxrpc_abort_conn(conn, skb, RXGK_NOTAUTH, -EPROTO,  in rxgk_do_verify_authenticator()
1123 			return rxrpc_abort_conn(conn, skb, RXGK_NOTAUTH, -EPROTO,  in rxgk_do_verify_authenticator()
1126 		if (call_id < conn->channels[i].call_counter)  in rxgk_do_verify_authenticator()
1127 			return rxrpc_abort_conn(conn, skb, RXGK_NOTAUTH, -EPROTO,  in rxgk_do_verify_authenticator()
1130 		if (call_id > conn->channels[i].call_counter) {  in rxgk_do_verify_authenticator()
1131 			if (conn->channels[i].call)  in rxgk_do_verify_authenticator()
1132 				return rxrpc_abort_conn(conn, skb, RXGK_NOTAUTH, -EPROTO,  in rxgk_do_verify_authenticator()
1135 			conn->channels[i].call_counter = call_id;  in rxgk_do_verify_authenticator()
1146 static int rxgk_verify_authenticator(struct rxrpc_connection *conn,  in rxgk_verify_authenticator()  argument
1161 		ret = rxrpc_abort_conn(conn, skb, RXGK_NOTAUTH, -EPROTO,  in rxgk_verify_authenticator()
1167 	ret = rxgk_do_verify_authenticator(conn, krb5, skb, p, p + auth_len);  in rxgk_verify_authenticator()
1182 static int rxgk_verify_response(struct rxrpc_connection *conn,  in rxgk_verify_response()  argument
1198 	_enter("{%d}", conn->debug_id);  in rxgk_verify_response()
1214 	trace_rxrpc_rx_response(conn, sp->hdr.serial, 0, sp->hdr.cksum, token_len);  in rxgk_verify_response()
1239 	ret = rxgk_extract_token(conn, skb, token_offset, token_len, &key);  in rxgk_verify_response()
1252 	conn->security_level = token->rxgk->level;  in rxgk_verify_response()
1253 	conn->rxgk.start_time = __be64_to_cpu(rhdr.start_time);  in rxgk_verify_response()
1255 	gk = rxgk_generate_transport_key(conn, token->rxgk, sp->hdr.cksum, GFP_NOFS);  in rxgk_verify_response()
1263 	trace_rxrpc_rx_response(conn, sp->hdr.serial, krb5->etype, sp->hdr.cksum, token_len);  in rxgk_verify_response()
1269 		rxrpc_abort_conn(conn, skb, RXGK_SEALEDINCON, ret,  in rxgk_verify_response()
1274 	ret = rxgk_verify_authenticator(conn, krb5, skb, auth_offset, auth_len);  in rxgk_verify_response()
1278 	conn->key = key;  in rxgk_verify_response()
1287 	ret = rxrpc_abort_conn(conn, skb, RXGK_INCONSISTENCY, -EPROTO,  in rxgk_verify_response()
1291 	ret = rxrpc_abort_conn(conn, skb, RXGK_PACKETSHORT, -EPROTO,  in rxgk_verify_response()
1295 	ret = rxrpc_abort_conn(conn, skb, RXGK_PACKETSHORT, -EPROTO,  in rxgk_verify_response()
1304 		ret = rxrpc_abort_conn(conn, skb, RXGK_NOTAUTH, -EKEYREJECTED,  in rxgk_verify_response()
1308 		ret = rxrpc_abort_conn(conn, skb, KRB5_PROG_KEYTYPE_NOSUPP,  in rxgk_verify_response()
1324 static void rxgk_clear(struct rxrpc_connection *conn)  in rxgk_clear()  argument
1328 	for (i = 0; i < ARRAY_SIZE(conn->rxgk.keys); i++)  in rxgk_clear()
1329 		rxgk_put(conn->rxgk.keys[i]);  in rxgk_clear()