aboutsummaryrefslogtreecommitdiffstats
path: root/net/rxrpc/rxkad.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/rxrpc/rxkad.c')
-rw-r--r--net/rxrpc/rxkad.c61
1 files changed, 25 insertions, 36 deletions
diff --git a/net/rxrpc/rxkad.c b/net/rxrpc/rxkad.c
index f0aeb8163688..6b726a046a7d 100644
--- a/net/rxrpc/rxkad.c
+++ b/net/rxrpc/rxkad.c
@@ -20,7 +20,6 @@
20#include <net/sock.h> 20#include <net/sock.h>
21#include <net/af_rxrpc.h> 21#include <net/af_rxrpc.h>
22#include <keys/rxrpc-type.h> 22#include <keys/rxrpc-type.h>
23#define rxrpc_debug rxkad_debug
24#include "ar-internal.h" 23#include "ar-internal.h"
25 24
26#define RXKAD_VERSION 2 25#define RXKAD_VERSION 2
@@ -31,10 +30,6 @@
31#define REALM_SZ 40 /* size of principal's auth domain */ 30#define REALM_SZ 40 /* size of principal's auth domain */
32#define SNAME_SZ 40 /* size of service name */ 31#define SNAME_SZ 40 /* size of service name */
33 32
34unsigned int rxrpc_debug;
35module_param_named(debug, rxrpc_debug, uint, S_IWUSR | S_IRUGO);
36MODULE_PARM_DESC(debug, "rxkad debugging mask");
37
38struct rxkad_level1_hdr { 33struct rxkad_level1_hdr {
39 __be32 data_size; /* true data size (excluding padding) */ 34 __be32 data_size; /* true data size (excluding padding) */
40}; 35};
@@ -44,10 +39,6 @@ struct rxkad_level2_hdr {
44 __be32 checksum; /* decrypted data checksum */ 39 __be32 checksum; /* decrypted data checksum */
45}; 40};
46 41
47MODULE_DESCRIPTION("RxRPC network protocol type-2 security (Kerberos 4)");
48MODULE_AUTHOR("Red Hat, Inc.");
49MODULE_LICENSE("GPL");
50
51/* 42/*
52 * this holds a pinned cipher so that keventd doesn't get called by the cipher 43 * this holds a pinned cipher so that keventd doesn't get called by the cipher
53 * alloc routine, but since we have it to hand, we use it to decrypt RESPONSE 44 * alloc routine, but since we have it to hand, we use it to decrypt RESPONSE
@@ -1164,12 +1155,35 @@ static void rxkad_clear(struct rxrpc_connection *conn)
1164} 1155}
1165 1156
1166/* 1157/*
1158 * Initialise the rxkad security service.
1159 */
1160static int rxkad_init(void)
1161{
1162 /* pin the cipher we need so that the crypto layer doesn't invoke
1163 * keventd to go get it */
1164 rxkad_ci = crypto_alloc_skcipher("pcbc(fcrypt)", 0, CRYPTO_ALG_ASYNC);
1165 if (IS_ERR(rxkad_ci))
1166 return PTR_ERR(rxkad_ci);
1167 return 0;
1168}
1169
1170/*
1171 * Clean up the rxkad security service.
1172 */
1173static void rxkad_exit(void)
1174{
1175 if (rxkad_ci)
1176 crypto_free_skcipher(rxkad_ci);
1177}
1178
1179/*
1167 * RxRPC Kerberos-based security 1180 * RxRPC Kerberos-based security
1168 */ 1181 */
1169static struct rxrpc_security rxkad = { 1182const struct rxrpc_security rxkad = {
1170 .owner = THIS_MODULE,
1171 .name = "rxkad", 1183 .name = "rxkad",
1172 .security_index = RXRPC_SECURITY_RXKAD, 1184 .security_index = RXRPC_SECURITY_RXKAD,
1185 .init = rxkad_init,
1186 .exit = rxkad_exit,
1173 .init_connection_security = rxkad_init_connection_security, 1187 .init_connection_security = rxkad_init_connection_security,
1174 .prime_packet_security = rxkad_prime_packet_security, 1188 .prime_packet_security = rxkad_prime_packet_security,
1175 .secure_packet = rxkad_secure_packet, 1189 .secure_packet = rxkad_secure_packet,
@@ -1179,28 +1193,3 @@ static struct rxrpc_security rxkad = {
1179 .verify_response = rxkad_verify_response, 1193 .verify_response = rxkad_verify_response,
1180 .clear = rxkad_clear, 1194 .clear = rxkad_clear,
1181}; 1195};
1182
1183static __init int rxkad_init(void)
1184{
1185 _enter("");
1186
1187 /* pin the cipher we need so that the crypto layer doesn't invoke
1188 * keventd to go get it */
1189 rxkad_ci = crypto_alloc_skcipher("pcbc(fcrypt)", 0, CRYPTO_ALG_ASYNC);
1190 if (IS_ERR(rxkad_ci))
1191 return PTR_ERR(rxkad_ci);
1192
1193 return rxrpc_register_security(&rxkad);
1194}
1195
1196module_init(rxkad_init);
1197
1198static __exit void rxkad_exit(void)
1199{
1200 _enter("");
1201
1202 rxrpc_unregister_security(&rxkad);
1203 crypto_free_skcipher(rxkad_ci);
1204}
1205
1206module_exit(rxkad_exit);