Hosts the 0x221E linux distro kernel. https://universe.0xinfinity.dev/distro/kernel/atom?h=linux-6.17.y 2025-01-21T20:30:01Z 2025-01-21T20:30:01Z Dr. David Alan Gilbert linux@treblig.org 2024-12-10T01:02:24Z urn:sha1:afc52b1eeb36f20eea321f50e338e38d00a8a61f Commit ec596aaf9b48 ("SUNRPC: Remove code behind CONFIG_RPCSEC_GSS_KRB5_SIMPLIFIED") was the last user of the routines in gss_generic_token.c. Remove the routines and associated header. Signed-off-by: Dr. David Alan Gilbert <linux@treblig.org> Reviewed-by: Jeff Layton <jlayton@kernel.org> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> 2023-02-20T14:20:46Z Chuck Lever chuck.lever@oracle.com 2023-01-15T17:23:27Z urn:sha1:6e460c230d2dfb0e5a02b6e0995546bb4b9d208e The goal is to leave only protocol-defined items in gss_krb5.h so that it can be easily replaced by a generic header. Implementation specific items are moved to the new internal header. Tested-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> 2023-02-20T14:20:43Z Chuck Lever chuck.lever@oracle.com 2023-01-15T17:23:08Z urn:sha1:3394682fba3b9010c6147e94f37633f044876e5e RFC 6803 defines two encryption types that use Camellia ciphers (RFC 3713) and CMAC digests. Implement support for those in SunRPC's GSS Kerberos 5 mechanism. There has not been an explicit request to support these enctypes. However, this new set of enctypes provides a good alternative to the AES-SHA1 enctypes that are to be deprecated at some point. As this implementation is still a "beta", the default is to not build it automatically. Tested-by: Scott Mayhew <smayhew@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> 2023-02-20T14:20:43Z Chuck Lever chuck.lever@oracle.com 2023-01-15T17:22:43Z urn:sha1:a40cf7530d3104793f9361e69e84ada7960724f2 Fill in entries in the supported_gss_krb5_enctypes array for the encryption types defined in RFC 8009. These new enctypes use the SHA-256 and SHA-384 message digest algorithms (as defined in FIPS-180) instead of the deprecated SHA-1 algorithm, and are thus more secure. Note that NIST has scheduled SHA-1 for deprecation: https://www.nist.gov/news-events/news/2022/12/nist-retires-sha-1-cryptographic-algorithm Thus these new encryption types are placed under a separate CONFIG option to enable distributors to separately introduce support for the AES-SHA2 enctypes and deprecate support for the current set of AES-SHA1 encryption types as their user space allows. As this implementation is still a "beta", the default is to not build it automatically. Tested-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> 2023-02-20T14:20:42Z Chuck Lever chuck.lever@oracle.com 2023-01-15T17:22:30Z urn:sha1:af664fc9023e69d1a90800c0f815c296bf727e18 The aes256-cts-hmac-sha384-192 enctype specifies the length of its checksum and integrity subkeys as 192 bits, but the length of its encryption subkey (Ke) as 256 bits. Add new fields to struct gss_krb5_enctype that specify the key lengths individually, and where needed, use the correct new field instead of ->keylength. Tested-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> 2023-02-20T14:20:42Z Chuck Lever chuck.lever@oracle.com 2023-01-15T17:22:11Z urn:sha1:2691a27d9b3e6a48adeb87a9dcf4e8a0ca84a26e Each Kerberos enctype can have a different KDF. Refactor the key derivation path to support different KDFs for the enctypes introduced in subsequent patches. In particular, expose the key derivation function in struct gss_krb5_enctype instead of the enctype's preferred random-to-key function. The latter is usually the identity function and is only ever called during key derivation, so have each KDF call it directly. A couple of extra clean-ups: - Deduplicate the set_cdata() helper - Have ->derive_key return negative errnos, in accordance with usual kernel coding conventions This patch is a little bigger than I'd like, but these are all mechanical changes and they are all to the same areas of code. No behavior change is intended. Tested-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> 2023-02-20T14:20:42Z Chuck Lever chuck.lever@oracle.com 2023-01-15T17:22:04Z urn:sha1:ae6ad5d0b7901b301234143e93624417ac9fd9ef Clean up: there is now only one encrypt and only one decrypt method, thus there is no longer a need for the v2-suffixed method names. Tested-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> 2023-02-20T14:20:41Z Chuck Lever chuck.lever@oracle.com 2023-01-15T17:21:58Z urn:sha1:d50b8152c992ac88c5f1f0cc8ade6ee0aa0a3704 Clean up: ->encrypt is set to only one value. Replace the two remaining call sites with direct calls to krb5_encrypt(). There have never been any call sites for the ->decrypt() method. Tested-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> 2023-02-20T14:20:35Z Chuck Lever chuck.lever@oracle.com 2023-01-15T17:21:26Z urn:sha1:279a67cdd491a53028eb0b52508383098c6d992b Replace another switch on encryption type so that it does not have to be modified when adding or removing support for an enctype. Tested-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com> 2023-02-20T14:20:35Z Chuck Lever chuck.lever@oracle.com 2023-01-15T17:21:20Z urn:sha1:e01b2c79f4af1298b961116aba3e64367fe73286 Replace a number of switches on encryption type so that all of them don't have to be modified when adding or removing support for an enctype. Tested-by: Scott Mayhew <smayhew@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> Signed-off-by: Chuck Lever <chuck.lever@oracle.com>