fb46f6ee10
Add a tracepoint (rxrpc_rx_proto) to record protocol errors in received packets. The following changes are made: (1) Add a function, __rxrpc_abort_eproto(), to note a protocol error on a call and mark the call aborted. This is wrapped by rxrpc_abort_eproto() that makes the why string usable in trace. (2) Add trace_rxrpc_rx_proto() or rxrpc_abort_eproto() to protocol error generation points, replacing rxrpc_abort_call() with the latter. (3) Only send an abort packet in rxkad_verify_packet*() if we actually managed to abort the call. Note that a trace event is also emitted if a kernel user (e.g. afs) tries to send data through a call when it's not in the transmission phase, though it's not technically a receive event. Signed-off-by: David Howells <dhowells@redhat.com>
97 lines
2.3 KiB
C
97 lines
2.3 KiB
C
/* Null security operations.
|
|
*
|
|
* Copyright (C) 2016 Red Hat, Inc. All Rights Reserved.
|
|
* Written by David Howells (dhowells@redhat.com)
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public Licence
|
|
* as published by the Free Software Foundation; either version
|
|
* 2 of the Licence, or (at your option) any later version.
|
|
*/
|
|
|
|
#include <net/af_rxrpc.h>
|
|
#include "ar-internal.h"
|
|
|
|
static int none_init_connection_security(struct rxrpc_connection *conn)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static int none_prime_packet_security(struct rxrpc_connection *conn)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static int none_secure_packet(struct rxrpc_call *call,
|
|
struct sk_buff *skb,
|
|
size_t data_size,
|
|
void *sechdr)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static int none_verify_packet(struct rxrpc_call *call, struct sk_buff *skb,
|
|
unsigned int offset, unsigned int len,
|
|
rxrpc_seq_t seq, u16 expected_cksum)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static void none_locate_data(struct rxrpc_call *call, struct sk_buff *skb,
|
|
unsigned int *_offset, unsigned int *_len)
|
|
{
|
|
}
|
|
|
|
static int none_respond_to_challenge(struct rxrpc_connection *conn,
|
|
struct sk_buff *skb,
|
|
u32 *_abort_code)
|
|
{
|
|
struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
|
|
|
|
trace_rxrpc_rx_eproto(NULL, sp->hdr.serial,
|
|
tracepoint_string("chall_none"));
|
|
return -EPROTO;
|
|
}
|
|
|
|
static int none_verify_response(struct rxrpc_connection *conn,
|
|
struct sk_buff *skb,
|
|
u32 *_abort_code)
|
|
{
|
|
struct rxrpc_skb_priv *sp = rxrpc_skb(skb);
|
|
|
|
trace_rxrpc_rx_eproto(NULL, sp->hdr.serial,
|
|
tracepoint_string("resp_none"));
|
|
return -EPROTO;
|
|
}
|
|
|
|
static void none_clear(struct rxrpc_connection *conn)
|
|
{
|
|
}
|
|
|
|
static int none_init(void)
|
|
{
|
|
return 0;
|
|
}
|
|
|
|
static void none_exit(void)
|
|
{
|
|
}
|
|
|
|
/*
|
|
* RxRPC Kerberos-based security
|
|
*/
|
|
const struct rxrpc_security rxrpc_no_security = {
|
|
.name = "none",
|
|
.security_index = RXRPC_SECURITY_NONE,
|
|
.init = none_init,
|
|
.exit = none_exit,
|
|
.init_connection_security = none_init_connection_security,
|
|
.prime_packet_security = none_prime_packet_security,
|
|
.secure_packet = none_secure_packet,
|
|
.verify_packet = none_verify_packet,
|
|
.locate_data = none_locate_data,
|
|
.respond_to_challenge = none_respond_to_challenge,
|
|
.verify_response = none_verify_response,
|
|
.clear = none_clear,
|
|
};
|