| security.c (57af281e5389b6fefedb3685f86847cbb0055f75) | security.c (9d35d880e0e4a3ab32d8c12f9e4d76198aadd42d) |
|---|---|
| 1// SPDX-License-Identifier: GPL-2.0-or-later 2/* RxRPC security handling 3 * 4 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 */ 7 8#include <linux/module.h> --- 83 unchanged lines hidden (view full) --- 92 return 0; 93} 94 95/* 96 * initialise the security on a client connection 97 */ 98int rxrpc_init_client_conn_security(struct rxrpc_connection *conn) 99{ | 1// SPDX-License-Identifier: GPL-2.0-or-later 2/* RxRPC security handling 3 * 4 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. 5 * Written by David Howells (dhowells@redhat.com) 6 */ 7 8#include <linux/module.h> --- 83 unchanged lines hidden (view full) --- 92 return 0; 93} 94 95/* 96 * initialise the security on a client connection 97 */ 98int rxrpc_init_client_conn_security(struct rxrpc_connection *conn) 99{ |
| 100 const struct rxrpc_security *sec; | |
| 101 struct rxrpc_key_token *token; 102 struct key *key = conn->key; | 100 struct rxrpc_key_token *token; 101 struct key *key = conn->key; |
| 103 int ret; | 102 int ret = 0; |
| 104 105 _enter("{%d},{%x}", conn->debug_id, key_serial(key)); 106 | 103 104 _enter("{%d},{%x}", conn->debug_id, key_serial(key)); 105 |
| 107 if (!key) 108 return 0; 109 110 ret = key_validate(key); 111 if (ret < 0) 112 return ret; 113 | |
| 114 for (token = key->payload.data[0]; token; token = token->next) { | 106 for (token = key->payload.data[0]; token; token = token->next) { |
| 115 sec = rxrpc_security_lookup(token->security_index); 116 if (sec) | 107 if (token->security_index == conn->security->security_index) |
| 117 goto found; 118 } 119 return -EKEYREJECTED; 120 121found: | 108 goto found; 109 } 110 return -EKEYREJECTED; 111 112found: |
| 122 conn->security = sec; 123 124 ret = conn->security->init_connection_security(conn, token); 125 if (ret < 0) { 126 conn->security = &rxrpc_no_security; 127 return ret; | 113 mutex_lock(&conn->security_lock); 114 if (conn->state == RXRPC_CONN_CLIENT_UNSECURED) { 115 ret = conn->security->init_connection_security(conn, token); 116 if (ret == 0) { 117 spin_lock(&conn->state_lock); 118 if (conn->state == RXRPC_CONN_CLIENT_UNSECURED) 119 conn->state = RXRPC_CONN_CLIENT; 120 spin_unlock(&conn->state_lock); 121 } |
| 128 } | 122 } |
| 129 130 _leave(" = 0"); 131 return 0; | 123 mutex_unlock(&conn->security_lock); 124 return ret; |
| 132} 133 134/* 135 * Set the ops a server connection. 136 */ 137const struct rxrpc_security *rxrpc_get_incoming_security(struct rxrpc_sock *rx, 138 struct sk_buff *skb) 139{ --- 75 unchanged lines hidden --- | 125} 126 127/* 128 * Set the ops a server connection. 129 */ 130const struct rxrpc_security *rxrpc_get_incoming_security(struct rxrpc_sock *rx, 131 struct sk_buff *skb) 132{ --- 75 unchanged lines hidden --- |