include/keys/rxrpc-type.h at master · tjh.dev/kernel

tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
kernel / include / keys / rxrpc-type.h
at master 3.0 kB view raw
  1/* SPDX-License-Identifier: GPL-2.0-or-later */
  2/* RxRPC key type
  3 *
  4 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved.
  5 * Written by David Howells (dhowells@redhat.com)
  6 */
  7
  8#ifndef _KEYS_RXRPC_TYPE_H
  9#define _KEYS_RXRPC_TYPE_H
 10
 11#include <linux/key.h>
 12#include <crypto/krb5.h>
 13
 14/*
 15 * key type for AF_RXRPC keys
 16 */
 17extern struct key_type key_type_rxrpc;
 18
 19extern struct key *rxrpc_get_null_key(const char *);
 20
 21/*
 22 * RxRPC key for Kerberos IV (type-2 security)
 23 */
 24struct rxkad_key {
 25	u32	vice_id;
 26	u32	start;			/* time at which ticket starts */
 27	u32	expiry;			/* time at which ticket expires */
 28	u32	kvno;			/* key version number */
 29	u8	primary_flag;		/* T if key for primary cell for this user */
 30	u16	ticket_len;		/* length of ticket[] */
 31	u8	session_key[8];		/* DES session key */
 32	u8	ticket[];		/* the encrypted ticket */
 33};
 34
 35/*
 36 * RxRPC key for YFS-RxGK (type-6 security)
 37 */
 38struct rxgk_key {
 39	s64		begintime;	/* Time at which the ticket starts */
 40	s64		endtime;	/* Time at which the ticket ends */
 41	u64		lifetime;	/* Maximum lifespan of a connection (seconds) */
 42	u64		bytelife;	/* Maximum number of bytes on a connection */
 43	unsigned int	enctype;	/* Encoding type */
 44	s8		level;		/* Negotiated security RXRPC_SECURITY_PLAIN/AUTH/ENCRYPT */
 45	struct krb5_buffer key;		/* Master key, K0 */
 46	struct krb5_buffer ticket;	/* Ticket to be passed to server */
 47	u8		_key[];		/* Key storage */
 48};
 49
 50/*
 51 * list of tokens attached to an rxrpc key
 52 */
 53struct rxrpc_key_token {
 54	u16	security_index;		/* RxRPC header security index */
 55	bool	no_leak_key;		/* Don't copy the key to userspace */
 56	struct rxrpc_key_token *next;	/* the next token in the list */
 57	union {
 58		struct rxkad_key *kad;
 59		struct rxgk_key *rxgk;
 60	};
 61};
 62
 63/*
 64 * structure of raw payloads passed to add_key() or instantiate key
 65 */
 66struct rxrpc_key_data_v1 {
 67	u16		security_index;
 68	u16		ticket_length;
 69	u32		expiry;			/* time_t */
 70	u32		kvno;
 71	u8		session_key[8];
 72	u8		ticket[];
 73};
 74
 75/*
 76 * AF_RXRPC key payload derived from XDR format
 77 * - based on openafs-1.4.10/src/auth/afs_token.xg
 78 */
 79#define AFSTOKEN_LENGTH_MAX		16384	/* max payload size */
 80#define AFSTOKEN_STRING_MAX		256	/* max small string length */
 81#define AFSTOKEN_DATA_MAX		64	/* max small data length */
 82#define AFSTOKEN_CELL_MAX		64	/* max cellname length */
 83#define AFSTOKEN_MAX			8	/* max tokens per payload */
 84#define AFSTOKEN_BDATALN_MAX		16384	/* max big data length */
 85#define AFSTOKEN_RK_TIX_MAX		12000	/* max RxKAD ticket size */
 86#define AFSTOKEN_GK_KEY_MAX		64	/* max GSSAPI key size */
 87#define AFSTOKEN_GK_TOKEN_MAX		16384	/* max GSSAPI token size */
 88
 89/*
 90 * Truncate a time64_t to the range from 1970 to 2106 as in the network
 91 * protocol.
 92 */
 93static inline u32 rxrpc_time64_to_u32(time64_t time)
 94{
 95	if (time < 0)
 96		return 0;
 97
 98	if (time > UINT_MAX)
 99		return UINT_MAX;
100
101	return (u32)time;
102}
103
104/*
105 * Extend u32 back to time64_t using the same 1970-2106 range.
106 */
107static inline time64_t rxrpc_u32_to_time64(u32 time)
108{
109	return (time64_t)time;
110}
111
112#endif /* _KEYS_RXRPC_TYPE_H */