* [RFC PATCH 0/5] SUNRPC: Add option to store GSS credentials in
@ 2023-04-20 20:19 Scott Mayhew
2023-04-20 20:20 ` [RFC PATCH 1/5] keys: export keyring_ptr_to_key() Scott Mayhew
` (4 more replies)
0 siblings, 5 replies; 17+ messages in thread
From: Scott Mayhew @ 2023-04-20 20:19 UTC (permalink / raw)
To: linux-nfs, keyrings
These patches are a work in progress. They add the option to store GSS
credentials in user keyrings as an alternative to the credential cache
hashtables that are currently used. The goal is to give users the
ability to destroy their credentials on-demand.
There have been other attempts to give users the ability to destroy
their GSS credentials in the past, for example:
https://lore.kernel.org/all/1354560315-2393-2-git-send-email-andros@netapp.com/T/
and
https://lore.kernel.org/linux-nfs/20170807212355.29127-1-kolga@netapp.com/
But those attempts were not accepted, so I wanted to get some feedback
on what I currently have before trying to tackle some of the more thorny
issues, such as what to do when a user has files open for write,
potentially with dirty data to be written out.
These patches are also available at:
https://github.com/scottmayhew/linux/tree/gss-cred-keyring
Here's a quick demo:
[smayhew@centos9 ~]$ sudo mount nfs:/export /mnt/t
[smayhew@centos9 ~]$ ls -l /mnt/t/test[12]
-rw-r--r--. 1 testuser1 testuser1 32 Apr 20 15:34 /mnt/t/test1
-rw-r--r--. 1 testuser2 testuser2 32 Apr 20 15:33 /mnt/t/test2
[smayhew@centos9 ~]$ kinit testuser1
Password for testuser1@SMAYHEW2.TEST:
[smayhew@centos9 ~]$ date >/mnt/t/test1
[smayhew@centos9 ~]$ keyctl show
Session Keyring
400651412 --alswrv 1000 1000 keyring: _ses
376802674 --alswrv 1000 65534 \_ keyring: _uid.1000
297894262 --als--v 1000 1000 \_ gss_cred: clid:1 id:1000 princ:(none)
[smayhew@centos9 ~]$ date >/mnt/t/test2
-bash: /mnt/t/test2: Permission denied
[smayhew@centos9 ~]$ kinit testuser2
Password for testuser2@SMAYHEW2.TEST:
[smayhew@centos9 ~]$ keyctl unlink 297894262
1 links removed
Note: At this point the old gss_cred hasn't actually been destroyed,
because the key that is referencing it is also linked to a special
keyring hanging off the gss_auth structure. When the user creates a new
gss_cred and the key referencing the new gss_cred is linked to the
gss_auth keyring, that causes the old gss_cred to be destroyed and a
RPCSEC_GSS_DESTROY is sent to the server. If the user were to unlink
their gss_cred key and do nothing else, then the cred would be destroyed
when the gss_auth is destroyed (i.e. on umount).
[smayhew@centos9 ~]$ keyctl show
Session Keyring
400651412 --alswrv 1000 1000 keyring: _ses
376802674 --alswrv 1000 65534 \_ keyring: _uid.1000
[smayhew@centos9 ~]$ date >/mnt/t/test2
[smayhew@centos9 ~]$ keyctl show
Session Keyring
400651412 --alswrv 1000 1000 keyring: _ses
376802674 --alswrv 1000 65534 \_ keyring: _uid.1000
83204766 --als--v 1000 1000 \_ gss_cred: clid:1 id:1000 princ:(none)
[smayhew@centos9 ~]$ date >/mnt/t/test1
-bash: /mnt/t/test1: Permission denied
-Scott
Scott Mayhew (5):
keys: export keyring_ptr_to_key()
keys: add keyring_gc_custom()
keys: add dest_keyring parameter to request_key_with_auxdata()
keys: add the ability to search user keyrings in
search_cred_keyrings_rcu()
SUNRPC: store GSS creds in keyrings
fs/nfs/nfs4idmap.c | 2 +-
include/linux/key.h | 9 +-
include/linux/sunrpc/auth.h | 4 +-
include/trace/events/rpcgss.h | 46 ++++-
net/sunrpc/auth.c | 9 +-
net/sunrpc/auth_gss/auth_gss.c | 338 +++++++++++++++++++++++++++++++--
security/keys/internal.h | 1 +
security/keys/keyring.c | 16 +-
security/keys/process_keys.c | 78 ++++++--
security/keys/request_key.c | 5 +-
10 files changed, 470 insertions(+), 38 deletions(-)
--
2.39.2
^ permalink raw reply [flat|nested] 17+ messages in thread* [RFC PATCH 1/5] keys: export keyring_ptr_to_key() 2023-04-20 20:19 [RFC PATCH 0/5] SUNRPC: Add option to store GSS credentials in Scott Mayhew @ 2023-04-20 20:20 ` Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 2/5] keys: add keyring_gc_custom() Scott Mayhew ` (3 subsequent siblings) 4 siblings, 0 replies; 17+ messages in thread From: Scott Mayhew @ 2023-04-20 20:20 UTC (permalink / raw) To: linux-nfs, keyrings We want to be able to garbage collect keyrings using a custom select iterator, which will need to use keyring_ptr_to_key(). Signed-off-by: Scott Mayhew <smayhew@redhat.com> --- include/linux/key.h | 2 ++ security/keys/keyring.c | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/include/linux/key.h b/include/linux/key.h index 8dc7f7c3088b..3f4c6d6df921 100644 --- a/include/linux/key.h +++ b/include/linux/key.h @@ -417,6 +417,8 @@ extern int key_move(struct key *key, extern int key_unlink(struct key *keyring, struct key *key); +extern inline struct key *keyring_ptr_to_key(const struct assoc_array_ptr *x); + extern struct key *keyring_alloc(const char *description, kuid_t uid, kgid_t gid, const struct cred *cred, key_perm_t perm, diff --git a/security/keys/keyring.c b/security/keys/keyring.c index 4448758f643a..c57f3cef32fa 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -37,11 +37,14 @@ static inline bool keyring_ptr_is_keyring(const struct assoc_array_ptr *x) { return (unsigned long)x & KEYRING_PTR_SUBTYPE; } -static inline struct key *keyring_ptr_to_key(const struct assoc_array_ptr *x) + +inline struct key *keyring_ptr_to_key(const struct assoc_array_ptr *x) { void *object = assoc_array_ptr_to_leaf(x); return (struct key *)((unsigned long)object & ~KEYRING_PTR_SUBTYPE); } +EXPORT_SYMBOL_GPL(keyring_ptr_to_key); + static inline void *keyring_key_to_ptr(struct key *key) { if (key->type == &key_type_keyring) -- 2.39.2 ^ permalink raw reply related [flat|nested] 17+ messages in thread
* [RFC PATCH 2/5] keys: add keyring_gc_custom() 2023-04-20 20:19 [RFC PATCH 0/5] SUNRPC: Add option to store GSS credentials in Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 1/5] keys: export keyring_ptr_to_key() Scott Mayhew @ 2023-04-20 20:20 ` Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 3/5] keys: add dest_keyring parameter to request_key_with_auxdata() Scott Mayhew ` (2 subsequent siblings) 4 siblings, 0 replies; 17+ messages in thread From: Scott Mayhew @ 2023-04-20 20:20 UTC (permalink / raw) To: linux-nfs, keyrings Allow a keyring to be garbage collected using a custom select iterator. This will be used to destroy all the GSS creds for a particular RPC client when that RPC client is shut down. Signed-off-by: Scott Mayhew <smayhew@redhat.com> --- include/linux/key.h | 4 ++++ security/keys/keyring.c | 11 +++++++++++ 2 files changed, 15 insertions(+) diff --git a/include/linux/key.h b/include/linux/key.h index 3f4c6d6df921..6cfc60aca505 100644 --- a/include/linux/key.h +++ b/include/linux/key.h @@ -433,6 +433,10 @@ extern int restrict_link_reject(struct key *keyring, extern int keyring_clear(struct key *keyring); +extern void keyring_gc_custom(struct key *keyring, + bool (*iterator)(void *object, void *iterator_data), + void *iterator_data); + extern key_ref_t keyring_search(key_ref_t keyring, struct key_type *type, const char *description, diff --git a/security/keys/keyring.c b/security/keys/keyring.c index c57f3cef32fa..8e93f1bbd7f1 100644 --- a/security/keys/keyring.c +++ b/security/keys/keyring.c @@ -1795,3 +1795,14 @@ void keyring_restriction_gc(struct key *keyring, struct key_type *dead_type) kleave(" [restriction gc]"); } + +void keyring_gc_custom(struct key *keyring, + bool (*iterator)(void *object, void *iterator_data), + void *iterator_data) +{ + down_write(&keyring->sem); + assoc_array_gc(&keyring->keys, &keyring_assoc_array_ops, + iterator, iterator_data); + up_write(&keyring->sem); +} +EXPORT_SYMBOL_GPL(keyring_gc_custom); -- 2.39.2 ^ permalink raw reply related [flat|nested] 17+ messages in thread
* [RFC PATCH 3/5] keys: add dest_keyring parameter to request_key_with_auxdata() 2023-04-20 20:19 [RFC PATCH 0/5] SUNRPC: Add option to store GSS credentials in Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 1/5] keys: export keyring_ptr_to_key() Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 2/5] keys: add keyring_gc_custom() Scott Mayhew @ 2023-04-20 20:20 ` Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 4/5] keys: add the ability to search user keyrings in search_cred_keyrings_rcu() Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings Scott Mayhew 4 siblings, 0 replies; 17+ messages in thread From: Scott Mayhew @ 2023-04-20 20:20 UTC (permalink / raw) To: linux-nfs, keyrings We want to store GSS creds in user keyrings. Add a dest_keyring parameter to request_key_with_auxdata() so we can do that. Signed-off-by: Scott Mayhew <smayhew@redhat.com> --- fs/nfs/nfs4idmap.c | 2 +- include/linux/key.h | 3 ++- security/keys/request_key.c | 5 +++-- 3 files changed, 6 insertions(+), 4 deletions(-) diff --git a/fs/nfs/nfs4idmap.c b/fs/nfs/nfs4idmap.c index 25a7c771cfd8..15d4fc30bf50 100644 --- a/fs/nfs/nfs4idmap.c +++ b/fs/nfs/nfs4idmap.c @@ -292,7 +292,7 @@ static struct key *nfs_idmap_request_key(const char *name, size_t namelen, if (IS_ERR(rkey)) { mutex_lock(&idmap->idmap_mutex); rkey = request_key_with_auxdata(&key_type_id_resolver_legacy, - desc, NULL, "", 0, idmap); + desc, NULL, "", 0, idmap, NULL); mutex_unlock(&idmap->idmap_mutex); } if (!IS_ERR(rkey)) diff --git a/include/linux/key.h b/include/linux/key.h index 6cfc60aca505..009dfd3d27b0 100644 --- a/include/linux/key.h +++ b/include/linux/key.h @@ -333,7 +333,8 @@ extern struct key *request_key_with_auxdata(struct key_type *type, struct key_tag *domain_tag, const void *callout_info, size_t callout_len, - void *aux); + void *aux, + struct key *dest_keyring); /** * request_key - Request a key and wait for construction diff --git a/security/keys/request_key.c b/security/keys/request_key.c index 07a0ef2baacd..1424a6fa4c9d 100644 --- a/security/keys/request_key.c +++ b/security/keys/request_key.c @@ -735,14 +735,15 @@ struct key *request_key_with_auxdata(struct key_type *type, struct key_tag *domain_tag, const void *callout_info, size_t callout_len, - void *aux) + void *aux, + struct key *dest_keyring) { struct key *key; int ret; key = request_key_and_link(type, description, domain_tag, callout_info, callout_len, - aux, NULL, KEY_ALLOC_IN_QUOTA); + aux, dest_keyring, KEY_ALLOC_IN_QUOTA); if (!IS_ERR(key)) { ret = wait_for_key_construction(key, false); if (ret < 0) { -- 2.39.2 ^ permalink raw reply related [flat|nested] 17+ messages in thread
* [RFC PATCH 4/5] keys: add the ability to search user keyrings in search_cred_keyrings_rcu() 2023-04-20 20:19 [RFC PATCH 0/5] SUNRPC: Add option to store GSS credentials in Scott Mayhew ` (2 preceding siblings ...) 2023-04-20 20:20 ` [RFC PATCH 3/5] keys: add dest_keyring parameter to request_key_with_auxdata() Scott Mayhew @ 2023-04-20 20:20 ` Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings Scott Mayhew 4 siblings, 0 replies; 17+ messages in thread From: Scott Mayhew @ 2023-04-20 20:20 UTC (permalink / raw) To: linux-nfs, keyrings We want to store GSS creds in user keyrings. Make search_cred_keyrings_rcu() search the user keyring if it exists so that keys containing GSS creds will be found. Signed-off-by: Scott Mayhew <smayhew@redhat.com> --- security/keys/internal.h | 1 + security/keys/process_keys.c | 78 ++++++++++++++++++++++++++++++------ 2 files changed, 67 insertions(+), 12 deletions(-) diff --git a/security/keys/internal.h b/security/keys/internal.h index 3c1e7122076b..524178802406 100644 --- a/security/keys/internal.h +++ b/security/keys/internal.h @@ -149,6 +149,7 @@ extern key_ref_t search_process_keyrings_rcu(struct keyring_search_context *ctx) extern struct key *find_keyring_by_name(const char *name, bool uid_keyring); extern int look_up_user_keyrings(struct key **, struct key **); +extern struct key *get_user_keyring_rcu(const struct cred *); extern struct key *get_user_session_keyring_rcu(const struct cred *); extern int install_thread_keyring_to_cred(struct cred *); extern int install_process_keyring_to_cred(struct cred *); diff --git a/security/keys/process_keys.c b/security/keys/process_keys.c index b5d5333ab330..c78b13a0c5a2 100644 --- a/security/keys/process_keys.c +++ b/security/keys/process_keys.c @@ -179,13 +179,12 @@ int look_up_user_keyrings(struct key **_user_keyring, } /* - * Get the user session keyring if it exists, but don't create it if it - * doesn't. + * Get a keyring if it exists, but don't create it if it doesn't. */ -struct key *get_user_session_keyring_rcu(const struct cred *cred) +static struct key *get_keyring_rcu(const struct cred *cred, key_serial_t id) { struct key *reg_keyring = READ_ONCE(cred->user_ns->user_keyring_register); - key_ref_t session_keyring_r; + key_ref_t keyring_r; char buf[20]; struct keyring_search_context ctx = { @@ -201,15 +200,47 @@ struct key *get_user_session_keyring_rcu(const struct cred *cred) if (!reg_keyring) return NULL; - ctx.index_key.desc_len = snprintf(buf, sizeof(buf), "_uid_ses.%u", - from_kuid(cred->user_ns, - cred->user->uid)); + switch (id) { + case KEY_SPEC_USER_KEYRING: + ctx.index_key.desc_len = snprintf(buf, sizeof(buf), + "_uid.%u", + from_kuid(cred->user_ns, + cred->user->uid)); + break; + case KEY_SPEC_USER_SESSION_KEYRING: + ctx.index_key.desc_len = snprintf(buf, sizeof(buf), + "_uid_ses.%u", + from_kuid(cred->user_ns, + cred->user->uid)); + break; + default: + return NULL; + break; + } - session_keyring_r = keyring_search_rcu(make_key_ref(reg_keyring, true), - &ctx); - if (IS_ERR(session_keyring_r)) + keyring_r = keyring_search_rcu(make_key_ref(reg_keyring, true), &ctx); + + if (IS_ERR(keyring_r)) return NULL; - return key_ref_to_ptr(session_keyring_r); + return key_ref_to_ptr(keyring_r); +} + +/* + * Get the user keyring if it exists, but don't create it if it + * doesn't. + */ +struct key *get_user_keyring_rcu(const struct cred *cred) +{ + return get_keyring_rcu(cred, KEY_SPEC_USER_KEYRING); +} + +/* + * Get the user session keyring if it exists, but don't create it if it + * doesn't. + */ +struct key *get_user_session_keyring_rcu(const struct cred *cred) +{ + return get_keyring_rcu(cred, KEY_SPEC_USER_SESSION_KEYRING); } /* @@ -421,7 +452,7 @@ void key_fsgid_changed(struct cred *new_cred) */ key_ref_t search_cred_keyrings_rcu(struct keyring_search_context *ctx) { - struct key *user_session; + struct key *user_session, *user; key_ref_t key_ref, ret, err; const struct cred *cred = ctx->cred; @@ -519,6 +550,29 @@ key_ref_t search_cred_keyrings_rcu(struct keyring_search_context *ctx) } } + /* search the user keyring */ + if ((user = get_user_keyring_rcu(cred))) { + key_ref = keyring_search_rcu(make_key_ref(user, 1), + ctx); + key_put(user); + + if (!IS_ERR(key_ref)) + goto found; + + switch (PTR_ERR(key_ref)) { + case -EAGAIN: /* no key */ + if (ret) + break; + fallthrough; + case -ENOKEY: /* negative key */ + ret = key_ref; + break; + default: + err = key_ref; + break; + } + } + /* no key - decide on the error we're going to go for */ key_ref = ret ? ret : err; -- 2.39.2 ^ permalink raw reply related [flat|nested] 17+ messages in thread
* [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings 2023-04-20 20:19 [RFC PATCH 0/5] SUNRPC: Add option to store GSS credentials in Scott Mayhew ` (3 preceding siblings ...) 2023-04-20 20:20 ` [RFC PATCH 4/5] keys: add the ability to search user keyrings in search_cred_keyrings_rcu() Scott Mayhew @ 2023-04-20 20:20 ` Scott Mayhew 2023-04-20 21:54 ` kernel test robot ` (5 more replies) 4 siblings, 6 replies; 17+ messages in thread From: Scott Mayhew @ 2023-04-20 20:20 UTC (permalink / raw) To: linux-nfs, keyrings This patch adds the option to store GSS credentials in keyrings as an alternative to the RPC credential cache, to give users the ability to destroy their GSS credentials on demand via 'keyctl unlink'. Summary of the changes: - Added key_type key_type_gss_cred and associated functions. The request_key function makes use of the existing upcall mechanism to gssd. - Added a keyring to the gss_auth struct to allow all of the assocated GSS credentials to be destroyed on RPC client shutdown (when the filesystem is unmounted). - The key description contains the RPC client id, the user id, and the principal (for machine creds). - The key payload contains the address of the gss_cred. - The key is linked to the user's user keyring (KEY_SPEC_USER_KEYRING) as well as to the keyring on the gss_auth struct. - gss_cred_init() now takes an optional pointer to an authkey, which is passed down to gss_create_upcall() and gss_setup_upcall(), where it is added to the gss_msg. This is used for complete_request_key() after the upcall is done. - put_rpccred() now returns a bool to indicate whether it called crdestroy(), and is used by gss_key_revoke() and gss_key_destroy() to determine whether to clear the key payload. - gss_fill_context() now returns the GSS context's timeout via the tout parameter, which is used to set the timeout of the key. - Added the module parameter 'use_keyring'. When set to true, the GSS credentials are stored in the keyrings. When false, the GSS credentials are stored in the RPC credential caches. - Added a tracepoint to log the result of the key request, which prints either the key serial or an error return value. Signed-off-by: Scott Mayhew <smayhew@redhat.com> --- include/linux/sunrpc/auth.h | 4 +- include/trace/events/rpcgss.h | 46 ++++- net/sunrpc/auth.c | 9 +- net/sunrpc/auth_gss/auth_gss.c | 338 +++++++++++++++++++++++++++++++-- 4 files changed, 376 insertions(+), 21 deletions(-) diff --git a/include/linux/sunrpc/auth.h b/include/linux/sunrpc/auth.h index 3e6ce288a7fc..2a1fd8409396 100644 --- a/include/linux/sunrpc/auth.h +++ b/include/linux/sunrpc/auth.h @@ -124,7 +124,7 @@ struct rpc_authops { struct rpc_credops { const char * cr_name; /* Name of the auth flavour */ - int (*cr_init)(struct rpc_auth *, struct rpc_cred *); + int (*cr_init)(struct rpc_auth *, struct rpc_cred *, struct key *); void (*crdestroy)(struct rpc_cred *); int (*crmatch)(struct auth_cred *, struct rpc_cred *, int); @@ -162,7 +162,7 @@ int rpcauth_get_gssinfo(rpc_authflavor_t, struct rpc_cred * rpcauth_lookup_credcache(struct rpc_auth *, struct auth_cred *, int, gfp_t); void rpcauth_init_cred(struct rpc_cred *, const struct auth_cred *, struct rpc_auth *, const struct rpc_credops *); struct rpc_cred * rpcauth_lookupcred(struct rpc_auth *, int); -void put_rpccred(struct rpc_cred *); +bool put_rpccred(struct rpc_cred *); int rpcauth_marshcred(struct rpc_task *task, struct xdr_stream *xdr); int rpcauth_checkverf(struct rpc_task *task, diff --git a/include/trace/events/rpcgss.h b/include/trace/events/rpcgss.h index ba2d96a1bc2f..3a9a0b343c4a 100644 --- a/include/trace/events/rpcgss.h +++ b/include/trace/events/rpcgss.h @@ -626,6 +626,40 @@ TRACE_EVENT(rpcgss_context, __entry->timeout, __entry->len, __get_str(acceptor)) ); +TRACE_EVENT(rpcgss_request_key_result, + TP_PROTO( + const struct auth_cred *acred, + const struct key *key + ), + + TP_ARGS(acred, key), + + TP_STRUCT__entry( + __field(u32, uid) + __string(principal, acred->principal) + __field(const void *, credkey) + __field(int, serial) + __field(int, error) + ), + + TP_fast_assign( + __entry->uid = from_kuid(&init_user_ns, acred->cred->fsuid); + __assign_str(principal, acred->principal); + if (IS_ERR(key)) { + __entry->credkey = 0; + __entry->serial = 0; + __entry->error = PTR_ERR(key); + } else { + __entry->credkey = key; + __entry->serial = key->serial; + __entry->error = 0; + } + ), + + TP_printk(" for acred { uid %u princ %s }, key=%px serial=%d error=%d", + __entry->uid, __get_str(principal), __entry->credkey, + __entry->serial, __entry->error) +); /** ** Miscellaneous events @@ -645,24 +679,28 @@ TRACE_DEFINE_ENUM(RPC_AUTH_GSS_KRB5P); TRACE_EVENT(rpcgss_createauth, TP_PROTO( unsigned int flavor, - int error + int error, + const struct key *key ), - TP_ARGS(flavor, error), + TP_ARGS(flavor, error, key), TP_STRUCT__entry( __field(unsigned int, flavor) __field(int, error) + __field(const void *, keyring) ), TP_fast_assign( __entry->flavor = flavor; __entry->error = error; + __entry->keyring = key; ), - TP_printk("flavor=%s error=%d", - show_pseudoflavor(__entry->flavor), __entry->error) + TP_printk("flavor=%s error=%d keyring=%px", + show_pseudoflavor(__entry->flavor), __entry->error, + __entry->keyring) ); TRACE_EVENT(rpcgss_oid_to_mech, diff --git a/net/sunrpc/auth.c b/net/sunrpc/auth.c index fb75a883503f..972ca3c7385d 100644 --- a/net/sunrpc/auth.c +++ b/net/sunrpc/auth.c @@ -565,7 +565,7 @@ rpcauth_lookup_credcache(struct rpc_auth *auth, struct auth_cred * acred, if (test_bit(RPCAUTH_CRED_NEW, &cred->cr_flags) && cred->cr_ops->cr_init != NULL && !(flags & RPCAUTH_LOOKUP_NEW)) { - int res = cred->cr_ops->cr_init(auth, cred); + int res = cred->cr_ops->cr_init(auth, cred, NULL); if (res < 0) { put_rpccred(cred); cred = ERR_PTR(res); @@ -683,11 +683,11 @@ rpcauth_bindcred(struct rpc_task *task, const struct cred *cred, int flags) return 0; } -void +bool put_rpccred(struct rpc_cred *cred) { if (cred == NULL) - return; + return false; rcu_read_lock(); if (refcount_dec_and_test(&cred->cr_count)) goto destroy; @@ -707,10 +707,11 @@ put_rpccred(struct rpc_cred *cred) } out: rcu_read_unlock(); - return; + return false; destroy: rcu_read_unlock(); cred->cr_ops->crdestroy(cred); + return true; } EXPORT_SYMBOL_GPL(put_rpccred); diff --git a/net/sunrpc/auth_gss/auth_gss.c b/net/sunrpc/auth_gss/auth_gss.c index 1af71fbb0d80..f97cbf9655ca 100644 --- a/net/sunrpc/auth_gss/auth_gss.c +++ b/net/sunrpc/auth_gss/auth_gss.c @@ -28,12 +28,26 @@ #include <linux/sunrpc/gss_api.h> #include <linux/uaccess.h> #include <linux/hashtable.h> +#include <linux/key.h> +#include <linux/keyctl.h> +#include <linux/key-type.h> +#include <keys/user-type.h> +#include <keys/request_key_auth-type.h> #include "auth_gss_internal.h" #include "../netns.h" #include <trace/events/rpcgss.h> +#define UINT_MAX_LEN 11 +static const char CLID_PREFIX[] = "clid:"; +static const char ID_PREFIX[] = "id:"; +static const char PRINC_PREFIX[] = "princ:"; +static const char PRINC_NONE[] = "princ:(none)"; +static struct key_type key_type_gss_cred; + +void gss_key_destroy(struct key *key); + static const struct rpc_authops authgss_ops; static const struct rpc_credops gss_credops; @@ -45,6 +59,8 @@ static unsigned int gss_expired_cred_retry_delay = GSS_RETRY_EXPIRED; #define GSS_KEY_EXPIRE_TIMEO 240 static unsigned int gss_key_expire_timeo = GSS_KEY_EXPIRE_TIMEO; +static bool use_keyring; + #if IS_ENABLED(CONFIG_SUNRPC_DEBUG) # define RPCDBG_FACILITY RPCDBG_AUTH #endif @@ -98,6 +114,14 @@ struct gss_auth { */ struct gss_pipe *gss_pipe[2]; const char *target_name; + struct cred *keyring_cred; +}; + +struct gss_auxdata { + struct rpc_auth *auth; + struct auth_cred *acred; + int flags; + gfp_t gfp; }; /* pipe_version >= 0 if and only if someone has a pipe open. */ @@ -174,7 +198,8 @@ gss_alloc_context(void) #define GSSD_MIN_TIMEOUT (60 * 60) static const void * -gss_fill_context(const void *p, const void *end, struct gss_cl_ctx *ctx, struct gss_api_mech *gm) +gss_fill_context(const void *p, const void *end, struct gss_cl_ctx *ctx, + struct gss_api_mech *gm, unsigned int *tout) { const void *q; unsigned int seclen; @@ -192,6 +217,7 @@ gss_fill_context(const void *p, const void *end, struct gss_cl_ctx *ctx, struct goto err; if (timeout == 0) timeout = GSSD_MIN_TIMEOUT; + *tout = timeout; ctx->gc_expiry = now + ((unsigned long)timeout * HZ); /* Sequence number window. Determines the maximum number of * simultaneous requests @@ -267,6 +293,8 @@ struct gss_upcall_msg { struct rpc_wait_queue rpc_waitqueue; wait_queue_head_t waitqueue; struct gss_cl_ctx *ctx; + struct key *authkey; + unsigned int timeout; char databuf[UPCALL_BUF_LEN]; }; @@ -559,7 +587,8 @@ gss_alloc_msg(struct gss_auth *gss_auth, } static struct gss_upcall_msg * -gss_setup_upcall(struct gss_auth *gss_auth, struct rpc_cred *cred) +gss_setup_upcall(struct gss_auth *gss_auth, struct rpc_cred *cred, + struct key *authkey) { struct gss_cred *gss_cred = container_of(cred, struct gss_cred, gc_base); @@ -572,6 +601,7 @@ gss_setup_upcall(struct gss_auth *gss_auth, struct rpc_cred *cred) gss_msg = gss_add_msg(gss_new); if (gss_msg == gss_new) { int res; + gss_msg->authkey = authkey; refcount_inc(&gss_msg->count); res = rpc_queue_upcall(gss_new->pipe, &gss_new->msg); if (res) { @@ -602,7 +632,7 @@ gss_refresh_upcall(struct rpc_task *task) struct rpc_pipe *pipe; int err = 0; - gss_msg = gss_setup_upcall(gss_auth, cred); + gss_msg = gss_setup_upcall(gss_auth, cred, NULL); if (PTR_ERR(gss_msg) == -EAGAIN) { /* XXX: warning on the first, under the assumption we * shouldn't normally hit this case on a refresh. */ @@ -638,16 +668,23 @@ gss_refresh_upcall(struct rpc_task *task) } static inline int -gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred) +gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred, + struct key *authkey) { struct net *net = gss_auth->net; struct sunrpc_net *sn = net_generic(net, sunrpc_net_id); struct rpc_pipe *pipe; struct rpc_cred *cred = &gss_cred->gc_base; struct gss_upcall_msg *gss_msg; + struct request_key_auth *rka; + struct key *key; DEFINE_WAIT(wait); int err; + if (use_keyring) { + rka = get_request_key_auth(authkey); + key = rka->target_key; + } retry: err = 0; /* if gssd is down, just skip upcalling altogether */ @@ -656,7 +693,7 @@ gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred) err = -EACCES; goto out; } - gss_msg = gss_setup_upcall(gss_auth, cred); + gss_msg = gss_setup_upcall(gss_auth, cred, authkey); if (PTR_ERR(gss_msg) == -EAGAIN) { err = wait_event_interruptible_timeout(pipe_version_waitqueue, sn->pipe_version >= 0, 15 * HZ); @@ -689,6 +726,17 @@ gss_create_upcall(struct gss_auth *gss_auth, struct gss_cred *gss_cred) if (gss_msg->ctx) { trace_rpcgss_ctx_init(gss_cred); gss_cred_set_ctx(cred, gss_msg->ctx); + if (use_keyring) { + err = key_instantiate_and_link(key, gss_cred, + sizeof(gss_cred), + NULL, authkey); + if (!err) { + key_set_timeout(key, gss_msg->timeout); + err = key_link(gss_auth->keyring_cred->thread_keyring, + key); + } + complete_request_key(authkey, err); + } } else { err = gss_msg->msg.errno; } @@ -771,7 +819,8 @@ gss_pipe_downcall(struct file *filp, const char __user *src, size_t mlen) list_del_init(&gss_msg->list); spin_unlock(&pipe->lock); - p = gss_fill_context(p, end, ctx, gss_msg->auth->mech); + p = gss_fill_context(p, end, ctx, gss_msg->auth->mech, + &gss_msg->timeout); if (IS_ERR(p)) { err = PTR_ERR(p); switch (err) { @@ -1032,6 +1081,8 @@ gss_create_new(const struct rpc_auth_create_args *args, struct rpc_clnt *clnt) struct gss_pipe *gss_pipe; struct rpc_auth * auth; int err = -ENOMEM; /* XXX? */ + struct cred *cred; + struct key *keyring; if (!try_module_get(THIS_MODULE)) return ERR_PTR(err); @@ -1094,7 +1145,34 @@ gss_create_new(const struct rpc_auth_create_args *args, struct rpc_clnt *clnt) } gss_auth->gss_pipe[0] = gss_pipe; + if (use_keyring) { + cred = prepare_kernel_cred(&init_task); + if (!cred) { + err = -ENOMEM; + goto err_destroy_pipe_0; + } + keyring = keyring_alloc("gss_keyring", + GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, + (KEY_POS_ALL & ~KEY_POS_SETATTR) | + KEY_USR_VIEW | KEY_USR_READ, + KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL); + if (IS_ERR(keyring)) { + err = PTR_ERR(keyring); + goto err_destroy_cred; + } + set_bit(KEY_FLAG_ROOT_CAN_CLEAR, &keyring->flags); + cred->thread_keyring = keyring; + cred->jit_keyring = KEY_REQKEY_DEFL_THREAD_KEYRING; + gss_auth->keyring_cred = cred; + } + + trace_rpcgss_createauth(flavor, err, gss_auth->keyring_cred ? + gss_auth->keyring_cred->thread_keyring : NULL); return gss_auth; +err_destroy_cred: + put_cred(cred); +err_destroy_pipe_0: + gss_pipe_free(gss_auth->gss_pipe[0]); err_destroy_pipe_1: gss_pipe_free(gss_auth->gss_pipe[1]); err_destroy_credcache: @@ -1108,7 +1186,8 @@ gss_create_new(const struct rpc_auth_create_args *args, struct rpc_clnt *clnt) kfree(gss_auth); out_dec: module_put(THIS_MODULE); - trace_rpcgss_createauth(flavor, err); + trace_rpcgss_createauth(flavor, err, gss_auth->keyring_cred ? + gss_auth->keyring_cred->thread_keyring : NULL); return ERR_PTR(err); } @@ -1139,6 +1218,19 @@ gss_put_auth(struct gss_auth *gss_auth) kref_put(&gss_auth->kref, gss_free_callback); } +static bool gss_key_gc_iterator(void *object, void *__unused) +{ + struct key *key = keyring_ptr_to_key(object); + struct gss_cred *cred = key->payload.data[0]; + + if (cred && put_rpccred(&cred->gc_base)) { + key->payload.data[0] = NULL; + return false; + } + key_get(key); + return true; +} + static void gss_destroy(struct rpc_auth *auth) { @@ -1157,6 +1249,13 @@ gss_destroy(struct rpc_auth *auth) gss_auth->gss_pipe[1] = NULL; rpcauth_destroy_credcache(auth); + if (use_keyring) { + keyring_gc_custom(gss_auth->keyring_cred->thread_keyring, + &gss_key_gc_iterator, NULL); + key_revoke(gss_auth->keyring_cred->thread_keyring); + put_cred(gss_auth->keyring_cred); + } + gss_put_auth(gss_auth); } @@ -1369,14 +1468,109 @@ gss_hash_cred(struct auth_cred *acred, unsigned int hashbits) return hash_64(from_kuid(&init_user_ns, acred->cred->fsuid), hashbits); } +static struct key *gss_request_key(struct rpc_auth *auth, + struct auth_cred *acred, + int flags, gfp_t gfp) +{ + struct gss_auth *gss_auth = container_of(auth, struct gss_auth, rpc_auth); + struct key *key; + struct gss_auxdata *aux; + char clid_str[UINT_MAX_LEN]; + char id_str[UINT_MAX_LEN]; + char *desc; + int clid_len, id_len, desclen; + struct key *dest_keyring; + key_ref_t keyref; + + keyref = lookup_user_key(KEY_SPEC_USER_KEYRING, + KEY_LOOKUP_CREATE, KEY_NEED_SEARCH); + if (IS_ERR(keyref)) + return ERR_CAST(keyref); + dest_keyring = key_ref_to_ptr(keyref); + + clid_len = snprintf(clid_str, sizeof(clid_str), "%u", + gss_auth->client->cl_clid); + id_len = snprintf(id_str, sizeof(id_str), "%u", + from_kuid(&init_user_ns, acred->cred->fsuid)); + + desclen = sizeof(CLID_PREFIX) + clid_len + 1 + + sizeof(ID_PREFIX) + id_len; + + if (acred->principal) + desclen += (1 + sizeof(PRINC_PREFIX) + strlen(acred->principal)); + else + desclen += (1 + sizeof(PRINC_NONE)); + + desc = kmalloc(desclen, GFP_KERNEL); + if (!desc) + return ERR_PTR(-ENOMEM); + + if (acred->principal) + sprintf(desc, "%s%s %s%s %s%s", CLID_PREFIX, clid_str, + ID_PREFIX, id_str, PRINC_PREFIX, acred->principal); + else + sprintf(desc, "%s%s %s%s %s", CLID_PREFIX, clid_str, + ID_PREFIX, id_str, PRINC_NONE); + + aux = kzalloc(sizeof(*aux), gfp); + if (!aux) + return ERR_PTR(-ENOMEM); + + aux->auth = auth; + aux->acred = acred; + aux->flags = flags; + aux->gfp = gfp; + + key = request_key_with_auxdata(&key_type_gss_cred, desc, + NULL, "", 0, aux, dest_keyring); + kfree(aux); + kfree(desc); + return key; +} + +static struct rpc_cred * +gss_lookup_keyring(struct rpc_auth *auth, struct auth_cred *acred, + int flags, gfp_t gfp) +{ + struct key *key; + struct gss_cred *gss_cred; + struct rpc_cred *cred = NULL; + const struct cred *saved_cred; + + saved_cred = override_creds(acred->cred); + key = gss_request_key(auth, acred, flags, rpc_task_gfp_mask()); + trace_rpcgss_request_key_result(acred, key); + if (IS_ERR(key)) { + cred = ERR_CAST(key); + goto out; + } + down_read(&key->sem); + gss_cred = key->payload.data[0]; + if (!gss_cred) { + cred = ERR_PTR(-ENOKEY); + goto out_up; + } + cred = get_rpccred(&gss_cred->gc_base); +out_up: + up_read(&key->sem); + key_put(key); +out: + revert_creds(saved_cred); + return cred; +} + /* * Lookup RPCSEC_GSS cred for the current process */ static struct rpc_cred *gss_lookup_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags) { - return rpcauth_lookup_credcache(auth, acred, flags, - rpc_task_gfp_mask()); + if (use_keyring) + return gss_lookup_keyring(auth, acred, flags, + rpc_task_gfp_mask()); + else + return rpcauth_lookup_credcache(auth, acred, flags, + rpc_task_gfp_mask()); } static struct rpc_cred * @@ -1405,18 +1599,128 @@ gss_create_cred(struct rpc_auth *auth, struct auth_cred *acred, int flags, gfp_t } static int -gss_cred_init(struct rpc_auth *auth, struct rpc_cred *cred) +gss_cred_init(struct rpc_auth *auth, struct rpc_cred *cred, struct key *authkey) { struct gss_auth *gss_auth = container_of(auth, struct gss_auth, rpc_auth); struct gss_cred *gss_cred = container_of(cred,struct gss_cred, gc_base); int err; do { - err = gss_create_upcall(gss_auth, gss_cred); + err = gss_create_upcall(gss_auth, gss_cred, authkey); } while (err == -EAGAIN); return err; } +static bool gss_cmp(const struct key *key, + const struct key_match_data *match_data) +{ + struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); + struct rpc_cred *rc; + struct gss_cl_ctx *ctx; + bool ret; + + if (!gss_cred) + return false; + + rc = &gss_cred->gc_base; + + if (test_bit(RPCAUTH_CRED_NEW, &rc->cr_flags)) + goto out; + /* Don't match with creds that have expired. */ + ctx = rcu_dereference(gss_cred->gc_ctx); + if (!ctx || time_after(jiffies, ctx->gc_expiry)) { + rcu_read_unlock(); + return false; + } + if (!test_bit(RPCAUTH_CRED_UPTODATE, &rc->cr_flags)) { + return false; + } +out: + ret = strcmp(key->description, match_data->raw_data) == 0; + return ret; +} + +static int gss_match_preparse(struct key_match_data *match_data) +{ + match_data->cmp = gss_cmp; + match_data->lookup_type = KEYRING_SEARCH_LOOKUP_ITERATE; + return 0; +} + +static int gss_request_key_upcall(struct key *authkey, void *aux) +{ + struct gss_auxdata *data = aux; + struct rpc_auth *auth = data->auth; + struct auth_cred *acred = data->acred; + int flags = data->flags; + gfp_t gfp = data->gfp; + struct rpc_cred *cred; + int ret; + + cred = gss_create_cred(auth, acred, flags, gfp); + if (IS_ERR(cred)) { + ret = PTR_ERR(cred); + complete_request_key(authkey, ret); + return ret; + } + + ret = gss_cred_init(auth, cred, authkey); + if (ret < 0) { + complete_request_key(authkey, ret); + } + + return ret; +} + +void gss_key_revoke(struct key *key) +{ + struct gss_cred *cred = key->payload.data[0]; + + if (cred && put_rpccred(&cred->gc_base)) + key->payload.data[0] = NULL; +} + +void gss_key_destroy(struct key *key) +{ + struct gss_cred *cred = key->payload.data[0]; + + if (cred && put_rpccred(&cred->gc_base)) + key->payload.data[0] = NULL; +} + +void gss_describe(const struct key *key, struct seq_file *m) +{ + struct gss_cred *gss_cred = key->payload.data[0]; + + if (!gss_cred) + return; + + seq_puts(m, key->description); + if (key_is_positive(key)) { + seq_printf(m, " gc: %px", gss_cred); + } +} + +int gss_key_instantiate(struct key *key, struct key_preparsed_payload *prep) +{ + if (prep->datalen != key->type->def_datalen) + return -EINVAL; + + rcu_assign_keypointer(key, (struct gss_cred *)prep->data); + return 0; +} + +static struct key_type key_type_gss_cred = { + .name = "gss_cred", + .def_datalen = sizeof(struct gss_cred *), + .instantiate = gss_key_instantiate, + .match_preparse = gss_match_preparse, + .revoke = gss_key_revoke, + .destroy = gss_key_destroy, + .describe = gss_describe, + .request_key = gss_request_key_upcall, +}; + static char * gss_stringify_acceptor(struct rpc_cred *cred) { @@ -2261,6 +2565,11 @@ static int __init init_rpcsec_gss(void) err = register_pernet_subsys(&rpcsec_gss_net_ops); if (err) goto out_svc_exit; + if (use_keyring) { + err = register_key_type(&key_type_gss_cred); + if (err) + goto out_svc_exit; + } rpc_init_wait_queue(&pipe_version_rpc_waitqueue, "gss pipe version"); return 0; out_svc_exit: @@ -2273,6 +2582,8 @@ static int __init init_rpcsec_gss(void) static void __exit exit_rpcsec_gss(void) { + if (use_keyring) + unregister_key_type(&key_type_gss_cred); unregister_pernet_subsys(&rpcsec_gss_net_ops); gss_svc_shutdown(); rpcauth_unregister(&authgss_ops); @@ -2294,5 +2605,10 @@ MODULE_PARM_DESC(key_expire_timeo, "Time (in seconds) at the end of a " "credential keys lifetime where the NFS layer cleans up " "prior to key expiration"); +module_param(use_keyring, bool, 0444); +MODULE_PARM_DESC(use_keyring, + "Store credentials in keyrings instead of credential cache. " + "Default: false"); + module_init(init_rpcsec_gss) module_exit(exit_rpcsec_gss) -- 2.39.2 ^ permalink raw reply related [flat|nested] 17+ messages in thread
* Re: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings 2023-04-20 20:20 ` [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings Scott Mayhew @ 2023-04-20 21:54 ` kernel test robot 2023-04-21 3:32 ` kernel test robot ` (4 subsequent siblings) 5 siblings, 0 replies; 17+ messages in thread From: kernel test robot @ 2023-04-20 21:54 UTC (permalink / raw) To: Scott Mayhew; +Cc: oe-kbuild-all Hi Scott, [This is a private test report for your RFC patch.] kernel test robot noticed the following build warnings: [auto build test WARNING on trondmy-nfs/linux-next] [also build test WARNING on linus/master v6.3-rc7 next-20230420] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Scott-Mayhew/keys-export-keyring_ptr_to_key/20230421-042202 base: git://git.linux-nfs.org/projects/trondmy/linux-nfs.git linux-next patch link: https://lore.kernel.org/r/20230420202004.239116-6-smayhew%40redhat.com patch subject: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings config: m68k-allyesconfig (https://download.01.org/0day-ci/archive/20230421/202304210551.vkZBdczN-lkp@intel.com/config) compiler: m68k-linux-gcc (GCC) 12.1.0 reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://github.com/intel-lab-lkp/linux/commit/6a654188690846a7c5e1de83e390a2bce53d79a8 git remote add linux-review https://github.com/intel-lab-lkp/linux git fetch --no-tags linux-review Scott-Mayhew/keys-export-keyring_ptr_to_key/20230421-042202 git checkout 6a654188690846a7c5e1de83e390a2bce53d79a8 # save the config file mkdir build_dir && cp config build_dir/.config COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=m68k olddefconfig COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=m68k SHELL=/bin/bash net/sunrpc/ If you fix the issue, kindly add following tag where applicable | Reported-by: kernel test robot <lkp@intel.com> | Link: https://lore.kernel.org/oe-kbuild-all/202304210551.vkZBdczN-lkp@intel.com/ All warnings (new ones prefixed by >>): >> net/sunrpc/auth_gss/auth_gss.c:1675:6: warning: no previous prototype for 'gss_key_revoke' [-Wmissing-prototypes] 1675 | void gss_key_revoke(struct key *key) | ^~~~~~~~~~~~~~ >> net/sunrpc/auth_gss/auth_gss.c:1691:6: warning: no previous prototype for 'gss_describe' [-Wmissing-prototypes] 1691 | void gss_describe(const struct key *key, struct seq_file *m) | ^~~~~~~~~~~~ >> net/sunrpc/auth_gss/auth_gss.c:1704:5: warning: no previous prototype for 'gss_key_instantiate' [-Wmissing-prototypes] 1704 | int gss_key_instantiate(struct key *key, struct key_preparsed_payload *prep) | ^~~~~~~~~~~~~~~~~~~ vim +/gss_key_revoke +1675 net/sunrpc/auth_gss/auth_gss.c 1674 > 1675 void gss_key_revoke(struct key *key) 1676 { 1677 struct gss_cred *cred = key->payload.data[0]; 1678 1679 if (cred && put_rpccred(&cred->gc_base)) 1680 key->payload.data[0] = NULL; 1681 } 1682 1683 void gss_key_destroy(struct key *key) 1684 { 1685 struct gss_cred *cred = key->payload.data[0]; 1686 1687 if (cred && put_rpccred(&cred->gc_base)) 1688 key->payload.data[0] = NULL; 1689 } 1690 > 1691 void gss_describe(const struct key *key, struct seq_file *m) 1692 { 1693 struct gss_cred *gss_cred = key->payload.data[0]; 1694 1695 if (!gss_cred) 1696 return; 1697 1698 seq_puts(m, key->description); 1699 if (key_is_positive(key)) { 1700 seq_printf(m, " gc: %px", gss_cred); 1701 } 1702 } 1703 > 1704 int gss_key_instantiate(struct key *key, struct key_preparsed_payload *prep) 1705 { 1706 if (prep->datalen != key->type->def_datalen) 1707 return -EINVAL; 1708 1709 rcu_assign_keypointer(key, (struct gss_cred *)prep->data); 1710 return 0; 1711 } 1712 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests ^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings 2023-04-20 20:20 ` [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings Scott Mayhew 2023-04-20 21:54 ` kernel test robot @ 2023-04-21 3:32 ` kernel test robot 2023-04-21 5:14 ` kernel test robot ` (3 subsequent siblings) 5 siblings, 0 replies; 17+ messages in thread From: kernel test robot @ 2023-04-21 3:32 UTC (permalink / raw) To: Scott Mayhew; +Cc: oe-kbuild-all Hi Scott, [This is a private test report for your RFC patch.] kernel test robot noticed the following build warnings: [auto build test WARNING on trondmy-nfs/linux-next] [also build test WARNING on linus/master v6.3-rc7 next-20230420] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Scott-Mayhew/keys-export-keyring_ptr_to_key/20230421-042202 base: git://git.linux-nfs.org/projects/trondmy/linux-nfs.git linux-next patch link: https://lore.kernel.org/r/20230420202004.239116-6-smayhew%40redhat.com patch subject: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings config: csky-defconfig (https://download.01.org/0day-ci/archive/20230421/202304211152.9YWnNOJa-lkp@intel.com/config) compiler: csky-linux-gcc (GCC) 12.1.0 reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://github.com/intel-lab-lkp/linux/commit/6a654188690846a7c5e1de83e390a2bce53d79a8 git remote add linux-review https://github.com/intel-lab-lkp/linux git fetch --no-tags linux-review Scott-Mayhew/keys-export-keyring_ptr_to_key/20230421-042202 git checkout 6a654188690846a7c5e1de83e390a2bce53d79a8 # save the config file mkdir build_dir && cp config build_dir/.config COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=csky olddefconfig COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=csky SHELL=/bin/bash net/sunrpc/auth_gss/ If you fix the issue, kindly add following tag where applicable | Reported-by: kernel test robot <lkp@intel.com> | Link: https://lore.kernel.org/oe-kbuild-all/202304211152.9YWnNOJa-lkp@intel.com/ All warnings (new ones prefixed by >>): In file included from net/sunrpc/auth_gss/auth_gss.c:35: include/keys/request_key_auth-type.h: In function 'get_request_key_auth': include/keys/request_key_auth-type.h:29:19: error: invalid use of undefined type 'const struct key' 29 | return key->payload.data[0]; | ^~ net/sunrpc/auth_gss/auth_gss.c: In function 'gss_create_upcall': net/sunrpc/auth_gss/auth_gss.c:730:31: error: implicit declaration of function 'key_instantiate_and_link'; did you mean 'd_instantiate_anon'? [-Werror=implicit-function-declaration] 730 | err = key_instantiate_and_link(key, gss_cred, | ^~~~~~~~~~~~~~~~~~~~~~~~ | d_instantiate_anon net/sunrpc/auth_gss/auth_gss.c:734:33: error: implicit declaration of function 'key_set_timeout'; did you mean 'reqsk_timeout'? [-Werror=implicit-function-declaration] 734 | key_set_timeout(key, gss_msg->timeout); | ^~~~~~~~~~~~~~~ | reqsk_timeout net/sunrpc/auth_gss/auth_gss.c:735:39: error: implicit declaration of function 'key_link'; did you mean 'kfree_link'? [-Werror=implicit-function-declaration] 735 | err = key_link(gss_auth->keyring_cred->thread_keyring, | ^~~~~~~~ | kfree_link net/sunrpc/auth_gss/auth_gss.c:735:70: error: 'struct cred' has no member named 'thread_keyring' 735 | err = key_link(gss_auth->keyring_cred->thread_keyring, | ^~ net/sunrpc/auth_gss/auth_gss.c:738:25: error: implicit declaration of function 'complete_request_key'; did you mean 'complete_release'? [-Werror=implicit-function-declaration] 738 | complete_request_key(authkey, err); | ^~~~~~~~~~~~~~~~~~~~ | complete_release net/sunrpc/auth_gss/auth_gss.c: In function 'gss_create_new': net/sunrpc/auth_gss/auth_gss.c:1154:27: error: implicit declaration of function 'keyring_alloc'; did you mean 'warn_alloc'? [-Werror=implicit-function-declaration] 1154 | keyring = keyring_alloc("gss_keyring", | ^~~~~~~~~~~~~ | warn_alloc net/sunrpc/auth_gss/auth_gss.c:1156:42: error: 'KEY_POS_ALL' undeclared (first use in this function) 1156 | (KEY_POS_ALL & ~KEY_POS_SETATTR) | | ^~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1156:42: note: each undeclared identifier is reported only once for each function it appears in net/sunrpc/auth_gss/auth_gss.c:1156:57: error: 'KEY_POS_SETATTR' undeclared (first use in this function) 1156 | (KEY_POS_ALL & ~KEY_POS_SETATTR) | | ^~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1157:41: error: 'KEY_USR_VIEW' undeclared (first use in this function) 1157 | KEY_USR_VIEW | KEY_USR_READ, | ^~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1157:56: error: 'KEY_USR_READ' undeclared (first use in this function); did you mean 'KEYCTL_READ'? 1157 | KEY_USR_VIEW | KEY_USR_READ, | ^~~~~~~~~~~~ | KEYCTL_READ net/sunrpc/auth_gss/auth_gss.c:1158:41: error: 'KEY_ALLOC_NOT_IN_QUOTA' undeclared (first use in this function) 1158 | KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL); | ^~~~~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1163:25: error: 'KEY_FLAG_ROOT_CAN_CLEAR' undeclared (first use in this function) 1163 | set_bit(KEY_FLAG_ROOT_CAN_CLEAR, &keyring->flags); | ^~~~~~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1163:58: error: invalid use of undefined type 'struct key' 1163 | set_bit(KEY_FLAG_ROOT_CAN_CLEAR, &keyring->flags); | ^~ net/sunrpc/auth_gss/auth_gss.c:1164:21: error: 'struct cred' has no member named 'thread_keyring' 1164 | cred->thread_keyring = keyring; | ^~ net/sunrpc/auth_gss/auth_gss.c:1165:21: error: 'struct cred' has no member named 'jit_keyring' 1165 | cred->jit_keyring = KEY_REQKEY_DEFL_THREAD_KEYRING; | ^~ net/sunrpc/auth_gss/auth_gss.c:1170:55: error: 'struct cred' has no member named 'thread_keyring' 1170 | gss_auth->keyring_cred->thread_keyring : NULL); | ^~ net/sunrpc/auth_gss/auth_gss.c:1190:55: error: 'struct cred' has no member named 'thread_keyring' 1190 | gss_auth->keyring_cred->thread_keyring : NULL); | ^~ net/sunrpc/auth_gss/auth_gss.c: In function 'gss_key_gc_iterator': net/sunrpc/auth_gss/auth_gss.c:1223:27: error: implicit declaration of function 'keyring_ptr_to_key' [-Werror=implicit-function-declaration] 1223 | struct key *key = keyring_ptr_to_key(object); | ^~~~~~~~~~~~~~~~~~ >> net/sunrpc/auth_gss/auth_gss.c:1223:27: warning: initialization of 'struct key *' from 'int' makes pointer from integer without a cast [-Wint-conversion] net/sunrpc/auth_gss/auth_gss.c:1224:36: error: invalid use of undefined type 'struct key' 1224 | struct gss_cred *cred = key->payload.data[0]; | ^~ net/sunrpc/auth_gss/auth_gss.c:1227:20: error: invalid use of undefined type 'struct key' 1227 | key->payload.data[0] = NULL; | ^~ net/sunrpc/auth_gss/auth_gss.c: In function 'gss_destroy': net/sunrpc/auth_gss/auth_gss.c:1253:17: error: implicit declaration of function 'keyring_gc_custom' [-Werror=implicit-function-declaration] 1253 | keyring_gc_custom(gss_auth->keyring_cred->thread_keyring, | ^~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1253:57: error: 'struct cred' has no member named 'thread_keyring' 1253 | keyring_gc_custom(gss_auth->keyring_cred->thread_keyring, | ^~ net/sunrpc/auth_gss/auth_gss.c: In function 'gss_request_key': net/sunrpc/auth_gss/auth_gss.c:1483:9: error: unknown type name 'key_ref_t'; did you mean 'key_ref_put'? 1483 | key_ref_t keyref; | ^~~~~~~~~ | key_ref_put net/sunrpc/auth_gss/auth_gss.c:1485:18: error: implicit declaration of function 'lookup_user_key' [-Werror=implicit-function-declaration] 1485 | keyref = lookup_user_key(KEY_SPEC_USER_KEYRING, | ^~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1486:34: error: 'KEY_LOOKUP_CREATE' undeclared (first use in this function) 1486 | KEY_LOOKUP_CREATE, KEY_NEED_SEARCH); | ^~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1486:53: error: 'KEY_NEED_SEARCH' undeclared (first use in this function); did you mean 'KEYCTL_SEARCH'? 1486 | KEY_LOOKUP_CREATE, KEY_NEED_SEARCH); | ^~~~~~~~~~~~~~~ | KEYCTL_SEARCH >> net/sunrpc/auth_gss/auth_gss.c:1487:20: warning: passing argument 1 of 'IS_ERR' makes pointer from integer without a cast [-Wint-conversion] 1487 | if (IS_ERR(keyref)) | ^~~~~~ | | | int In file included from include/linux/rwsem.h:17, from include/linux/mm_types.h:13, from include/linux/buildid.h:5, from include/linux/module.h:14, from net/sunrpc/auth_gss/auth_gss.c:14: include/linux/err.h:34:60: note: expected 'const void *' but argument is of type 'int' 34 | static inline bool __must_check IS_ERR(__force const void *ptr) | ~~~~~~~~~~~~^~~ >> net/sunrpc/auth_gss/auth_gss.c:1488:33: warning: passing argument 1 of 'ERR_CAST' makes pointer from integer without a cast [-Wint-conversion] 1488 | return ERR_CAST(keyref); | ^~~~~~ | | | int include/linux/err.h:51:64: note: expected 'const void *' but argument is of type 'int' 51 | static inline void * __must_check ERR_CAST(__force const void *ptr) | ~~~~~~~~~~~~^~~ net/sunrpc/auth_gss/auth_gss.c:1524:15: error: implicit declaration of function 'request_key_with_auxdata' [-Werror=implicit-function-declaration] 1524 | key = request_key_with_auxdata(&key_type_gss_cred, desc, | ^~~~~~~~~~~~~~~~~~~~~~~~ >> net/sunrpc/auth_gss/auth_gss.c:1524:13: warning: assignment to 'struct key *' from 'int' makes pointer from integer without a cast [-Wint-conversion] 1524 | key = request_key_with_auxdata(&key_type_gss_cred, desc, | ^ net/sunrpc/auth_gss/auth_gss.c: In function 'gss_lookup_keyring': net/sunrpc/auth_gss/auth_gss.c:1547:23: error: invalid use of undefined type 'struct key' 1547 | down_read(&key->sem); | ^~ net/sunrpc/auth_gss/auth_gss.c:1548:23: error: invalid use of undefined type 'struct key' 1548 | gss_cred = key->payload.data[0]; | ^~ net/sunrpc/auth_gss/auth_gss.c:1555:21: error: invalid use of undefined type 'struct key' 1555 | up_read(&key->sem); | ^~ net/sunrpc/auth_gss/auth_gss.c: At top level: >> net/sunrpc/auth_gss/auth_gss.c:1615:34: warning: 'struct key_match_data' declared inside parameter list will not be visible outside of this definition or declaration 1615 | const struct key_match_data *match_data) | ^~~~~~~~~~~~~~ In file included from include/linux/rbtree.h:24, from include/linux/mm_types.h:11: net/sunrpc/auth_gss/auth_gss.c: In function 'gss_cmp': net/sunrpc/auth_gss/auth_gss.c:1617:56: error: invalid use of undefined type 'const struct key' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~ include/linux/rcupdate.h:462:17: note: in definition of macro '__rcu_dereference_check' 462 | typeof(*p) *local = (typeof(*p) *__force)READ_ONCE(p); \ | ^ include/linux/rcupdate.h:682:28: note: in expansion of macro 'rcu_dereference_check' 682 | #define rcu_dereference(p) rcu_dereference_check(p, 0) | ^~~~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1617:37: note: in expansion of macro 'rcu_dereference' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1617:56: error: invalid use of undefined type 'const struct key' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~ include/linux/rcupdate.h:462:38: note: in definition of macro '__rcu_dereference_check' 462 | typeof(*p) *local = (typeof(*p) *__force)READ_ONCE(p); \ | ^ include/linux/rcupdate.h:682:28: note: in expansion of macro 'rcu_dereference_check' 682 | #define rcu_dereference(p) rcu_dereference_check(p, 0) | ^~~~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1617:37: note: in expansion of macro 'rcu_dereference' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~~~~~~~~~~~~~~ In file included from <command-line>: net/sunrpc/auth_gss/auth_gss.c:1617:56: error: invalid use of undefined type 'const struct key' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~ include/linux/compiler_types.h:377:23: note: in definition of macro '__compiletime_assert' 377 | if (!(condition)) \ | ^~~~~~~~~ include/linux/compiler_types.h:397:9: note: in expansion of macro '_compiletime_assert' 397 | _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__) | ^~~~~~~~~~~~~~~~~~~ include/asm-generic/rwonce.h:36:9: note: in expansion of macro 'compiletime_assert' 36 | compiletime_assert(__native_word(t) || sizeof(t) == sizeof(long long), \ | ^~~~~~~~~~~~~~~~~~ include/asm-generic/rwonce.h:36:28: note: in expansion of macro '__native_word' 36 | compiletime_assert(__native_word(t) || sizeof(t) == sizeof(long long), \ | ^~~~~~~~~~~~~ include/asm-generic/rwonce.h:49:9: note: in expansion of macro 'compiletime_assert_rwonce_type' 49 | compiletime_assert_rwonce_type(x); \ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/rcupdate.h:462:50: note: in expansion of macro 'READ_ONCE' 462 | typeof(*p) *local = (typeof(*p) *__force)READ_ONCE(p); \ | ^~~~~~~~~ include/linux/rcupdate.h:610:9: note: in expansion of macro '__rcu_dereference_check' 610 | __rcu_dereference_check((p), __UNIQUE_ID(rcu), \ | ^~~~~~~~~~~~~~~~~~~~~~~ include/linux/rcupdate.h:682:28: note: in expansion of macro 'rcu_dereference_check' 682 | #define rcu_dereference(p) rcu_dereference_check(p, 0) | ^~~~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1617:37: note: in expansion of macro 'rcu_dereference' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1617:56: error: invalid use of undefined type 'const struct key' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~ include/linux/compiler_types.h:377:23: note: in definition of macro '__compiletime_assert' 377 | if (!(condition)) \ | ^~~~~~~~~ include/linux/compiler_types.h:397:9: note: in expansion of macro '_compiletime_assert' 397 | _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__) | ^~~~~~~~~~~~~~~~~~~ include/asm-generic/rwonce.h:36:9: note: in expansion of macro 'compiletime_assert' 36 | compiletime_assert(__native_word(t) || sizeof(t) == sizeof(long long), \ | ^~~~~~~~~~~~~~~~~~ include/asm-generic/rwonce.h:36:28: note: in expansion of macro '__native_word' 36 | compiletime_assert(__native_word(t) || sizeof(t) == sizeof(long long), \ | ^~~~~~~~~~~~~ include/asm-generic/rwonce.h:49:9: note: in expansion of macro 'compiletime_assert_rwonce_type' 49 | compiletime_assert_rwonce_type(x); \ | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ include/linux/rcupdate.h:462:50: note: in expansion of macro 'READ_ONCE' 462 | typeof(*p) *local = (typeof(*p) *__force)READ_ONCE(p); \ | ^~~~~~~~~ include/linux/rcupdate.h:610:9: note: in expansion of macro '__rcu_dereference_check' 610 | __rcu_dereference_check((p), __UNIQUE_ID(rcu), \ | ^~~~~~~~~~~~~~~~~~~~~~~ include/linux/rcupdate.h:682:28: note: in expansion of macro 'rcu_dereference_check' 682 | #define rcu_dereference(p) rcu_dereference_check(p, 0) | ^~~~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1617:37: note: in expansion of macro 'rcu_dereference' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1617:56: error: invalid use of undefined type 'const struct key' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~ include/linux/compiler_types.h:377:23: note: in definition of macro '__compiletime_assert' 377 | if (!(condition)) \ | ^~~~~~~~~ include/linux/compiler_types.h:397:9: note: in expansion of macro '_compiletime_assert' 397 | _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__) | ^~~~~~~~~~~~~~~~~~~ include/asm-generic/rwonce.h:36:9: note: in expansion of macro 'compiletime_assert' -- | ^~~~~~~~~ include/linux/rcupdate.h:610:9: note: in expansion of macro '__rcu_dereference_check' 610 | __rcu_dereference_check((p), __UNIQUE_ID(rcu), \ | ^~~~~~~~~~~~~~~~~~~~~~~ include/linux/rcupdate.h:682:28: note: in expansion of macro 'rcu_dereference_check' 682 | #define rcu_dereference(p) rcu_dereference_check(p, 0) | ^~~~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1617:37: note: in expansion of macro 'rcu_dereference' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~~~~~~~~~~~~~~ In file included from ./arch/csky/include/generated/asm/rwonce.h:1, from include/linux/compiler.h:247, from include/linux/build_bug.h:5, from include/linux/container_of.h:5, from include/linux/list.h:5, from include/linux/module.h:12: net/sunrpc/auth_gss/auth_gss.c:1617:56: error: invalid use of undefined type 'const struct key' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~ include/asm-generic/rwonce.h:44:73: note: in definition of macro '__READ_ONCE' 44 | #define __READ_ONCE(x) (*(const volatile __unqual_scalar_typeof(x) *)&(x)) | ^ include/linux/rcupdate.h:462:50: note: in expansion of macro 'READ_ONCE' 462 | typeof(*p) *local = (typeof(*p) *__force)READ_ONCE(p); \ | ^~~~~~~~~ include/linux/rcupdate.h:610:9: note: in expansion of macro '__rcu_dereference_check' 610 | __rcu_dereference_check((p), __UNIQUE_ID(rcu), \ | ^~~~~~~~~~~~~~~~~~~~~~~ include/linux/rcupdate.h:682:28: note: in expansion of macro 'rcu_dereference_check' 682 | #define rcu_dereference(p) rcu_dereference_check(p, 0) | ^~~~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1617:37: note: in expansion of macro 'rcu_dereference' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1617:56: error: invalid use of undefined type 'const struct key' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~ include/linux/rcupdate.h:465:19: note: in definition of macro '__rcu_dereference_check' 465 | ((typeof(*p) __force __kernel *)(local)); \ | ^ include/linux/rcupdate.h:682:28: note: in expansion of macro 'rcu_dereference_check' 682 | #define rcu_dereference(p) rcu_dereference_check(p, 0) | ^~~~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1617:37: note: in expansion of macro 'rcu_dereference' 1617 | struct gss_cred *gss_cred = rcu_dereference(key->payload.rcu_data0); | ^~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1639:25: error: invalid use of undefined type 'const struct key' 1639 | ret = strcmp(key->description, match_data->raw_data) == 0; | ^~ net/sunrpc/auth_gss/auth_gss.c:1639:50: error: invalid use of undefined type 'const struct key_match_data' 1639 | ret = strcmp(key->description, match_data->raw_data) == 0; | ^~ net/sunrpc/auth_gss/auth_gss.c: At top level: net/sunrpc/auth_gss/auth_gss.c:1643:38: warning: 'struct key_match_data' declared inside parameter list will not be visible outside of this definition or declaration 1643 | static int gss_match_preparse(struct key_match_data *match_data) | ^~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c: In function 'gss_match_preparse': net/sunrpc/auth_gss/auth_gss.c:1645:19: error: invalid use of undefined type 'struct key_match_data' 1645 | match_data->cmp = gss_cmp; | ^~ net/sunrpc/auth_gss/auth_gss.c:1646:19: error: invalid use of undefined type 'struct key_match_data' 1646 | match_data->lookup_type = KEYRING_SEARCH_LOOKUP_ITERATE; | ^~ net/sunrpc/auth_gss/auth_gss.c:1646:35: error: 'KEYRING_SEARCH_LOOKUP_ITERATE' undeclared (first use in this function) 1646 | match_data->lookup_type = KEYRING_SEARCH_LOOKUP_ITERATE; | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c: At top level: net/sunrpc/auth_gss/auth_gss.c:1675:6: warning: no previous prototype for 'gss_key_revoke' [-Wmissing-prototypes] 1675 | void gss_key_revoke(struct key *key) | ^~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c: In function 'gss_key_revoke': net/sunrpc/auth_gss/auth_gss.c:1677:36: error: invalid use of undefined type 'struct key' 1677 | struct gss_cred *cred = key->payload.data[0]; | ^~ net/sunrpc/auth_gss/auth_gss.c:1680:20: error: invalid use of undefined type 'struct key' 1680 | key->payload.data[0] = NULL; | ^~ net/sunrpc/auth_gss/auth_gss.c: In function 'gss_key_destroy': net/sunrpc/auth_gss/auth_gss.c:1685:36: error: invalid use of undefined type 'struct key' 1685 | struct gss_cred *cred = key->payload.data[0]; | ^~ net/sunrpc/auth_gss/auth_gss.c:1688:20: error: invalid use of undefined type 'struct key' 1688 | key->payload.data[0] = NULL; | ^~ net/sunrpc/auth_gss/auth_gss.c: At top level: net/sunrpc/auth_gss/auth_gss.c:1691:6: warning: no previous prototype for 'gss_describe' [-Wmissing-prototypes] 1691 | void gss_describe(const struct key *key, struct seq_file *m) | ^~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c: In function 'gss_describe': net/sunrpc/auth_gss/auth_gss.c:1693:40: error: invalid use of undefined type 'const struct key' 1693 | struct gss_cred *gss_cred = key->payload.data[0]; | ^~ net/sunrpc/auth_gss/auth_gss.c:1698:24: error: invalid use of undefined type 'const struct key' 1698 | seq_puts(m, key->description); | ^~ net/sunrpc/auth_gss/auth_gss.c:1699:13: error: implicit declaration of function 'key_is_positive'; did you mean 'd_is_positive'? [-Werror=implicit-function-declaration] 1699 | if (key_is_positive(key)) { | ^~~~~~~~~~~~~~~ | d_is_positive net/sunrpc/auth_gss/auth_gss.c: At top level: >> net/sunrpc/auth_gss/auth_gss.c:1704:49: warning: 'struct key_preparsed_payload' declared inside parameter list will not be visible outside of this definition or declaration 1704 | int gss_key_instantiate(struct key *key, struct key_preparsed_payload *prep) | ^~~~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1704:5: warning: no previous prototype for 'gss_key_instantiate' [-Wmissing-prototypes] 1704 | int gss_key_instantiate(struct key *key, struct key_preparsed_payload *prep) | ^~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c: In function 'gss_key_instantiate': net/sunrpc/auth_gss/auth_gss.c:1706:17: error: invalid use of undefined type 'struct key_preparsed_payload' 1706 | if (prep->datalen != key->type->def_datalen) | ^~ net/sunrpc/auth_gss/auth_gss.c:1706:33: error: invalid use of undefined type 'struct key' 1706 | if (prep->datalen != key->type->def_datalen) | ^~ net/sunrpc/auth_gss/auth_gss.c:1709:9: error: implicit declaration of function 'rcu_assign_keypointer'; did you mean 'rcu_assign_pointer'? [-Werror=implicit-function-declaration] 1709 | rcu_assign_keypointer(key, (struct gss_cred *)prep->data); | ^~~~~~~~~~~~~~~~~~~~~ | rcu_assign_pointer net/sunrpc/auth_gss/auth_gss.c:1709:59: error: invalid use of undefined type 'struct key_preparsed_payload' 1709 | rcu_assign_keypointer(key, (struct gss_cred *)prep->data); | ^~ net/sunrpc/auth_gss/auth_gss.c: At top level: net/sunrpc/auth_gss/auth_gss.c:1713:15: error: variable 'key_type_gss_cred' has initializer but incomplete type 1713 | static struct key_type key_type_gss_cred = { | ^~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1714:10: error: 'struct key_type' has no member named 'name' 1714 | .name = "gss_cred", | ^~~~ >> net/sunrpc/auth_gss/auth_gss.c:1714:17: warning: excess elements in struct initializer 1714 | .name = "gss_cred", | ^~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1714:17: note: (near initialization for 'key_type_gss_cred') net/sunrpc/auth_gss/auth_gss.c:1715:10: error: 'struct key_type' has no member named 'def_datalen' 1715 | .def_datalen = sizeof(struct gss_cred *), | ^~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1715:27: warning: excess elements in struct initializer 1715 | .def_datalen = sizeof(struct gss_cred *), | ^~~~~~ net/sunrpc/auth_gss/auth_gss.c:1715:27: note: (near initialization for 'key_type_gss_cred') net/sunrpc/auth_gss/auth_gss.c:1716:10: error: 'struct key_type' has no member named 'instantiate' 1716 | .instantiate = gss_key_instantiate, | ^~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1716:27: warning: excess elements in struct initializer 1716 | .instantiate = gss_key_instantiate, | ^~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1716:27: note: (near initialization for 'key_type_gss_cred') net/sunrpc/auth_gss/auth_gss.c:1717:10: error: 'struct key_type' has no member named 'match_preparse' 1717 | .match_preparse = gss_match_preparse, | ^~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1717:27: warning: excess elements in struct initializer 1717 | .match_preparse = gss_match_preparse, | ^~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1717:27: note: (near initialization for 'key_type_gss_cred') net/sunrpc/auth_gss/auth_gss.c:1718:10: error: 'struct key_type' has no member named 'revoke' 1718 | .revoke = gss_key_revoke, | ^~~~~~ net/sunrpc/auth_gss/auth_gss.c:1718:27: warning: excess elements in struct initializer 1718 | .revoke = gss_key_revoke, | ^~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1718:27: note: (near initialization for 'key_type_gss_cred') net/sunrpc/auth_gss/auth_gss.c:1719:10: error: 'struct key_type' has no member named 'destroy' 1719 | .destroy = gss_key_destroy, | ^~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1719:27: warning: excess elements in struct initializer 1719 | .destroy = gss_key_destroy, | ^~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1719:27: note: (near initialization for 'key_type_gss_cred') net/sunrpc/auth_gss/auth_gss.c:1720:10: error: 'struct key_type' has no member named 'describe' 1720 | .describe = gss_describe, | ^~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1720:27: warning: excess elements in struct initializer 1720 | .describe = gss_describe, | ^~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1720:27: note: (near initialization for 'key_type_gss_cred') net/sunrpc/auth_gss/auth_gss.c:1721:10: error: 'struct key_type' has no member named 'request_key' 1721 | .request_key = gss_request_key_upcall, | ^~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1721:27: warning: excess elements in struct initializer 1721 | .request_key = gss_request_key_upcall, | ^~~~~~~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1721:27: note: (near initialization for 'key_type_gss_cred') net/sunrpc/auth_gss/auth_gss.c: In function 'init_rpcsec_gss': net/sunrpc/auth_gss/auth_gss.c:2569:23: error: implicit declaration of function 'register_key_type' [-Werror=implicit-function-declaration] 2569 | err = register_key_type(&key_type_gss_cred); | ^~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c: In function 'exit_rpcsec_gss': net/sunrpc/auth_gss/auth_gss.c:2586:17: error: implicit declaration of function 'unregister_key_type'; did you mean 'unregister_one_node'? [-Werror=implicit-function-declaration] 2586 | unregister_key_type(&key_type_gss_cred); | ^~~~~~~~~~~~~~~~~~~ | unregister_one_node net/sunrpc/auth_gss/auth_gss.c: At top level: net/sunrpc/auth_gss/auth_gss.c:1713:24: error: storage size of 'key_type_gss_cred' isn't known 1713 | static struct key_type key_type_gss_cred = { | ^~~~~~~~~~~~~~~~~ net/sunrpc/auth_gss/auth_gss.c:1713:24: error: storage size of 'key_type_gss_cred' isn't known include/keys/request_key_auth-type.h: In function 'get_request_key_auth': include/keys/request_key_auth-type.h:30:1: error: control reaches end of non-void function [-Werror=return-type] 30 | } | ^ cc1: some warnings being treated as errors vim +1223 net/sunrpc/auth_gss/auth_gss.c 1220 1221 static bool gss_key_gc_iterator(void *object, void *__unused) 1222 { > 1223 struct key *key = keyring_ptr_to_key(object); 1224 struct gss_cred *cred = key->payload.data[0]; 1225 1226 if (cred && put_rpccred(&cred->gc_base)) { 1227 key->payload.data[0] = NULL; 1228 return false; 1229 } 1230 key_get(key); 1231 return true; 1232 } 1233 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests ^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings 2023-04-20 20:20 ` [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings Scott Mayhew 2023-04-20 21:54 ` kernel test robot 2023-04-21 3:32 ` kernel test robot @ 2023-04-21 5:14 ` kernel test robot 2023-04-21 6:15 ` kernel test robot ` (2 subsequent siblings) 5 siblings, 0 replies; 17+ messages in thread From: kernel test robot @ 2023-04-21 5:14 UTC (permalink / raw) To: Scott Mayhew; +Cc: oe-kbuild-all Hi Scott, [This is a private test report for your RFC patch.] kernel test robot noticed the following build errors: [auto build test ERROR on trondmy-nfs/linux-next] [also build test ERROR on linus/master v6.3-rc7 next-20230420] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Scott-Mayhew/keys-export-keyring_ptr_to_key/20230421-042202 base: git://git.linux-nfs.org/projects/trondmy/linux-nfs.git linux-next patch link: https://lore.kernel.org/r/20230420202004.239116-6-smayhew%40redhat.com patch subject: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings config: arc-defconfig (https://download.01.org/0day-ci/archive/20230421/202304211200.n2ErV9D8-lkp@intel.com/config) compiler: arc-elf-gcc (GCC) 12.1.0 reproduce (this is a W=1 build): wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross chmod +x ~/bin/make.cross # https://github.com/intel-lab-lkp/linux/commit/6a654188690846a7c5e1de83e390a2bce53d79a8 git remote add linux-review https://github.com/intel-lab-lkp/linux git fetch --no-tags linux-review Scott-Mayhew/keys-export-keyring_ptr_to_key/20230421-042202 git checkout 6a654188690846a7c5e1de83e390a2bce53d79a8 # save the config file mkdir build_dir && cp config build_dir/.config COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=arc olddefconfig COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-12.1.0 make.cross W=1 O=build_dir ARCH=arc SHELL=/bin/bash If you fix the issue, kindly add following tag where applicable | Reported-by: kernel test robot <lkp@intel.com> | Link: https://lore.kernel.org/oe-kbuild-all/202304211200.n2ErV9D8-lkp@intel.com/ All errors (new ones prefixed by >>): In file included from include/trace/define_trace.h:102, from include/trace/events/rpcgss.h:726, from net/sunrpc/auth_gss/trace.c:14: include/trace/events/rpcgss.h: In function 'trace_event_raw_event_rpcgss_request_key_result': >> include/trace/events/rpcgss.h:654:46: error: invalid use of undefined type 'const struct key' 654 | __entry->serial = key->serial; | ^~ include/trace/trace_events.h:402:11: note: in definition of macro 'DECLARE_EVENT_CLASS' 402 | { assign; } \ | ^~~~~~ include/trace/trace_events.h:44:30: note: in expansion of macro 'PARAMS' 44 | PARAMS(assign), \ | ^~~~~~ include/trace/events/rpcgss.h:629:1: note: in expansion of macro 'TRACE_EVENT' 629 | TRACE_EVENT(rpcgss_request_key_result, | ^~~~~~~~~~~ include/trace/events/rpcgss.h:645:9: note: in expansion of macro 'TP_fast_assign' 645 | TP_fast_assign( | ^~~~~~~~~~~~~~ In file included from include/trace/define_trace.h:103: include/trace/events/rpcgss.h: In function 'perf_trace_rpcgss_request_key_result': >> include/trace/events/rpcgss.h:654:46: error: invalid use of undefined type 'const struct key' 654 | __entry->serial = key->serial; | ^~ include/trace/perf.h:51:11: note: in definition of macro 'DECLARE_EVENT_CLASS' 51 | { assign; } \ | ^~~~~~ include/trace/trace_events.h:44:30: note: in expansion of macro 'PARAMS' 44 | PARAMS(assign), \ | ^~~~~~ include/trace/events/rpcgss.h:629:1: note: in expansion of macro 'TRACE_EVENT' 629 | TRACE_EVENT(rpcgss_request_key_result, | ^~~~~~~~~~~ include/trace/events/rpcgss.h:645:9: note: in expansion of macro 'TP_fast_assign' 645 | TP_fast_assign( | ^~~~~~~~~~~~~~ vim +654 include/trace/events/rpcgss.h 628 629 TRACE_EVENT(rpcgss_request_key_result, 630 TP_PROTO( 631 const struct auth_cred *acred, 632 const struct key *key 633 ), 634 635 TP_ARGS(acred, key), 636 637 TP_STRUCT__entry( 638 __field(u32, uid) 639 __string(principal, acred->principal) 640 __field(const void *, credkey) 641 __field(int, serial) 642 __field(int, error) 643 ), 644 645 TP_fast_assign( 646 __entry->uid = from_kuid(&init_user_ns, acred->cred->fsuid); 647 __assign_str(principal, acred->principal); 648 if (IS_ERR(key)) { 649 __entry->credkey = 0; 650 __entry->serial = 0; 651 __entry->error = PTR_ERR(key); 652 } else { 653 __entry->credkey = key; > 654 __entry->serial = key->serial; 655 __entry->error = 0; 656 } 657 ), 658 659 TP_printk(" for acred { uid %u princ %s }, key=%px serial=%d error=%d", 660 __entry->uid, __get_str(principal), __entry->credkey, 661 __entry->serial, __entry->error) 662 ); 663 -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests ^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings 2023-04-20 20:20 ` [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings Scott Mayhew ` (2 preceding siblings ...) 2023-04-21 5:14 ` kernel test robot @ 2023-04-21 6:15 ` kernel test robot 2023-04-21 10:13 ` Dan Carpenter 2023-04-22 21:27 ` Ben Boeckel 5 siblings, 0 replies; 17+ messages in thread From: kernel test robot @ 2023-04-21 6:15 UTC (permalink / raw) To: Scott Mayhew; +Cc: oe-kbuild-all Hi Scott, [This is a private test report for your RFC patch.] kernel test robot noticed the following build warnings: [auto build test WARNING on trondmy-nfs/linux-next] [also build test WARNING on linus/master v6.3-rc7 next-20230420] [If your patch is applied to the wrong git tree, kindly drop us a note. And when submitting patch, we suggest to use '--base' as documented in https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Scott-Mayhew/keys-export-keyring_ptr_to_key/20230421-042202 base: git://git.linux-nfs.org/projects/trondmy/linux-nfs.git linux-next patch link: https://lore.kernel.org/r/20230420202004.239116-6-smayhew%40redhat.com patch subject: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings config: i386-randconfig-s001-20230417 (https://download.01.org/0day-ci/archive/20230421/202304211345.dP8dG5I5-lkp@intel.com/config) compiler: gcc-11 (Debian 11.3.0-8) 11.3.0 reproduce: # apt-get install sparse # sparse version: v0.6.4-39-gce1a6720-dirty # https://github.com/intel-lab-lkp/linux/commit/6a654188690846a7c5e1de83e390a2bce53d79a8 git remote add linux-review https://github.com/intel-lab-lkp/linux git fetch --no-tags linux-review Scott-Mayhew/keys-export-keyring_ptr_to_key/20230421-042202 git checkout 6a654188690846a7c5e1de83e390a2bce53d79a8 # save the config file mkdir build_dir && cp config build_dir/.config make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=i386 olddefconfig make W=1 C=1 CF='-fdiagnostic-prefix -D__CHECK_ENDIAN__' O=build_dir ARCH=i386 SHELL=/bin/bash net/sunrpc/auth_gss/ If you fix the issue, kindly add following tag where applicable | Reported-by: kernel test robot <lkp@intel.com> | Link: https://lore.kernel.org/oe-kbuild-all/202304211345.dP8dG5I5-lkp@intel.com/ sparse warnings: (new ones prefixed by >>) >> net/sunrpc/auth_gss/auth_gss.c:1675:6: sparse: sparse: symbol 'gss_key_revoke' was not declared. Should it be static? >> net/sunrpc/auth_gss/auth_gss.c:1691:6: sparse: sparse: symbol 'gss_describe' was not declared. Should it be static? >> net/sunrpc/auth_gss/auth_gss.c:1704:5: sparse: sparse: symbol 'gss_key_instantiate' was not declared. Should it be static? net/sunrpc/auth_gss/auth_gss.c: note: in included file (through include/linux/cred.h, include/linux/sched/signal.h, include/linux/rcuwait.h, ...): >> include/linux/key.h:421:45: sparse: sparse: marked inline, but without a definition -- net/sunrpc/auth_gss/trace.c: note: in included file (through include/trace/trace_events.h, include/trace/define_trace.h, include/trace/events/rpcgss.h): >> include/trace/events/rpcgss.h:629:1: sparse: sparse: Using plain integer as NULL pointer net/sunrpc/auth_gss/trace.c: note: in included file (through include/trace/perf.h, include/trace/define_trace.h, include/trace/events/rpcgss.h): >> include/trace/events/rpcgss.h:629:1: sparse: sparse: Using plain integer as NULL pointer -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests ^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings 2023-04-20 20:20 ` [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings Scott Mayhew ` (3 preceding siblings ...) 2023-04-21 6:15 ` kernel test robot @ 2023-04-21 10:13 ` Dan Carpenter 2023-04-22 21:27 ` Ben Boeckel 5 siblings, 0 replies; 17+ messages in thread From: Dan Carpenter @ 2023-04-21 10:13 UTC (permalink / raw) To: oe-kbuild, Scott Mayhew; +Cc: lkp, oe-kbuild-all Hi Scott, [This is a private test report for your RFC patch.] kernel test robot noticed the following build warnings: https://git-scm.com/docs/git-format-patch#_base_tree_information] url: https://github.com/intel-lab-lkp/linux/commits/Scott-Mayhew/keys-export-keyring_ptr_to_key/20230421-042202 base: git://git.linux-nfs.org/projects/trondmy/linux-nfs.git linux-next patch link: https://lore.kernel.org/r/20230420202004.239116-6-smayhew%40redhat.com patch subject: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings config: x86_64-randconfig-m001 (https://download.01.org/0day-ci/archive/20230421/202304211447.EkD6EpWB-lkp@intel.com/config) compiler: gcc-11 (Debian 11.3.0-8) 11.3.0 If you fix the issue, kindly add following tag where applicable | Reported-by: kernel test robot <lkp@intel.com> | Reported-by: Dan Carpenter <error27@gmail.com> | Link: https://lore.kernel.org/r/202304211447.EkD6EpWB-lkp@intel.com/ New smatch warnings: net/sunrpc/auth_gss/auth_gss.c:1189 gss_create_new() error: we previously assumed 'gss_auth' could be null (see line 1089) net/sunrpc/auth_gss/auth_gss.c:1189 gss_create_new() error: dereferencing freed memory 'gss_auth' Old smatch warnings: net/sunrpc/auth_gss/auth_gss.c:2183 gss_wrap_req_priv() warn: missing error code 'status' vim +/gss_auth +1189 net/sunrpc/auth_gss/auth_gss.c eb6dc19d8e72ce Trond Myklebust 2013-08-28 1076 static struct gss_auth * 82b98ca566ca2a Sargun Dhillon 2018-07-05 1077 gss_create_new(const struct rpc_auth_create_args *args, struct rpc_clnt *clnt) ^1da177e4c3f41 Linus Torvalds 2005-04-16 1078 { c2190661039b38 Trond Myklebust 2013-08-26 1079 rpc_authflavor_t flavor = args->pseudoflavor; ^1da177e4c3f41 Linus Torvalds 2005-04-16 1080 struct gss_auth *gss_auth; 1917228435eebd Trond Myklebust 2013-08-26 1081 struct gss_pipe *gss_pipe; ^1da177e4c3f41 Linus Torvalds 2005-04-16 1082 struct rpc_auth * auth; 6a19275ada9137 J. Bruce Fields 2005-06-22 1083 int err = -ENOMEM; /* XXX? */ 6a654188690846 Scott Mayhew 2023-04-20 1084 struct cred *cred; 6a654188690846 Scott Mayhew 2023-04-20 1085 struct key *keyring; ^1da177e4c3f41 Linus Torvalds 2005-04-16 1086 ^1da177e4c3f41 Linus Torvalds 2005-04-16 1087 if (!try_module_get(THIS_MODULE)) 6a19275ada9137 J. Bruce Fields 2005-06-22 1088 return ERR_PTR(err); ^1da177e4c3f41 Linus Torvalds 2005-04-16 @1089 if (!(gss_auth = kmalloc(sizeof(*gss_auth), GFP_KERNEL))) ^1da177e4c3f41 Linus Torvalds 2005-04-16 1090 goto out_dec; gss_auth is NULL. eb6dc19d8e72ce Trond Myklebust 2013-08-28 1091 INIT_HLIST_NODE(&gss_auth->hash); bd4a3eb15bb422 Trond Myklebust 2013-08-23 1092 gss_auth->target_name = NULL; c2190661039b38 Trond Myklebust 2013-08-26 1093 if (args->target_name) { c2190661039b38 Trond Myklebust 2013-08-26 1094 gss_auth->target_name = kstrdup(args->target_name, GFP_KERNEL); bd4a3eb15bb422 Trond Myklebust 2013-08-23 1095 if (gss_auth->target_name == NULL) bd4a3eb15bb422 Trond Myklebust 2013-08-23 1096 goto err_free; bd4a3eb15bb422 Trond Myklebust 2013-08-23 1097 } ^1da177e4c3f41 Linus Torvalds 2005-04-16 1098 gss_auth->client = clnt; 9b1831e56c7f33 Eric Dumazet 2022-01-27 1099 gss_auth->net = get_net_track(rpc_net_ns(clnt), &gss_auth->ns_tracker, 9b1831e56c7f33 Eric Dumazet 2022-01-27 1100 GFP_KERNEL); 6a19275ada9137 J. Bruce Fields 2005-06-22 1101 err = -EINVAL; ^1da177e4c3f41 Linus Torvalds 2005-04-16 1102 gss_auth->mech = gss_mech_get_by_pseudoflavor(flavor); 0c77668ddb4e7b Chuck Lever 2019-02-11 1103 if (!gss_auth->mech) e726340ac9cf6b Trond Myklebust 2013-08-23 1104 goto err_put_net; ^1da177e4c3f41 Linus Torvalds 2005-04-16 1105 gss_auth->service = gss_pseudoflavor_to_service(gss_auth->mech, flavor); 438b6fdebf2a2e J. Bruce Fields 2005-06-22 1106 if (gss_auth->service == 0) 438b6fdebf2a2e J. Bruce Fields 2005-06-22 1107 goto err_put_mech; a699d65ec4ff82 Trond Myklebust 2014-02-10 1108 if (!gssd_running(gss_auth->net)) a699d65ec4ff82 Trond Myklebust 2014-02-10 1109 goto err_put_mech; ^1da177e4c3f41 Linus Torvalds 2005-04-16 1110 auth = &gss_auth->rpc_auth; ^1da177e4c3f41 Linus Torvalds 2005-04-16 1111 auth->au_cslack = GSS_CRED_SLACK >> 2; 6e460c230d2dfb Chuck Lever 2023-01-15 1112 BUILD_BUG_ON(GSS_KRB5_MAX_SLACK_NEEDED > RPC_MAX_AUTH_SIZE); df513a77117127 Olga Kornievskaia 2020-03-26 1113 auth->au_rslack = GSS_KRB5_MAX_SLACK_NEEDED >> 2; a00275baa68e1e Chuck Lever 2019-02-11 1114 auth->au_verfsize = GSS_VERF_SLACK >> 2; 35e77d21baa04b Chuck Lever 2019-02-11 1115 auth->au_ralign = GSS_VERF_SLACK >> 2; 53bc19f17f2173 Chuck Lever 2020-05-12 1116 __set_bit(RPCAUTH_AUTH_UPDATE_SLACK, &auth->au_flags); ^1da177e4c3f41 Linus Torvalds 2005-04-16 1117 auth->au_ops = &authgss_ops; ^1da177e4c3f41 Linus Torvalds 2005-04-16 1118 auth->au_flavor = flavor; 65b80179f9b817 Chuck Lever 2016-06-29 1119 if (gss_pseudoflavor_to_datatouch(gss_auth->mech, flavor)) 53bc19f17f2173 Chuck Lever 2020-05-12 1120 __set_bit(RPCAUTH_AUTH_DATATOUCH, &auth->au_flags); 331bc71cb1751d Trond Myklebust 2018-10-14 1121 refcount_set(&auth->au_count, 1); 0285ed1f12298e Trond Myklebust 2007-06-27 1122 kref_init(&gss_auth->kref); ^1da177e4c3f41 Linus Torvalds 2005-04-16 1123 1917228435eebd Trond Myklebust 2013-08-26 1124 err = rpcauth_init_credcache(auth); 1917228435eebd Trond Myklebust 2013-08-26 1125 if (err) 1917228435eebd Trond Myklebust 2013-08-26 1126 goto err_put_mech; 34769fc488b463 \"J. Bruce Fields\ 2008-12-23 1127 /* 34769fc488b463 \"J. Bruce Fields\ 2008-12-23 1128 * Note: if we created the old pipe first, then someone who 34769fc488b463 \"J. Bruce Fields\ 2008-12-23 1129 * examined the directory at the right moment might conclude 34769fc488b463 \"J. Bruce Fields\ 2008-12-23 1130 * that we supported only the old pipe. So we instead create 34769fc488b463 \"J. Bruce Fields\ 2008-12-23 1131 * the new pipe first. 34769fc488b463 \"J. Bruce Fields\ 2008-12-23 1132 */ 414a6295984094 Trond Myklebust 2013-08-27 1133 gss_pipe = gss_pipe_get(clnt, "gssd", &gss_upcall_ops_v1); 1917228435eebd Trond Myklebust 2013-08-26 1134 if (IS_ERR(gss_pipe)) { 1917228435eebd Trond Myklebust 2013-08-26 1135 err = PTR_ERR(gss_pipe); 1917228435eebd Trond Myklebust 2013-08-26 1136 goto err_destroy_credcache; 6a19275ada9137 J. Bruce Fields 2005-06-22 1137 } 1917228435eebd Trond Myklebust 2013-08-26 1138 gss_auth->gss_pipe[1] = gss_pipe; ^1da177e4c3f41 Linus Torvalds 2005-04-16 1139 414a6295984094 Trond Myklebust 2013-08-27 1140 gss_pipe = gss_pipe_get(clnt, gss_auth->mech->gm_name, 1917228435eebd Trond Myklebust 2013-08-26 1141 &gss_upcall_ops_v0); 1917228435eebd Trond Myklebust 2013-08-26 1142 if (IS_ERR(gss_pipe)) { 1917228435eebd Trond Myklebust 2013-08-26 1143 err = PTR_ERR(gss_pipe); c239d83b9921b8 Stanislav Kinsbursky 2011-12-26 1144 goto err_destroy_pipe_1; c239d83b9921b8 Stanislav Kinsbursky 2011-12-26 1145 } 1917228435eebd Trond Myklebust 2013-08-26 1146 gss_auth->gss_pipe[0] = gss_pipe; 07a2bf1da4765d Trond Myklebust 2007-06-09 1147 6a654188690846 Scott Mayhew 2023-04-20 1148 if (use_keyring) { 6a654188690846 Scott Mayhew 2023-04-20 1149 cred = prepare_kernel_cred(&init_task); 6a654188690846 Scott Mayhew 2023-04-20 1150 if (!cred) { 6a654188690846 Scott Mayhew 2023-04-20 1151 err = -ENOMEM; 6a654188690846 Scott Mayhew 2023-04-20 1152 goto err_destroy_pipe_0; 6a654188690846 Scott Mayhew 2023-04-20 1153 } 6a654188690846 Scott Mayhew 2023-04-20 1154 keyring = keyring_alloc("gss_keyring", 6a654188690846 Scott Mayhew 2023-04-20 1155 GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred, 6a654188690846 Scott Mayhew 2023-04-20 1156 (KEY_POS_ALL & ~KEY_POS_SETATTR) | 6a654188690846 Scott Mayhew 2023-04-20 1157 KEY_USR_VIEW | KEY_USR_READ, 6a654188690846 Scott Mayhew 2023-04-20 1158 KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL); 6a654188690846 Scott Mayhew 2023-04-20 1159 if (IS_ERR(keyring)) { 6a654188690846 Scott Mayhew 2023-04-20 1160 err = PTR_ERR(keyring); 6a654188690846 Scott Mayhew 2023-04-20 1161 goto err_destroy_cred; 6a654188690846 Scott Mayhew 2023-04-20 1162 } 6a654188690846 Scott Mayhew 2023-04-20 1163 set_bit(KEY_FLAG_ROOT_CAN_CLEAR, &keyring->flags); 6a654188690846 Scott Mayhew 2023-04-20 1164 cred->thread_keyring = keyring; 6a654188690846 Scott Mayhew 2023-04-20 1165 cred->jit_keyring = KEY_REQKEY_DEFL_THREAD_KEYRING; 6a654188690846 Scott Mayhew 2023-04-20 1166 gss_auth->keyring_cred = cred; 6a654188690846 Scott Mayhew 2023-04-20 1167 } 6a654188690846 Scott Mayhew 2023-04-20 1168 6a654188690846 Scott Mayhew 2023-04-20 1169 trace_rpcgss_createauth(flavor, err, gss_auth->keyring_cred ? 6a654188690846 Scott Mayhew 2023-04-20 1170 gss_auth->keyring_cred->thread_keyring : NULL); eb6dc19d8e72ce Trond Myklebust 2013-08-28 1171 return gss_auth; 6a654188690846 Scott Mayhew 2023-04-20 1172 err_destroy_cred: 6a654188690846 Scott Mayhew 2023-04-20 1173 put_cred(cred); 6a654188690846 Scott Mayhew 2023-04-20 1174 err_destroy_pipe_0: 6a654188690846 Scott Mayhew 2023-04-20 1175 gss_pipe_free(gss_auth->gss_pipe[0]); c239d83b9921b8 Stanislav Kinsbursky 2011-12-26 1176 err_destroy_pipe_1: 414a6295984094 Trond Myklebust 2013-08-27 1177 gss_pipe_free(gss_auth->gss_pipe[1]); 1917228435eebd Trond Myklebust 2013-08-26 1178 err_destroy_credcache: 1917228435eebd Trond Myklebust 2013-08-26 1179 rpcauth_destroy_credcache(auth); ^1da177e4c3f41 Linus Torvalds 2005-04-16 1180 err_put_mech: ^1da177e4c3f41 Linus Torvalds 2005-04-16 1181 gss_mech_put(gss_auth->mech); e726340ac9cf6b Trond Myklebust 2013-08-23 1182 err_put_net: 9b1831e56c7f33 Eric Dumazet 2022-01-27 1183 put_net_track(gss_auth->net, &gss_auth->ns_tracker); ^1da177e4c3f41 Linus Torvalds 2005-04-16 1184 err_free: bd4a3eb15bb422 Trond Myklebust 2013-08-23 1185 kfree(gss_auth->target_name); ^1da177e4c3f41 Linus Torvalds 2005-04-16 1186 kfree(gss_auth); ^^^^^^^^ Freed. ^1da177e4c3f41 Linus Torvalds 2005-04-16 1187 out_dec: ^1da177e4c3f41 Linus Torvalds 2005-04-16 1188 module_put(THIS_MODULE); 6a654188690846 Scott Mayhew 2023-04-20 @1189 trace_rpcgss_createauth(flavor, err, gss_auth->keyring_cred ? 6a654188690846 Scott Mayhew 2023-04-20 1190 gss_auth->keyring_cred->thread_keyring : NULL); gss_auth is never valid at this point. 6a19275ada9137 J. Bruce Fields 2005-06-22 1191 return ERR_PTR(err); ^1da177e4c3f41 Linus Torvalds 2005-04-16 1192 } -- 0-DAY CI Kernel Test Service https://github.com/intel/lkp-tests ^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings 2023-04-20 20:20 ` [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings Scott Mayhew ` (4 preceding siblings ...) 2023-04-21 10:13 ` Dan Carpenter @ 2023-04-22 21:27 ` Ben Boeckel 2023-04-24 14:02 ` Scott Mayhew 5 siblings, 1 reply; 17+ messages in thread From: Ben Boeckel @ 2023-04-22 21:27 UTC (permalink / raw) To: Scott Mayhew; +Cc: linux-nfs, keyrings On Thu, Apr 20, 2023 at 16:20:04 -0400, Scott Mayhew wrote: > This patch adds the option to store GSS credentials in keyrings as an > alternative to the RPC credential cache, to give users the ability to > destroy their GSS credentials on demand via 'keyctl unlink'. Can documentation please be added to `Documentation/security/keys` about this key type? > Summary of the changes: > > - Added key_type key_type_gss_cred and associated functions. The > request_key function makes use of the existing upcall mechanism to > gssd. > > - Added a keyring to the gss_auth struct to allow all of the assocated > GSS credentials to be destroyed on RPC client shutdown (when the > filesystem is unmounted). > > - The key description contains the RPC client id, the user id, and the > principal (for machine creds). What is the format of this within the bytes? > - The key payload contains the address of the gss_cred. What is the format of this within the bytes? > - The key is linked to the user's user keyring (KEY_SPEC_USER_KEYRING) > as well as to the keyring on the gss_auth struct. Where is this documented? Can the key be moved later? > - gss_cred_init() now takes an optional pointer to an authkey, which is > passed down to gss_create_upcall() and gss_setup_upcall(), where it is > added to the gss_msg. This is used for complete_request_key() after > the upcall is done. > > - put_rpccred() now returns a bool to indicate whether it called > crdestroy(), and is used by gss_key_revoke() and gss_key_destroy() to > determine whether to clear the key payload. > > - gss_fill_context() now returns the GSS context's timeout via the tout > parameter, which is used to set the timeout of the key. > > - Added the module parameter 'use_keyring'. When set to true, the GSS > credentials are stored in the keyrings. When false, the GSS > credentials are stored in the RPC credential caches. > > - Added a tracepoint to log the result of the key request, which prints > either the key serial or an error return value. > > Signed-off-by: Scott Mayhew <smayhew@redhat.com> > --- > include/linux/sunrpc/auth.h | 4 +- > include/trace/events/rpcgss.h | 46 ++++- > net/sunrpc/auth.c | 9 +- > net/sunrpc/auth_gss/auth_gss.c | 338 +++++++++++++++++++++++++++++++-- > 4 files changed, 376 insertions(+), 21 deletions(-) Thanks, --Ben ^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings 2023-04-22 21:27 ` Ben Boeckel @ 2023-04-24 14:02 ` Scott Mayhew 2023-04-24 14:23 ` Ben Boeckel 0 siblings, 1 reply; 17+ messages in thread From: Scott Mayhew @ 2023-04-24 14:02 UTC (permalink / raw) To: Ben Boeckel; +Cc: linux-nfs, keyrings On Sat, 22 Apr 2023, Ben Boeckel wrote: > On Thu, Apr 20, 2023 at 16:20:04 -0400, Scott Mayhew wrote: > > This patch adds the option to store GSS credentials in keyrings as an > > alternative to the RPC credential cache, to give users the ability to > > destroy their GSS credentials on demand via 'keyctl unlink'. > > Can documentation please be added to `Documentation/security/keys` about > this key type? I'll work on that. > > > Summary of the changes: > > > > - Added key_type key_type_gss_cred and associated functions. The > > request_key function makes use of the existing upcall mechanism to > > gssd. > > > > - Added a keyring to the gss_auth struct to allow all of the assocated > > GSS credentials to be destroyed on RPC client shutdown (when the > > filesystem is unmounted). > > > > - The key description contains the RPC client id, the user id, and the > > principal (for machine creds). > > What is the format of this within the bytes? The format is "clid: <client-id> id: <fsuid> princ:<princ>", where client-id and fsuid are unsigned ints and princ is either "(none)" or "*" if it's a machine cred: crash> p ((struct key *) 0xffff8b4410197900)->description $1 = 0xffff8b4446cbd740 "clid:1 id:1000 princ:(none)" > > > - The key payload contains the address of the gss_cred. > > What is the format of this within the bytes? The payload is just a pointer: crash> p ((struct key *) 0xffff8b4410197900)->payload.data[0] $2 = (void *) 0xffff8b44381cd480 > > > - The key is linked to the user's user keyring (KEY_SPEC_USER_KEYRING) > > as well as to the keyring on the gss_auth struct. > > Where is this documented? Can the key be moved later? It's not - I can add that to the documentation for the new key type. The key should not be moved. I haven't tested if it's possible to move it, but it's something that we'd want to disallow. -Scott > > > - gss_cred_init() now takes an optional pointer to an authkey, which is > > passed down to gss_create_upcall() and gss_setup_upcall(), where it is > > added to the gss_msg. This is used for complete_request_key() after > > the upcall is done. > > > > - put_rpccred() now returns a bool to indicate whether it called > > crdestroy(), and is used by gss_key_revoke() and gss_key_destroy() to > > determine whether to clear the key payload. > > > > - gss_fill_context() now returns the GSS context's timeout via the tout > > parameter, which is used to set the timeout of the key. > > > > - Added the module parameter 'use_keyring'. When set to true, the GSS > > credentials are stored in the keyrings. When false, the GSS > > credentials are stored in the RPC credential caches. > > > > - Added a tracepoint to log the result of the key request, which prints > > either the key serial or an error return value. > > > > Signed-off-by: Scott Mayhew <smayhew@redhat.com> > > --- > > include/linux/sunrpc/auth.h | 4 +- > > include/trace/events/rpcgss.h | 46 ++++- > > net/sunrpc/auth.c | 9 +- > > net/sunrpc/auth_gss/auth_gss.c | 338 +++++++++++++++++++++++++++++++-- > > 4 files changed, 376 insertions(+), 21 deletions(-) > > Thanks, > > --Ben > ^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings 2023-04-24 14:02 ` Scott Mayhew @ 2023-04-24 14:23 ` Ben Boeckel 2023-04-24 15:01 ` Scott Mayhew 0 siblings, 1 reply; 17+ messages in thread From: Ben Boeckel @ 2023-04-24 14:23 UTC (permalink / raw) To: Scott Mayhew; +Cc: linux-nfs, keyrings On Mon, Apr 24, 2023 at 10:02:25 -0400, Scott Mayhew wrote: > On Sat, 22 Apr 2023, Ben Boeckel wrote: > > What is the format of this within the bytes? > > The format is "clid: <client-id> id: <fsuid> princ:<princ>", where > client-id and fsuid are unsigned ints and princ is either "(none)" or > "*" if it's a machine cred: > > crash> p ((struct key *) 0xffff8b4410197900)->description > $1 = 0xffff8b4446cbd740 "clid:1 id:1000 princ:(none)" Thanks. A bit annoying to parse, but doable. > > > - The key payload contains the address of the gss_cred. > > > > What is the format of this within the bytes? > > The payload is just a pointer: > > crash> p ((struct key *) 0xffff8b4410197900)->payload.data[0] > $2 = (void *) 0xffff8b44381cd480 This looks less useful to userspace (beyond some kind of unique ID…though can it be used to extract information about ASLR or any other security mechanism?). Can userspace somehow write to this payload to confuse things at all? I'm no security expert so this is just a "random idea" to at least hopefully trigger Cunningham's Law, but storing it `xor`'d with some per-boot secret could help muddle any information leak/extraction/targeting usefulness. > > > - The key is linked to the user's user keyring (KEY_SPEC_USER_KEYRING) > > > as well as to the keyring on the gss_auth struct. > > > > Where is this documented? Can the key be moved later? > > It's not - I can add that to the documentation for the new key type. > The key should not be moved. I haven't tested if it's possible to move > it, but it's something that we'd want to disallow. If it shouldn't be unlinked that's one thing, there's still the possibility of also linking it from another keyring (I don't see why that should be a problem at least). Also, to be clear I was talking about the `KEY_SPEC_USER_KEYRING` keyring. Keeping it in the `gss_auth`'s keyring makes 100% sense (though if there's no way to keep it there, that seems like a corner case that would need considered). Thanks, --Ben ^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings 2023-04-24 14:23 ` Ben Boeckel @ 2023-04-24 15:01 ` Scott Mayhew 2023-04-24 18:28 ` Ben Boeckel 0 siblings, 1 reply; 17+ messages in thread From: Scott Mayhew @ 2023-04-24 15:01 UTC (permalink / raw) To: Ben Boeckel; +Cc: linux-nfs, keyrings On Mon, 24 Apr 2023, Ben Boeckel wrote: > On Mon, Apr 24, 2023 at 10:02:25 -0400, Scott Mayhew wrote: > > On Sat, 22 Apr 2023, Ben Boeckel wrote: > > > What is the format of this within the bytes? > > > > The format is "clid: <client-id> id: <fsuid> princ:<princ>", where > > client-id and fsuid are unsigned ints and princ is either "(none)" or > > "*" if it's a machine cred: > > > > crash> p ((struct key *) 0xffff8b4410197900)->description > > $1 = 0xffff8b4446cbd740 "clid:1 id:1000 princ:(none)" > > Thanks. A bit annoying to parse, but doable. > > > > > - The key payload contains the address of the gss_cred. > > > > > > What is the format of this within the bytes? > > > > The payload is just a pointer: > > > > crash> p ((struct key *) 0xffff8b4410197900)->payload.data[0] > > $2 = (void *) 0xffff8b44381cd480 > > This looks less useful to userspace (beyond some kind of unique > ID…though can it be used to extract information about ASLR or any other > security mechanism?). Can userspace somehow write to this payload to > confuse things at all? > > I'm no security expert so this is just a "random idea" to at least > hopefully trigger Cunningham's Law, but storing it `xor`'d with some > per-boot secret could help muddle any information > leak/extraction/targeting usefulness. Just to be clear, this isn't meant to be written or read by userspace. The user isn't explicitly requesting the creation of a key with the gss_cred key type. It happens automatically when they access an NFS filesystem mounted with "sec=krb5{,i,p}", using the existing upcall mechanism to rpc.gssd. The only difference is that instead of sticking the resulting gss_cred in the rpc_auth.au_credcache hash table, we're now creating a key with the address of the gss_cred and storing it in keyrings. Note that I didn't even provide a 'read' method for this key type because the payload isn't intended to be read by users. However, in the past some users have requested a 'whoami' type function so they could see what kerberos principal was used to establish the GSS context. I was thinking that would be useful information to output in a 'read' method, however that information is not currently in the kernel - rpc.gssd would need to add the initiator principal to the information it writes in the downcall to the kernel, and I haven't really looked yet to see if it's feasible to do that without breaking the existing upcall mechanism. Also, while I'm currently printing some raw addresses in the tracepoints as well is in the /proc/keys output for this new key type, that is strictly for my own debugging purposes and that stuff will ultimately be removed in the final patches. > > > > > - The key is linked to the user's user keyring (KEY_SPEC_USER_KEYRING) > > > > as well as to the keyring on the gss_auth struct. > > > > > > Where is this documented? Can the key be moved later? > > > > It's not - I can add that to the documentation for the new key type. > > The key should not be moved. I haven't tested if it's possible to move > > it, but it's something that we'd want to disallow. > > If it shouldn't be unlinked that's one thing, there's still the > possibility of also linking it from another keyring (I don't see why > that should be a problem at least). > > Also, to be clear I was talking about the `KEY_SPEC_USER_KEYRING` > keyring. Keeping it in the `gss_auth`'s keyring makes 100% sense (though > if there's no way to keep it there, that seems like a corner case that > would need considered). We definitely allow unlinking - that's sort of the whole point because it allows users to establish a new GSS credential (most likely with a different initiator principal that the old one). It doesn't really make sense for the key to be on any other keyring besides the user keyring. If it were on the session keyring, and if you were logged into multiple sessions, then those sessions would be constantly whacking each others GSS creds and they be constantly creating/destroying new GSS creds with the NFS server. Having them on the session keyring also presents another problem because the NFS client caches NFSv4 open owners, which take a reference on a struct cred. When you log out, pam_keyinit revokes the session keying. If you log back in and try to resume NFS access (generating a new key), the current request key code will find the cred with the revoked session keyring, and it will try to link the new key to that revoked session keyring, which will then fail with -EKEYREVOKED. That's the reason for patches 3/5 and 4/5, to allow request_key_with_auxdata() to link the key directly to the user keyring. -Scott > > Thanks, > > --Ben > ^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings 2023-04-24 15:01 ` Scott Mayhew @ 2023-04-24 18:28 ` Ben Boeckel 0 siblings, 0 replies; 17+ messages in thread From: Ben Boeckel @ 2023-04-24 18:28 UTC (permalink / raw) To: Scott Mayhew; +Cc: linux-nfs, keyrings On Mon, Apr 24, 2023 at 11:01:58 -0400, Scott Mayhew wrote: > Just to be clear, this isn't meant to be written or read by userspace. > The user isn't explicitly requesting the creation of a key with the > gss_cred key type. It happens automatically when they access an NFS > filesystem mounted with "sec=krb5{,i,p}", using the existing upcall > mechanism to rpc.gssd. The only difference is that instead of sticking > the resulting gss_cred in the rpc_auth.au_credcache hash table, we're > now creating a key with the address of the gss_cred and storing it in > keyrings. Ah, ok. I'm mostly interested in the userspace side as the author of https://github.com/mathstuf/rust-keyutils which I try to keep some safe wrappers around various keytypes. > We definitely allow unlinking - that's sort of the whole point because > it allows users to establish a new GSS credential (most likely with a > different initiator principal that the old one). > > It doesn't really make sense for the key to be on any other keyring besides > the user keyring. If it were on the session keyring, and if you were > logged into multiple sessions, then those sessions would be constantly > whacking each others GSS creds and they be constantly > creating/destroying new GSS creds with the NFS server. > > Having them on the session keyring also presents another problem because > the NFS client caches NFSv4 open owners, which take a reference on a > struct cred. When you log out, pam_keyinit revokes the session keying. > If you log back in and try to resume NFS access (generating a new key), > the current request key code will find the cred with the revoked session > keyring, and it will try to link the new key to that revoked session > keyring, which will then fail with -EKEYREVOKED. That's the reason > for patches 3/5 and 4/5, to allow request_key_with_auxdata() to link the > key directly to the user keyring. Ok. These lifetime things definitely deserve docs. Thanks, --Ben ^ permalink raw reply [flat|nested] 17+ messages in thread
* Re: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings
@ 2023-04-21 7:17 kernel test robot
0 siblings, 0 replies; 17+ messages in thread
From: kernel test robot @ 2023-04-21 7:17 UTC (permalink / raw)
To: oe-kbuild; +Cc: lkp, Dan Carpenter
BCC: lkp@intel.com
CC: oe-kbuild-all@lists.linux.dev
In-Reply-To: <20230420202004.239116-6-smayhew@redhat.com>
References: <20230420202004.239116-6-smayhew@redhat.com>
TO: Scott Mayhew <smayhew@redhat.com>
Hi Scott,
[This is a private test report for your RFC patch.]
kernel test robot noticed the following build warnings:
[auto build test WARNING on trondmy-nfs/linux-next]
[also build test WARNING on linus/master v6.3-rc7 next-20230420]
[If your patch is applied to the wrong git tree, kindly drop us a note.
And when submitting patch, we suggest to use '--base' as documented in
https://git-scm.com/docs/git-format-patch#_base_tree_information]
url: https://github.com/intel-lab-lkp/linux/commits/Scott-Mayhew/keys-export-keyring_ptr_to_key/20230421-042202
base: git://git.linux-nfs.org/projects/trondmy/linux-nfs.git linux-next
patch link: https://lore.kernel.org/r/20230420202004.239116-6-smayhew%40redhat.com
patch subject: [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings
:::::: branch date: 11 hours ago
:::::: commit date: 11 hours ago
config: x86_64-randconfig-m001 (https://download.01.org/0day-ci/archive/20230421/202304211447.EkD6EpWB-lkp@intel.com/config)
compiler: gcc-11 (Debian 11.3.0-8) 11.3.0
If you fix the issue, kindly add following tag where applicable
| Reported-by: kernel test robot <lkp@intel.com>
| Reported-by: Dan Carpenter <error27@gmail.com>
| Link: https://lore.kernel.org/r/202304211447.EkD6EpWB-lkp@intel.com/
New smatch warnings:
net/sunrpc/auth_gss/auth_gss.c:1189 gss_create_new() error: we previously assumed 'gss_auth' could be null (see line 1089)
net/sunrpc/auth_gss/auth_gss.c:1189 gss_create_new() error: dereferencing freed memory 'gss_auth'
Old smatch warnings:
net/sunrpc/auth_gss/auth_gss.c:2183 gss_wrap_req_priv() warn: missing error code 'status'
vim +/gss_auth +1189 net/sunrpc/auth_gss/auth_gss.c
ccdc28f81c91f7 Stanislav Kinsbursky 2012-01-11 1071
^1da177e4c3f41 Linus Torvalds 2005-04-16 1072 /*
^1da177e4c3f41 Linus Torvalds 2005-04-16 1073 * NOTE: we have the opportunity to use different
^1da177e4c3f41 Linus Torvalds 2005-04-16 1074 * parameters based on the input flavor (which must be a pseudoflavor)
^1da177e4c3f41 Linus Torvalds 2005-04-16 1075 */
eb6dc19d8e72ce Trond Myklebust 2013-08-28 1076 static struct gss_auth *
82b98ca566ca2a Sargun Dhillon 2018-07-05 1077 gss_create_new(const struct rpc_auth_create_args *args, struct rpc_clnt *clnt)
^1da177e4c3f41 Linus Torvalds 2005-04-16 1078 {
c2190661039b38 Trond Myklebust 2013-08-26 1079 rpc_authflavor_t flavor = args->pseudoflavor;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1080 struct gss_auth *gss_auth;
1917228435eebd Trond Myklebust 2013-08-26 1081 struct gss_pipe *gss_pipe;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1082 struct rpc_auth * auth;
6a19275ada9137 J. Bruce Fields 2005-06-22 1083 int err = -ENOMEM; /* XXX? */
6a654188690846 Scott Mayhew 2023-04-20 1084 struct cred *cred;
6a654188690846 Scott Mayhew 2023-04-20 1085 struct key *keyring;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1086
^1da177e4c3f41 Linus Torvalds 2005-04-16 1087 if (!try_module_get(THIS_MODULE))
6a19275ada9137 J. Bruce Fields 2005-06-22 1088 return ERR_PTR(err);
^1da177e4c3f41 Linus Torvalds 2005-04-16 @1089 if (!(gss_auth = kmalloc(sizeof(*gss_auth), GFP_KERNEL)))
^1da177e4c3f41 Linus Torvalds 2005-04-16 1090 goto out_dec;
eb6dc19d8e72ce Trond Myklebust 2013-08-28 1091 INIT_HLIST_NODE(&gss_auth->hash);
bd4a3eb15bb422 Trond Myklebust 2013-08-23 1092 gss_auth->target_name = NULL;
c2190661039b38 Trond Myklebust 2013-08-26 1093 if (args->target_name) {
c2190661039b38 Trond Myklebust 2013-08-26 1094 gss_auth->target_name = kstrdup(args->target_name, GFP_KERNEL);
bd4a3eb15bb422 Trond Myklebust 2013-08-23 1095 if (gss_auth->target_name == NULL)
bd4a3eb15bb422 Trond Myklebust 2013-08-23 1096 goto err_free;
bd4a3eb15bb422 Trond Myklebust 2013-08-23 1097 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1098 gss_auth->client = clnt;
9b1831e56c7f33 Eric Dumazet 2022-01-27 1099 gss_auth->net = get_net_track(rpc_net_ns(clnt), &gss_auth->ns_tracker,
9b1831e56c7f33 Eric Dumazet 2022-01-27 1100 GFP_KERNEL);
6a19275ada9137 J. Bruce Fields 2005-06-22 1101 err = -EINVAL;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1102 gss_auth->mech = gss_mech_get_by_pseudoflavor(flavor);
0c77668ddb4e7b Chuck Lever 2019-02-11 1103 if (!gss_auth->mech)
e726340ac9cf6b Trond Myklebust 2013-08-23 1104 goto err_put_net;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1105 gss_auth->service = gss_pseudoflavor_to_service(gss_auth->mech, flavor);
438b6fdebf2a2e J. Bruce Fields 2005-06-22 1106 if (gss_auth->service == 0)
438b6fdebf2a2e J. Bruce Fields 2005-06-22 1107 goto err_put_mech;
a699d65ec4ff82 Trond Myklebust 2014-02-10 1108 if (!gssd_running(gss_auth->net))
a699d65ec4ff82 Trond Myklebust 2014-02-10 1109 goto err_put_mech;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1110 auth = &gss_auth->rpc_auth;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1111 auth->au_cslack = GSS_CRED_SLACK >> 2;
6e460c230d2dfb Chuck Lever 2023-01-15 1112 BUILD_BUG_ON(GSS_KRB5_MAX_SLACK_NEEDED > RPC_MAX_AUTH_SIZE);
df513a77117127 Olga Kornievskaia 2020-03-26 1113 auth->au_rslack = GSS_KRB5_MAX_SLACK_NEEDED >> 2;
a00275baa68e1e Chuck Lever 2019-02-11 1114 auth->au_verfsize = GSS_VERF_SLACK >> 2;
35e77d21baa04b Chuck Lever 2019-02-11 1115 auth->au_ralign = GSS_VERF_SLACK >> 2;
53bc19f17f2173 Chuck Lever 2020-05-12 1116 __set_bit(RPCAUTH_AUTH_UPDATE_SLACK, &auth->au_flags);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1117 auth->au_ops = &authgss_ops;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1118 auth->au_flavor = flavor;
65b80179f9b817 Chuck Lever 2016-06-29 1119 if (gss_pseudoflavor_to_datatouch(gss_auth->mech, flavor))
53bc19f17f2173 Chuck Lever 2020-05-12 1120 __set_bit(RPCAUTH_AUTH_DATATOUCH, &auth->au_flags);
331bc71cb1751d Trond Myklebust 2018-10-14 1121 refcount_set(&auth->au_count, 1);
0285ed1f12298e Trond Myklebust 2007-06-27 1122 kref_init(&gss_auth->kref);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1123
1917228435eebd Trond Myklebust 2013-08-26 1124 err = rpcauth_init_credcache(auth);
1917228435eebd Trond Myklebust 2013-08-26 1125 if (err)
1917228435eebd Trond Myklebust 2013-08-26 1126 goto err_put_mech;
34769fc488b463 \"J. Bruce Fields\ 2008-12-23 1127 /*
34769fc488b463 \"J. Bruce Fields\ 2008-12-23 1128 * Note: if we created the old pipe first, then someone who
34769fc488b463 \"J. Bruce Fields\ 2008-12-23 1129 * examined the directory at the right moment might conclude
34769fc488b463 \"J. Bruce Fields\ 2008-12-23 1130 * that we supported only the old pipe. So we instead create
34769fc488b463 \"J. Bruce Fields\ 2008-12-23 1131 * the new pipe first.
34769fc488b463 \"J. Bruce Fields\ 2008-12-23 1132 */
414a6295984094 Trond Myklebust 2013-08-27 1133 gss_pipe = gss_pipe_get(clnt, "gssd", &gss_upcall_ops_v1);
1917228435eebd Trond Myklebust 2013-08-26 1134 if (IS_ERR(gss_pipe)) {
1917228435eebd Trond Myklebust 2013-08-26 1135 err = PTR_ERR(gss_pipe);
1917228435eebd Trond Myklebust 2013-08-26 1136 goto err_destroy_credcache;
6a19275ada9137 J. Bruce Fields 2005-06-22 1137 }
1917228435eebd Trond Myklebust 2013-08-26 1138 gss_auth->gss_pipe[1] = gss_pipe;
^1da177e4c3f41 Linus Torvalds 2005-04-16 1139
414a6295984094 Trond Myklebust 2013-08-27 1140 gss_pipe = gss_pipe_get(clnt, gss_auth->mech->gm_name,
1917228435eebd Trond Myklebust 2013-08-26 1141 &gss_upcall_ops_v0);
1917228435eebd Trond Myklebust 2013-08-26 1142 if (IS_ERR(gss_pipe)) {
1917228435eebd Trond Myklebust 2013-08-26 1143 err = PTR_ERR(gss_pipe);
c239d83b9921b8 Stanislav Kinsbursky 2011-12-26 1144 goto err_destroy_pipe_1;
c239d83b9921b8 Stanislav Kinsbursky 2011-12-26 1145 }
1917228435eebd Trond Myklebust 2013-08-26 1146 gss_auth->gss_pipe[0] = gss_pipe;
07a2bf1da4765d Trond Myklebust 2007-06-09 1147
6a654188690846 Scott Mayhew 2023-04-20 1148 if (use_keyring) {
6a654188690846 Scott Mayhew 2023-04-20 1149 cred = prepare_kernel_cred(&init_task);
6a654188690846 Scott Mayhew 2023-04-20 1150 if (!cred) {
6a654188690846 Scott Mayhew 2023-04-20 1151 err = -ENOMEM;
6a654188690846 Scott Mayhew 2023-04-20 1152 goto err_destroy_pipe_0;
6a654188690846 Scott Mayhew 2023-04-20 1153 }
6a654188690846 Scott Mayhew 2023-04-20 1154 keyring = keyring_alloc("gss_keyring",
6a654188690846 Scott Mayhew 2023-04-20 1155 GLOBAL_ROOT_UID, GLOBAL_ROOT_GID, cred,
6a654188690846 Scott Mayhew 2023-04-20 1156 (KEY_POS_ALL & ~KEY_POS_SETATTR) |
6a654188690846 Scott Mayhew 2023-04-20 1157 KEY_USR_VIEW | KEY_USR_READ,
6a654188690846 Scott Mayhew 2023-04-20 1158 KEY_ALLOC_NOT_IN_QUOTA, NULL, NULL);
6a654188690846 Scott Mayhew 2023-04-20 1159 if (IS_ERR(keyring)) {
6a654188690846 Scott Mayhew 2023-04-20 1160 err = PTR_ERR(keyring);
6a654188690846 Scott Mayhew 2023-04-20 1161 goto err_destroy_cred;
6a654188690846 Scott Mayhew 2023-04-20 1162 }
6a654188690846 Scott Mayhew 2023-04-20 1163 set_bit(KEY_FLAG_ROOT_CAN_CLEAR, &keyring->flags);
6a654188690846 Scott Mayhew 2023-04-20 1164 cred->thread_keyring = keyring;
6a654188690846 Scott Mayhew 2023-04-20 1165 cred->jit_keyring = KEY_REQKEY_DEFL_THREAD_KEYRING;
6a654188690846 Scott Mayhew 2023-04-20 1166 gss_auth->keyring_cred = cred;
6a654188690846 Scott Mayhew 2023-04-20 1167 }
6a654188690846 Scott Mayhew 2023-04-20 1168
6a654188690846 Scott Mayhew 2023-04-20 1169 trace_rpcgss_createauth(flavor, err, gss_auth->keyring_cred ?
6a654188690846 Scott Mayhew 2023-04-20 1170 gss_auth->keyring_cred->thread_keyring : NULL);
eb6dc19d8e72ce Trond Myklebust 2013-08-28 1171 return gss_auth;
6a654188690846 Scott Mayhew 2023-04-20 1172 err_destroy_cred:
6a654188690846 Scott Mayhew 2023-04-20 1173 put_cred(cred);
6a654188690846 Scott Mayhew 2023-04-20 1174 err_destroy_pipe_0:
6a654188690846 Scott Mayhew 2023-04-20 1175 gss_pipe_free(gss_auth->gss_pipe[0]);
c239d83b9921b8 Stanislav Kinsbursky 2011-12-26 1176 err_destroy_pipe_1:
414a6295984094 Trond Myklebust 2013-08-27 1177 gss_pipe_free(gss_auth->gss_pipe[1]);
1917228435eebd Trond Myklebust 2013-08-26 1178 err_destroy_credcache:
1917228435eebd Trond Myklebust 2013-08-26 1179 rpcauth_destroy_credcache(auth);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1180 err_put_mech:
^1da177e4c3f41 Linus Torvalds 2005-04-16 1181 gss_mech_put(gss_auth->mech);
e726340ac9cf6b Trond Myklebust 2013-08-23 1182 err_put_net:
9b1831e56c7f33 Eric Dumazet 2022-01-27 1183 put_net_track(gss_auth->net, &gss_auth->ns_tracker);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1184 err_free:
bd4a3eb15bb422 Trond Myklebust 2013-08-23 1185 kfree(gss_auth->target_name);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1186 kfree(gss_auth);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1187 out_dec:
^1da177e4c3f41 Linus Torvalds 2005-04-16 1188 module_put(THIS_MODULE);
6a654188690846 Scott Mayhew 2023-04-20 @1189 trace_rpcgss_createauth(flavor, err, gss_auth->keyring_cred ?
6a654188690846 Scott Mayhew 2023-04-20 1190 gss_auth->keyring_cred->thread_keyring : NULL);
6a19275ada9137 J. Bruce Fields 2005-06-22 1191 return ERR_PTR(err);
^1da177e4c3f41 Linus Torvalds 2005-04-16 1192 }
^1da177e4c3f41 Linus Torvalds 2005-04-16 1193
--
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests
^ permalink raw reply [flat|nested] 17+ messages in threadend of thread, other threads:[~2023-04-24 18:28 UTC | newest] Thread overview: 17+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2023-04-20 20:19 [RFC PATCH 0/5] SUNRPC: Add option to store GSS credentials in Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 1/5] keys: export keyring_ptr_to_key() Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 2/5] keys: add keyring_gc_custom() Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 3/5] keys: add dest_keyring parameter to request_key_with_auxdata() Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 4/5] keys: add the ability to search user keyrings in search_cred_keyrings_rcu() Scott Mayhew 2023-04-20 20:20 ` [RFC PATCH 5/5] SUNRPC: store GSS creds in keyrings Scott Mayhew 2023-04-20 21:54 ` kernel test robot 2023-04-21 3:32 ` kernel test robot 2023-04-21 5:14 ` kernel test robot 2023-04-21 6:15 ` kernel test robot 2023-04-21 10:13 ` Dan Carpenter 2023-04-22 21:27 ` Ben Boeckel 2023-04-24 14:02 ` Scott Mayhew 2023-04-24 14:23 ` Ben Boeckel 2023-04-24 15:01 ` Scott Mayhew 2023-04-24 18:28 ` Ben Boeckel -- strict thread matches above, loose matches on Subject: below -- 2023-04-21 7:17 kernel test robot
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.