[PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"

linux-api.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"
@ 2011-03-07 15:02 David Howells
       [not found] ` <20110307150208.28218.89348.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>
  0 siblings, 1 reply; 11+ messages in thread
From: David Howells @ 2011-03-07 15:02 UTC (permalink / raw)
  To: linux-security-module-u79uwXL29TY76Z2rM5mHXA,
	keyrings-6DNke4IJHB0gsBAKwltoeQ, linux-nfs-u79uwXL29TY76Z2rM5mHXA,
	linux-cifs-u79uwXL29TY76Z2rM5mHXA,
	linux-afs-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r,
	linux-api-u79uwXL29TY76Z2rM5mHXA
  Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	netdev-u79uwXL29TY76Z2rM5mHXA

As the kernel has or will have filesystems (and possibly other services) that
want to obtain authentication tokens and/or encryption data on demand (via
GSSAPI for example), it would seem useful to provide an additional error code
to indicate a problem with the lookup, rather than overloading some other error
code.

We already have EKEYREJECTED, EKEYREVOKED and EKEYEXPIRED to indicate problems
with a token that we already have, but what if the authentication server just
isn't available?

Define ENOAUTHSERVICE to indicate "Authentication service unavailable".  This
can be used to indicate, for example, that an attempt was made by request_key()
to retrieve a key, but the authentication server (e.g. a KDC) it is supposed to
contact didn't answer or that it couldn't determine the location of a suitable
server.

One way this can be used is that the user of a network filesystem can get a TGT
from the KDC and stash it in their session keyring, then the filesystem can
attempt to automatically get a ticket for accessing the filesystem - but if the
server is uncontactable then the ticket can be negatively instantiated with
KEYCTL_REJECT, giving the error to be handed to future requests as
ENOAUTHSERVICE and a small timeout so that the key will expire from the cache
and allow a retry after a short while to prevent thrashing.

Signed-off-by: David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
---

 arch/alpha/include/asm/errno.h  |    1 +
 arch/mips/include/asm/errno.h   |    1 +
 arch/parisc/include/asm/errno.h |    1 +
 arch/sparc/include/asm/errno.h  |    1 +
 include/asm-generic/errno.h     |    1 +
 5 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/arch/alpha/include/asm/errno.h b/arch/alpha/include/asm/errno.h
index 98099bd..519663c 100644
--- a/arch/alpha/include/asm/errno.h
+++ b/arch/alpha/include/asm/errno.h
@@ -121,5 +121,6 @@
 #define	ENOTRECOVERABLE	137	/* State not recoverable */
 
 #define	ERFKILL		138	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	139	/* Authentication service not available */
 
 #endif
diff --git a/arch/mips/include/asm/errno.h b/arch/mips/include/asm/errno.h
index a0efc73..5fa7fed 100644
--- a/arch/mips/include/asm/errno.h
+++ b/arch/mips/include/asm/errno.h
@@ -120,6 +120,7 @@
 #define	ENOTRECOVERABLE	166	/* State not recoverable */
 
 #define	ERFKILL		167	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	168	/* Authentication service not available */
 
 #define EDQUOT		1133	/* Quota exceeded */
 
diff --git a/arch/parisc/include/asm/errno.h b/arch/parisc/include/asm/errno.h
index 9992abd..6a19346 100644
--- a/arch/parisc/include/asm/errno.h
+++ b/arch/parisc/include/asm/errno.h
@@ -121,5 +121,6 @@
 #define ENOTRECOVERABLE	255	/* State not recoverable */
 
 #define	ERFKILL		256	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	257	/* Authentication service not available */
 
 #endif
diff --git a/arch/sparc/include/asm/errno.h b/arch/sparc/include/asm/errno.h
index 4e2bc49..ab3a26a 100644
--- a/arch/sparc/include/asm/errno.h
+++ b/arch/sparc/include/asm/errno.h
@@ -111,5 +111,6 @@
 #define	ENOTRECOVERABLE	133	/* State not recoverable */
 
 #define	ERFKILL		134	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	135	/* Authentication service not available */
 
 #endif
diff --git a/include/asm-generic/errno.h b/include/asm-generic/errno.h
index 28cc03b..bcf1908 100644
--- a/include/asm-generic/errno.h
+++ b/include/asm-generic/errno.h
@@ -107,5 +107,6 @@
 #define	ENOTRECOVERABLE	131	/* State not recoverable */
 
 #define ERFKILL		132	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	133	/* Authentication service not available */
 
 #endif

^ permalink raw reply related	[flat|nested] 11+ messages in thread

[parent not found: <20110307150208.28218.89348.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>]

* [PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors
       [not found] ` <20110307150208.28218.89348.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>
@ 2011-03-07 15:02   ` David Howells
       [not found]     ` <20110307150218.28218.84916.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>
  2011-03-08 15:09     ` David Howells
  0 siblings, 2 replies; 11+ messages in thread
From: David Howells @ 2011-03-07 15:02 UTC (permalink / raw)
  To: linux-security-module-u79uwXL29TY76Z2rM5mHXA,
	keyrings-6DNke4IJHB0gsBAKwltoeQ, linux-nfs-u79uwXL29TY76Z2rM5mHXA,
	linux-cifs-u79uwXL29TY76Z2rM5mHXA,
	linux-afs-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r,
	linux-api-u79uwXL29TY76Z2rM5mHXA
  Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	netdev-u79uwXL29TY76Z2rM5mHXA

Now that the kernel has filesystems (and possibly other services) that want to
look up internet addresses corresponding to arbitrary hostnames retrieved from
the server, it would seem useful to provide a couple of error codes to indicate
problems with the look up, rather than overloading some other error code.

Define ENONAMESERVICE to indicate "Network name service unavailable".  This can
be used to indicate, for example, that an attempt was made by dns_query() to
make a query, but the name server (e.g. a DNS server) it is supposed to contact
didn't answer or that it couldn't determine the location of a suitable server.

Define ENAMEUNKNOWN to indicate "Network name unknown".  This can be used to
indicate, for example, that an attempt was made by dns_query() to make a query,
but the name server (e.g. a DNS server) replied indicating that it had no
matching records.

The DNS query upcall program can report these to keyctl_reject() so that cached
failed queries will respond with these errors until they expire.

Signed-off-by: David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
---

 arch/alpha/include/asm/errno.h  |    2 ++
 arch/mips/include/asm/errno.h   |    2 ++
 arch/parisc/include/asm/errno.h |    2 ++
 arch/sparc/include/asm/errno.h  |    2 ++
 include/asm-generic/errno.h     |    2 ++
 5 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/arch/alpha/include/asm/errno.h b/arch/alpha/include/asm/errno.h
index 519663c..ee8a3f0 100644
--- a/arch/alpha/include/asm/errno.h
+++ b/arch/alpha/include/asm/errno.h
@@ -122,5 +122,7 @@
 
 #define	ERFKILL		138	/* Operation not possible due to RF-kill */
 #define	ENOAUTHSERVICE	139	/* Authentication service not available */
+#define	ENONAMESERVICE	140	/* Network name service unavailable */
+#define	ENAMEUNKNOWN	141	/* Network name unknown */
 
 #endif
diff --git a/arch/mips/include/asm/errno.h b/arch/mips/include/asm/errno.h
index 5fa7fed..faed965 100644
--- a/arch/mips/include/asm/errno.h
+++ b/arch/mips/include/asm/errno.h
@@ -121,6 +121,8 @@
 
 #define	ERFKILL		167	/* Operation not possible due to RF-kill */
 #define	ENOAUTHSERVICE	168	/* Authentication service not available */
+#define	ENONAMESERVICE	169	/* Network name service unavailable */
+#define	ENAMEUNKNOWN	170	/* Network name unknown */
 
 #define EDQUOT		1133	/* Quota exceeded */
 
diff --git a/arch/parisc/include/asm/errno.h b/arch/parisc/include/asm/errno.h
index 6a19346..63ee0bc 100644
--- a/arch/parisc/include/asm/errno.h
+++ b/arch/parisc/include/asm/errno.h
@@ -122,5 +122,7 @@
 
 #define	ERFKILL		256	/* Operation not possible due to RF-kill */
 #define	ENOAUTHSERVICE	257	/* Authentication service not available */
+#define	ENONAMESERVICE	258	/* Network name service unavailable */
+#define	ENAMEUNKNOWN	259	/* Network name unknown */
 
 #endif
diff --git a/arch/sparc/include/asm/errno.h b/arch/sparc/include/asm/errno.h
index ab3a26a..f40d5ae 100644
--- a/arch/sparc/include/asm/errno.h
+++ b/arch/sparc/include/asm/errno.h
@@ -112,5 +112,7 @@
 
 #define	ERFKILL		134	/* Operation not possible due to RF-kill */
 #define	ENOAUTHSERVICE	135	/* Authentication service not available */
+#define	ENONAMESERVICE	136	/* Network name service unavailable */
+#define	ENAMEUNKNOWN	137	/* Network name unknown */
 
 #endif
diff --git a/include/asm-generic/errno.h b/include/asm-generic/errno.h
index bcf1908..25878f1 100644
--- a/include/asm-generic/errno.h
+++ b/include/asm-generic/errno.h
@@ -108,5 +108,7 @@
 
 #define ERFKILL		132	/* Operation not possible due to RF-kill */
 #define	ENOAUTHSERVICE	133	/* Authentication service not available */
+#define	ENONAMESERVICE	134	/* Network name service unavailable */
+#define	ENAMEUNKNOWN	135	/* Network name unknown */
 
 #endif

^ permalink raw reply related	[flat|nested] 11+ messages in thread

[parent not found: <20110307150218.28218.84916.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>]

* Re: [PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors
       [not found]     ` <20110307150218.28218.84916.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>
@ 2011-03-07 16:00       ` Alan Cox
  0 siblings, 0 replies; 11+ messages in thread
From: Alan Cox @ 2011-03-07 16:00 UTC (permalink / raw)
  To: David Howells
  Cc: linux-security-module-u79uwXL29TY76Z2rM5mHXA,
	keyrings-6DNke4IJHB0gsBAKwltoeQ, linux-nfs-u79uwXL29TY76Z2rM5mHXA,
	linux-cifs-u79uwXL29TY76Z2rM5mHXA,
	linux-afs-IAPFreCvJWM7uuMidbF8XUB+6BGkLq7r,
	linux-api-u79uwXL29TY76Z2rM5mHXA,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	netdev-u79uwXL29TY76Z2rM5mHXA

> Define ENONAMESERVICE to indicate "Network name service unavailable".  This can
> be used to indicate, for example, that an attempt was made by dns_query() to
> make a query, but the name server (e.g. a DNS server) it is supposed to contact
> didn't answer or that it couldn't determine the location of a suitable server.

Are these in glibc and are there glibc patches submitted and accepted for
this ?

(I only ask because I know its previously taken years for glibc to catch
up with stuff)

^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors
  2011-03-07 15:02   ` [PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors David Howells
       [not found]     ` <20110307150218.28218.84916.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>
@ 2011-03-08 15:09     ` David Howells
  2011-03-08 15:25       ` Alan Cox
  2011-03-08 16:37       ` David Howells
  1 sibling, 2 replies; 11+ messages in thread
From: David Howells @ 2011-03-08 15:09 UTC (permalink / raw)
  To: Alan Cox
  Cc: dhowells, linux-security-module, keyrings, linux-arch, linux-api,
	linux-kernel

Alan Cox <alan@lxorguk.ukuu.org.uk> wrote:

> > Define ENONAMESERVICE to indicate "Network name service unavailable".
> > This can be used to indicate, for example, that an attempt was made by
> > dns_query() to make a query, but the name server (e.g. a DNS server) it is
> > supposed to contact didn't answer or that it couldn't determine the
> > location of a suitable server.
> 
> Are these in glibc and are there glibc patches submitted and accepted for
> this ?

No.

Are you saying that I should push them through glibc first - and then submit
them to the kernel?  Does the kernel lead or the C library?  And, if the
latter, which C library?  Can I not, for instance, push them through uclibc,
say?

Does submitting to glibc mean I have to sign my copyrights over to the FSF for
that code?  I've never gone through this process.

David

^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors
  2011-03-08 15:09     ` David Howells
@ 2011-03-08 15:25       ` Alan Cox
  2011-03-08 16:37       ` David Howells
  1 sibling, 0 replies; 11+ messages in thread
From: Alan Cox @ 2011-03-08 15:25 UTC (permalink / raw)
  To: David Howells
  Cc: linux-security-module, keyrings, linux-arch, linux-api,
	linux-kernel

On Tue, 08 Mar 2011 15:09:59 +0000
David Howells <dhowells@redhat.com> wrote:

> Alan Cox <alan@lxorguk.ukuu.org.uk> wrote:
> 
> > > Define ENONAMESERVICE to indicate "Network name service unavailable".
> > > This can be used to indicate, for example, that an attempt was made by
> > > dns_query() to make a query, but the name server (e.g. a DNS server) it is
> > > supposed to contact didn't answer or that it couldn't determine the
> > > location of a suitable server.
> > 
> > Are these in glibc and are there glibc patches submitted and accepted for
> > this ?
> 
> No.
> 
> Are you saying that I should push them through glibc first - and then submit
> them to the kernel? 

I was wondering if at least there was some co-ordination going on so that
functions like perror() produced sensible answers. Otherwise it's
debatable if its actually an improvement for the poor end user ?

^ permalink raw reply	[flat|nested] 11+ messages in thread

* Re: [PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors
  2011-03-08 15:09     ` David Howells
  2011-03-08 15:25       ` Alan Cox
@ 2011-03-08 16:37       ` David Howells
  1 sibling, 0 replies; 11+ messages in thread
From: David Howells @ 2011-03-08 16:37 UTC (permalink / raw)
  To: Alan Cox
  Cc: dhowells, linux-security-module, keyrings, linux-arch, linux-api,
	linux-kernel

Alan Cox <alan@lxorguk.ukuu.org.uk> wrote:

> I was wondering if at least there was some co-ordination going on so that
> functions like perror() produced sensible answers. Otherwise it's
> debatable if its actually an improvement for the poor end user ?

Fair point.  That's why I cc'd the messages to linux-api@, but I'm not sure who
actually reads it, besides Michael Kerrisk.  I guess it's probably a good idea
to wave my suggestions on the glibc list at least.

David

^ permalink raw reply	[flat|nested] 11+ messages in thread

* [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"
@ 2012-02-08 12:29 David Howells
  2012-02-08 15:48 ` Joseph S. Myers
                   ` (2 more replies)
  0 siblings, 3 replies; 11+ messages in thread
From: David Howells @ 2012-02-08 12:29 UTC (permalink / raw)
  To: jmorris-gx6/JNMH7DfYtjvyW6yDsg
  Cc: keyrings-6DNke4IJHB0gsBAKwltoeQ, linux-nfs-u79uwXL29TY76Z2rM5mHXA,
	linux-security-module-u79uwXL29TY76Z2rM5mHXA,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	linux-cifs-u79uwXL29TY76Z2rM5mHXA,
	linux-api-u79uwXL29TY76Z2rM5mHXA,
	libc-alpha-9JcytcrH/bA+uJoB2kUjGw

As the kernel has or will have filesystems (and possibly other services) that
want to obtain authentication tokens and/or encryption data on demand (via
GSSAPI for example), it would seem useful to provide an additional error code
to indicate a problem with the lookup, rather than overloading some other error
code.

We already have EKEYREJECTED, EKEYREVOKED and EKEYEXPIRED to indicate problems
with a token that we already have, but what if the authentication server just
isn't available?

Define ENOAUTHSERVICE to indicate "Authentication service unavailable".  This
can be used to indicate, for example, that an attempt was made by request_key()
to retrieve a key, but the authentication server (e.g. a KDC) it is supposed to
contact didn't answer or that it couldn't determine the location of a suitable
server.

One way this can be used is that the user of a network filesystem can get a TGT
from the KDC and stash it in their session keyring, then the filesystem can
attempt to automatically get a ticket for accessing the filesystem - but if the
server is uncontactable then the ticket can be negatively instantiated with
KEYCTL_REJECT, giving the error to be handed to future requests as
ENOAUTHSERVICE and a small timeout so that the key will expire from the cache
and allow a retry after a short while to prevent thrashing.

Signed-off-by: David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
---

 arch/alpha/include/asm/errno.h  |    1 +
 arch/mips/include/asm/errno.h   |    1 +
 arch/parisc/include/asm/errno.h |    1 +
 arch/sparc/include/asm/errno.h  |    1 +
 include/asm-generic/errno.h     |    1 +
 5 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/arch/alpha/include/asm/errno.h b/arch/alpha/include/asm/errno.h
index e5f29ca..5edc21e 100644
--- a/arch/alpha/include/asm/errno.h
+++ b/arch/alpha/include/asm/errno.h
@@ -121,6 +121,7 @@
 #define	ENOTRECOVERABLE	137	/* State not recoverable */
 
 #define	ERFKILL		138	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	139	/* Authentication service not available */
 
 #define EHWPOISON	139	/* Memory page has hardware error */
 
diff --git a/arch/mips/include/asm/errno.h b/arch/mips/include/asm/errno.h
index 6dcd358..9e0b83f 100644
--- a/arch/mips/include/asm/errno.h
+++ b/arch/mips/include/asm/errno.h
@@ -120,6 +120,7 @@
 #define	ENOTRECOVERABLE	166	/* State not recoverable */
 
 #define	ERFKILL		167	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	168	/* Authentication service not available */
 
 #define EHWPOISON	168	/* Memory page has hardware error */
 
diff --git a/arch/parisc/include/asm/errno.h b/arch/parisc/include/asm/errno.h
index 135ad60..c4598b6 100644
--- a/arch/parisc/include/asm/errno.h
+++ b/arch/parisc/include/asm/errno.h
@@ -121,6 +121,7 @@
 #define ENOTRECOVERABLE	255	/* State not recoverable */
 
 #define	ERFKILL		256	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	257	/* Authentication service not available */
 
 #define EHWPOISON	257	/* Memory page has hardware error */
 
diff --git a/arch/sparc/include/asm/errno.h b/arch/sparc/include/asm/errno.h
index c351aba..ab4f9f5 100644
--- a/arch/sparc/include/asm/errno.h
+++ b/arch/sparc/include/asm/errno.h
@@ -111,6 +111,7 @@
 #define	ENOTRECOVERABLE	133	/* State not recoverable */
 
 #define	ERFKILL		134	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	135	/* Authentication service not available */
 
 #define EHWPOISON	135	/* Memory page has hardware error */
 
diff --git a/include/asm-generic/errno.h b/include/asm-generic/errno.h
index a1331ce..52325ca 100644
--- a/include/asm-generic/errno.h
+++ b/include/asm-generic/errno.h
@@ -107,6 +107,7 @@
 #define	ENOTRECOVERABLE	131	/* State not recoverable */
 
 #define ERFKILL		132	/* Operation not possible due to RF-kill */
+#define	ENOAUTHSERVICE	133	/* Authentication service not available */
 
 #define EHWPOISON	133	/* Memory page has hardware error */
 

^ permalink raw reply related	[flat|nested] 11+ messages in thread

* Re: [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"
  2012-02-08 12:29 [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable" David Howells
@ 2012-02-08 15:48 ` Joseph S. Myers
       [not found] ` <20120208122905.8902.65762.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>
       [not found] ` <22934.1328745230-+bZmOdGhbsPr6rcHtW+onFJE71vCis6O@public.gmane.org>
  2 siblings, 0 replies; 11+ messages in thread
From: Joseph S. Myers @ 2012-02-08 15:48 UTC (permalink / raw)
  To: David Howells
  Cc: jmorris, keyrings, linux-nfs, linux-security-module, linux-kernel,
	linux-cifs, linux-api, libc-alpha

On Wed, 8 Feb 2012, David Howells wrote:

>  #define ERFKILL		132	/* Operation not possible due to RF-kill */
> +#define	ENOAUTHSERVICE	133	/* Authentication service not available */
>  
>  #define EHWPOISON	133	/* Memory page has hardware error */

Defining the new error to have the same value as EHWPOISON seems rather 
odd....

-- 
Joseph S. Myers
joseph@codesourcery.com

^ permalink raw reply	[flat|nested] 11+ messages in thread

[parent not found: <20120208122905.8902.65762.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>]

* Re: [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"
       [not found] ` <20120208122905.8902.65762.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>
@ 2012-02-08 23:53   ` Valdis.Kletnieks-PjAqaU27lzQ
  0 siblings, 0 replies; 11+ messages in thread
From: Valdis.Kletnieks-PjAqaU27lzQ @ 2012-02-08 23:53 UTC (permalink / raw)
  To: David Howells
  Cc: jmorris-gx6/JNMH7DfYtjvyW6yDsg, keyrings-6DNke4IJHB0gsBAKwltoeQ,
	linux-nfs-u79uwXL29TY76Z2rM5mHXA,
	linux-security-module-u79uwXL29TY76Z2rM5mHXA,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	linux-cifs-u79uwXL29TY76Z2rM5mHXA,
	linux-api-u79uwXL29TY76Z2rM5mHXA,
	libc-alpha-9JcytcrH/bA+uJoB2kUjGw

[-- Attachment #1: Type: text/plain, Size: 376 bytes --]

On Wed, 08 Feb 2012 12:29:05 GMT, David Howells said:

> +#define	ENOAUTHSERVICE	139	/* Authentication service not available */
>
>  #define EHWPOISON	139	/* Memory page has hardware error */

Was this an intentional overload of 139 (and so on for other archs)?
Just checking - I'm sure if it goes in like this, we'll see a patch to "fix" the
collision for 3.16.0 or so... ;)

[-- Attachment #2: Type: application/pgp-signature, Size: 865 bytes --]

^ permalink raw reply	[flat|nested] 11+ messages in thread

[parent not found: <22934.1328745230-+bZmOdGhbsPr6rcHtW+onFJE71vCis6O@public.gmane.org>]

* Re: [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"
       [not found] ` <22934.1328745230-+bZmOdGhbsPr6rcHtW+onFJE71vCis6O@public.gmane.org>
@ 2012-02-09 10:01   ` David Howells
  0 siblings, 0 replies; 11+ messages in thread
From: David Howells @ 2012-02-09 10:01 UTC (permalink / raw)
  To: Valdis.Kletnieks-PjAqaU27lzQ
  Cc: dhowells-H+wXaHxf7aLQT0dZR+AlfA, jmorris-gx6/JNMH7DfYtjvyW6yDsg,
	keyrings-6DNke4IJHB0gsBAKwltoeQ, linux-nfs-u79uwXL29TY76Z2rM5mHXA,
	linux-security-module-u79uwXL29TY76Z2rM5mHXA,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	linux-cifs-u79uwXL29TY76Z2rM5mHXA,
	linux-api-u79uwXL29TY76Z2rM5mHXA,
	libc-alpha-9JcytcrH/bA+uJoB2kUjGw

Valdis.Kletnieks-PjAqaU27lzQ@public.gmane.org wrote:

> Was this an intentional overload of 139 (and so on for other archs)?  Just
> checking - I'm sure if it goes in like this, we'll see a patch to "fix" the
> collision for 3.16.0 or so... ;)

Ummm...  Odd...  I'm surprised StGIT managed to reapply my patches with no
warning.  I'll fix the numbering in them.

David

^ permalink raw reply	[flat|nested] 11+ messages in thread

* [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"
@ 2012-03-22 13:35 David Howells
  0 siblings, 0 replies; 11+ messages in thread
From: David Howells @ 2012-03-22 13:35 UTC (permalink / raw)
  To: torvalds-de/tnXTf+JLsfHDXvbKv3VaTQe2KTcn/
  Cc: linux-nfs-u79uwXL29TY76Z2rM5mHXA,
	linux-cifs-u79uwXL29TY76Z2rM5mHXA,
	linux-api-u79uwXL29TY76Z2rM5mHXA,
	linux-kernel-u79uwXL29TY76Z2rM5mHXA,
	libc-alpha-9JcytcrH/bA+uJoB2kUjGw, David Howells, Jeff Layton,
	Steven Whitehouse, Steve Dickson

As the kernel has or will have filesystems (and possibly other services) that
want to obtain authentication tokens and/or encryption data on demand (via
GSSAPI for example), it would seem useful to provide an additional error code
to indicate a problem with the lookup, rather than overloading some other error
code.

We already have EKEYREJECTED, EKEYREVOKED and EKEYEXPIRED to indicate problems
with a token that we already have, but what if the authentication server just
isn't available?

Define ENOAUTHSERVICE to indicate "Authentication service unavailable".  This
can be used to indicate, for example, that an attempt was made by request_key()
to retrieve a key, but the authentication server (e.g. a KDC) it is supposed to
contact didn't answer or that it couldn't determine the location of a suitable
server.

One way this can be used is that the user of a network filesystem could get a
TGT from the KDC and stash it in their session keyring, then the filesystem can
attempt to automatically get a ticket for accessing the filesystem - but if the
server is uncontactable then the ticket can be negatively instantiated with
KEYCTL_REJECT, giving the error to be handed to future requests as
ENOAUTHSERVICE and a small timeout so that the key will expire from the cache
and allow a retry after a short while to prevent thrashing.

I envision that this error would primarily be generated by a kernel upcall for
the kernel to then pass back to the original userspace caller.  The kernel
itself might not actually pay any attention to it, except as a hint as to
whether to retry.

Signed-off-by: David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Acked-by: Jeff Layton <jlayton-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Acked-by: Steven Whitehouse <swhiteho-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Acked-by: Steve Dickson <steved-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Liked-by: Simo Sorce <simo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
---

 arch/alpha/include/asm/errno.h  |    2 ++
 arch/mips/include/asm/errno.h   |    1 +
 arch/parisc/include/asm/errno.h |    1 +
 arch/sparc/include/asm/errno.h  |    1 +
 include/asm-generic/errno.h     |    1 +
 5 files changed, 6 insertions(+), 0 deletions(-)

diff --git a/arch/alpha/include/asm/errno.h b/arch/alpha/include/asm/errno.h
index e5f29ca..dce5fc9 100644
--- a/arch/alpha/include/asm/errno.h
+++ b/arch/alpha/include/asm/errno.h
@@ -124,4 +124,6 @@

 #define EHWPOISON	139	/* Memory page has hardware error */

+#define	ENOAUTHSERVICE	140	/* Authentication service not available */
+
 #endif
diff --git a/arch/mips/include/asm/errno.h b/arch/mips/include/asm/errno.h
index 6dcd358..67c46bd 100644
--- a/arch/mips/include/asm/errno.h
+++ b/arch/mips/include/asm/errno.h
@@ -122,6 +122,7 @@
 #define	ERFKILL		167	/* Operation not possible due to RF-kill */

 #define EHWPOISON	168	/* Memory page has hardware error */
+#define	ENOAUTHSERVICE	169	/* Authentication service not available */

 #define EDQUOT		1133	/* Quota exceeded */

diff --git a/arch/parisc/include/asm/errno.h b/arch/parisc/include/asm/errno.h
index 135ad60..3a6ffcd 100644
--- a/arch/parisc/include/asm/errno.h
+++ b/arch/parisc/include/asm/errno.h
@@ -123,5 +123,6 @@
 #define	ERFKILL		256	/* Operation not possible due to RF-kill */

 #define EHWPOISON	257	/* Memory page has hardware error */
+#define	ENOAUTHSERVICE	258	/* Authentication service not available */

 #endif
diff --git a/arch/sparc/include/asm/errno.h b/arch/sparc/include/asm/errno.h
index c351aba..94a878f 100644
--- a/arch/sparc/include/asm/errno.h
+++ b/arch/sparc/include/asm/errno.h
@@ -113,5 +113,6 @@
 #define	ERFKILL		134	/* Operation not possible due to RF-kill */

 #define EHWPOISON	135	/* Memory page has hardware error */
+#define	ENOAUTHSERVICE	136	/* Authentication service not available */

 #endif
diff --git a/include/asm-generic/errno.h b/include/asm-generic/errno.h
index a1331ce..5e2b296 100644
--- a/include/asm-generic/errno.h
+++ b/include/asm-generic/errno.h
@@ -109,5 +109,6 @@
 #define ERFKILL		132	/* Operation not possible due to RF-kill */

 #define EHWPOISON	133	/* Memory page has hardware error */
+#define	ENOAUTHSERVICE	134	/* Authentication service not available */

 #endif

^ permalink raw reply related	[flat|nested] 11+ messages in thread

end of thread, other threads:[~2012-03-22 13:35 UTC | newest]

Thread overview: 11+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-03-07 15:02 [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable" David Howells
     [not found] ` <20110307150208.28218.89348.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>
2011-03-07 15:02   ` [PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors David Howells
     [not found]     ` <20110307150218.28218.84916.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>
2011-03-07 16:00       ` Alan Cox
2011-03-08 15:09     ` David Howells
2011-03-08 15:25       ` Alan Cox
2011-03-08 16:37       ` David Howells
  -- strict thread matches above, loose matches on Subject: below --
2012-02-08 12:29 [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable" David Howells
2012-02-08 15:48 ` Joseph S. Myers
     [not found] ` <20120208122905.8902.65762.stgit-S6HVgzuS8uM4Awkfq6JHfwNdhmdF6hFW@public.gmane.org>
2012-02-08 23:53   ` Valdis.Kletnieks-PjAqaU27lzQ
     [not found] ` <22934.1328745230-+bZmOdGhbsPr6rcHtW+onFJE71vCis6O@public.gmane.org>
2012-02-09 10:01   ` David Howells
2012-03-22 13:35 David Howells

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).