]> git.ipfire.org Git - thirdparty/kernel/stable.git/commitdiff
projects / thirdparty / kernel / stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5d28865)
net/handshake: Add new parameter 'HANDSHAKE_A_ACCEPT_KEYRING'
authorHannes Reinecke <hare@kernel.org>
Tue, 1 Jul 2025 14:46:57 +0000 (16:46 +0200)
committerPaolo Abeni <pabeni@redhat.com>
Tue, 8 Jul 2025 13:31:44 +0000 (15:31 +0200)
Add a new netlink parameter 'HANDSHAKE_A_ACCEPT_KEYRING' to provide
the serial number of the keyring to use.

Signed-off-by: Hannes Reinecke <hare@kernel.org>
Reviewed-by: Chuck Lever <chuck.lever@oracle.com>
Acked-by: Jakub Kicinski <kuba@kernel.org>
Link: https://patch.msgid.link/20250701144657.104401-1-hare@kernel.org
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Documentation/netlink/specs/handshake.yaml patch | blob | blame | history
include/uapi/linux/handshake.h patch | blob | blame | history
net/handshake/tlshd.c patch | blob | blame | history

diff --git a/Documentation/netlink/specs/handshake.yaml b/Documentation/netlink/specs/handshake.yaml
index 39ed1661c7f191179fccbf1b8c63d70a7bee8669..95c3fade7a8d7b818a15198593f6a0f59bafb489 100644 (file)
--- a/Documentation/netlink/specs/handshake.yaml
+++ b/Documentation/netlink/specs/handshake.yaml
@@ -71,6 +71,9 @@ attribute-sets:
       -
         name: peername
         type: string
+      -
+        name: keyring
+        type: u32
   -
     name: done
     attributes:
@@ -109,6 +112,7 @@ operations:
             - peer-identity
             - certificate
             - peername
+            - keyring
     -
       name: done
       doc: Handler reports handshake completion
diff --git a/include/uapi/linux/handshake.h b/include/uapi/linux/handshake.h
index 3d7ea58778c9689e8f626f26874bb40f9546b096..662e7de46c54459b7beb1c6cf244569ef50aadb4 100644 (file)
--- a/include/uapi/linux/handshake.h
+++ b/include/uapi/linux/handshake.h
@@ -45,6 +45,7 @@ enum {
        HANDSHAKE_A_ACCEPT_PEER_IDENTITY,
        HANDSHAKE_A_ACCEPT_CERTIFICATE,
        HANDSHAKE_A_ACCEPT_PEERNAME,
+       HANDSHAKE_A_ACCEPT_KEYRING,
 
        __HANDSHAKE_A_ACCEPT_MAX,
        HANDSHAKE_A_ACCEPT_MAX = (__HANDSHAKE_A_ACCEPT_MAX - 1)
diff --git a/net/handshake/tlshd.c b/net/handshake/tlshd.c
index d6f52839827eac3b897713b1fc9e1dbf5f483da7..081093dfd5533bb5abbd8871d56915ff700dbfcd 100644 (file)
--- a/net/handshake/tlshd.c
+++ b/net/handshake/tlshd.c
@@ -230,6 +230,12 @@ static int tls_handshake_accept(struct handshake_req *req,
                if (ret < 0)
                        goto out_cancel;
        }
+       if (treq->th_keyring) {
+               ret = nla_put_u32(msg, HANDSHAKE_A_ACCEPT_KEYRING,
+                                 treq->th_keyring);
+               if (ret < 0)
+                       goto out_cancel;
+       }
 
        ret = nla_put_u32(msg, HANDSHAKE_A_ACCEPT_AUTH_MODE,
                          treq->th_auth_mode);
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git