rxrpc: rxperf: Add test RxGK server keys

Add RxGK server keys of bytes containing { 0, 1, 2, 3, 4, ... } to the
server keyring for the rxperf test server.  This allows the rxperf test
client to connect to it.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: Simon Horman <horms@kernel.org>
cc: linux-afs@lists.infradead.org
Link: https://patch.msgid.link/20250411095303.2316168-15-dhowells@redhat.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/net/rxrpc/rxperf.c b/net/rxrpc/rxperf.c
index c76fbcc..0377301 100644 (file)
--- a/net/rxrpc/rxperf.c
+++ b/net/rxrpc/rxperf.c
@@ -8,6 +8,7 @@
 #define pr_fmt(fmt) "rxperf: " fmt
 #include <linux/module.h>
 #include <linux/slab.h>
+#include <crypto/krb5.h>
 #include <net/sock.h>
 #include <net/af_rxrpc.h>
 #define RXRPC_TRACE_ONLY_DEFINE_ENUMS
@@ -550,9 +551,9 @@ static int rxperf_process_call(struct rxperf_call *call)
 }
 
 /*
- * Add a key to the security keyring.
+ * Add an rxkad key to the security keyring.
  */
-static int rxperf_add_key(struct key *keyring)
+static int rxperf_add_rxkad_key(struct key *keyring)
 {
        key_ref_t kref;
        int ret;
@@ -578,6 +579,47 @@ static int rxperf_add_key(struct key *keyring)
        return ret;
 }
 
+#ifdef CONFIG_RXGK
+/*
+ * Add a yfs-rxgk key to the security keyring.
+ */
+static int rxperf_add_yfs_rxgk_key(struct key *keyring, u32 enctype)
+{
+       const struct krb5_enctype *krb5 = crypto_krb5_find_enctype(enctype);
+       key_ref_t kref;
+       char name[64];
+       int ret;
+       u8 key[32];
+
+       if (!krb5 || krb5->key_len > sizeof(key))
+               return 0;
+
+       /* The key is just { 0, 1, 2, 3, 4, ... } */
+       for (int i = 0; i < krb5->key_len; i++)
+               key[i] = i;
+
+       sprintf(name, "%u:6:1:%u", RX_PERF_SERVICE, enctype);
+
+       kref = key_create_or_update(make_key_ref(keyring, true),
+                                   "rxrpc_s", name,
+                                   key, krb5->key_len,
+                                   KEY_POS_VIEW | KEY_POS_READ | KEY_POS_SEARCH |
+                                   KEY_USR_VIEW,
+                                   KEY_ALLOC_NOT_IN_QUOTA);
+
+       if (IS_ERR(kref)) {
+               pr_err("Can't allocate rxperf server key: %ld\n", PTR_ERR(kref));
+               return PTR_ERR(kref);
+       }
+
+       ret = key_link(keyring, key_ref_to_ptr(kref));
+       if (ret < 0)
+               pr_err("Can't link rxperf server key: %d\n", ret);
+       key_ref_put(kref);
+       return ret;
+}
+#endif
+
 /*
  * Initialise the rxperf server.
  */
@@ -607,9 +649,29 @@ static int __init rxperf_init(void)
                goto error_keyring;
        }
        rxperf_sec_keyring = keyring;
-       ret = rxperf_add_key(keyring);
+       ret = rxperf_add_rxkad_key(keyring);
+       if (ret < 0)
+               goto error_key;
+#ifdef CONFIG_RXGK
+       ret = rxperf_add_yfs_rxgk_key(keyring, KRB5_ENCTYPE_AES128_CTS_HMAC_SHA1_96);
+       if (ret < 0)
+               goto error_key;
+       ret = rxperf_add_yfs_rxgk_key(keyring, KRB5_ENCTYPE_AES256_CTS_HMAC_SHA1_96);
+       if (ret < 0)
+               goto error_key;
+       ret = rxperf_add_yfs_rxgk_key(keyring, KRB5_ENCTYPE_AES128_CTS_HMAC_SHA256_128);
+       if (ret < 0)
+               goto error_key;
+       ret = rxperf_add_yfs_rxgk_key(keyring, KRB5_ENCTYPE_AES256_CTS_HMAC_SHA384_192);
+       if (ret < 0)
+               goto error_key;
+       ret = rxperf_add_yfs_rxgk_key(keyring, KRB5_ENCTYPE_CAMELLIA128_CTS_CMAC);
+       if (ret < 0)
+               goto error_key;
+       ret = rxperf_add_yfs_rxgk_key(keyring, KRB5_ENCTYPE_CAMELLIA256_CTS_CMAC);
        if (ret < 0)
                goto error_key;
+#endif
 
        ret = rxperf_open_socket();
        if (ret < 0)