Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / fc6cb9c303e289e0772cd9db593db9acd15cd678
commitfc6cb9c303e289e0772cd9db593db9acd15cd678[log] [tgz]
authorIlya Dryomov <idryomov@gmail.com>Fri Dec 02 16:35:09 2016 +0100
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>Mon Jan 09 08:32:24 2017 +0100
tree90dca13cc275b10cc0853300d65515e3a74f7ed7
parentd8c34b0cc0be6c70d9a7a5e5bb8da86af42771f9 [diff]
libceph: verify authorize reply on connect

commit 5c056fdc5b474329037f2aa18401bd73033e0ce0 upstream.

After sending an authorizer (ceph_x_authorize_a + ceph_x_authorize_b),
the client gets back a ceph_x_authorize_reply, which it is supposed to
verify to ensure the authenticity and protect against replay attacks.
The code for doing this is there (ceph_x_verify_authorizer_reply(),
ceph_auth_verify_authorizer_reply() + plumbing), but it is never
invoked by the the messenger.

AFAICT this goes back to 2009, when ceph authentication protocols
support was added to the kernel client in 4e7a5dcd1bba ("ceph:
negotiate authentication protocol; implement AUTH_NONE protocol").

The second param of ceph_connection_operations::verify_authorizer_reply
is unused all the way down.  Pass 0 to facilitate backporting, and kill
it in the next commit.

Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Reviewed-by: Sage Weil <sage@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
1 file changed
tree: 90dca13cc275b10cc0853300d65515e3a74f7ed7
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. firmware/
  8. fs/
  9. include/
  10. init/
  11. ipc/
  12. kernel/
  13. lib/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .cocciconfig
  24. .get_maintainer.ignore
  25. .gitattributes
  26. .gitignore
  27. .mailmap
  28. COPYING
  29. CREDITS
  30. Kbuild
  31. Kconfig
  32. MAINTAINERS
  33. Makefile
  34. README
  35. REPORTING-BUGS