2012-02-08 12:29:30

by David Howells

[permalink] [raw]
Subject: [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"

As the kernel has or will have filesystems (and possibly other services) that
want to obtain authentication tokens and/or encryption data on demand (via
GSSAPI for example), it would seem useful to provide an additional error code
to indicate a problem with the lookup, rather than overloading some other error
code.

We already have EKEYREJECTED, EKEYREVOKED and EKEYEXPIRED to indicate problems
with a token that we already have, but what if the authentication server just
isn't available?

Define ENOAUTHSERVICE to indicate "Authentication service unavailable". This
can be used to indicate, for example, that an attempt was made by request_key()
to retrieve a key, but the authentication server (e.g. a KDC) it is supposed to
contact didn't answer or that it couldn't determine the location of a suitable
server.

One way this can be used is that the user of a network filesystem can get a TGT
from the KDC and stash it in their session keyring, then the filesystem can
attempt to automatically get a ticket for accessing the filesystem - but if the
server is uncontactable then the ticket can be negatively instantiated with
KEYCTL_REJECT, giving the error to be handed to future requests as
ENOAUTHSERVICE and a small timeout so that the key will expire from the cache
and allow a retry after a short while to prevent thrashing.

Signed-off-by: David Howells <[email protected]>
---

arch/alpha/include/asm/errno.h | 1 +
arch/mips/include/asm/errno.h | 1 +
arch/parisc/include/asm/errno.h | 1 +
arch/sparc/include/asm/errno.h | 1 +
include/asm-generic/errno.h | 1 +
5 files changed, 5 insertions(+), 0 deletions(-)

diff --git a/arch/alpha/include/asm/errno.h b/arch/alpha/include/asm/errno.h
index e5f29ca..5edc21e 100644
--- a/arch/alpha/include/asm/errno.h
+++ b/arch/alpha/include/asm/errno.h
@@ -121,6 +121,7 @@
#define ENOTRECOVERABLE 137 /* State not recoverable */

#define ERFKILL 138 /* Operation not possible due to RF-kill */
+#define ENOAUTHSERVICE 139 /* Authentication service not available */

#define EHWPOISON 139 /* Memory page has hardware error */

diff --git a/arch/mips/include/asm/errno.h b/arch/mips/include/asm/errno.h
index 6dcd358..9e0b83f 100644
--- a/arch/mips/include/asm/errno.h
+++ b/arch/mips/include/asm/errno.h
@@ -120,6 +120,7 @@
#define ENOTRECOVERABLE 166 /* State not recoverable */

#define ERFKILL 167 /* Operation not possible due to RF-kill */
+#define ENOAUTHSERVICE 168 /* Authentication service not available */

#define EHWPOISON 168 /* Memory page has hardware error */

diff --git a/arch/parisc/include/asm/errno.h b/arch/parisc/include/asm/errno.h
index 135ad60..c4598b6 100644
--- a/arch/parisc/include/asm/errno.h
+++ b/arch/parisc/include/asm/errno.h
@@ -121,6 +121,7 @@
#define ENOTRECOVERABLE 255 /* State not recoverable */

#define ERFKILL 256 /* Operation not possible due to RF-kill */
+#define ENOAUTHSERVICE 257 /* Authentication service not available */

#define EHWPOISON 257 /* Memory page has hardware error */

diff --git a/arch/sparc/include/asm/errno.h b/arch/sparc/include/asm/errno.h
index c351aba..ab4f9f5 100644
--- a/arch/sparc/include/asm/errno.h
+++ b/arch/sparc/include/asm/errno.h
@@ -111,6 +111,7 @@
#define ENOTRECOVERABLE 133 /* State not recoverable */

#define ERFKILL 134 /* Operation not possible due to RF-kill */
+#define ENOAUTHSERVICE 135 /* Authentication service not available */

#define EHWPOISON 135 /* Memory page has hardware error */

diff --git a/include/asm-generic/errno.h b/include/asm-generic/errno.h
index a1331ce..52325ca 100644
--- a/include/asm-generic/errno.h
+++ b/include/asm-generic/errno.h
@@ -107,6 +107,7 @@
#define ENOTRECOVERABLE 131 /* State not recoverable */

#define ERFKILL 132 /* Operation not possible due to RF-kill */
+#define ENOAUTHSERVICE 133 /* Authentication service not available */

#define EHWPOISON 133 /* Memory page has hardware error */




2012-02-08 12:29:44

by David Howells

[permalink] [raw]
Subject: [PATCH 2/2] Define ENONAMESERVICE and ENAMEUNKNOWN to indicate name service errors

Now that the kernel has filesystems (and possibly other services) that want to
look up internet addresses corresponding to arbitrary hostnames retrieved from
the server, it would seem useful to provide a couple of error codes to indicate
problems with the look up, rather than overloading some other error code.

Define ENONAMESERVICE to indicate "Network name service unavailable". This can
be used to indicate, for example, that an attempt was made by dns_query() to
make a query, but the name server (e.g. a DNS server) it is supposed to contact
didn't answer or that it couldn't determine the location of a suitable server.

Define ENAMEUNKNOWN to indicate "Network name unknown". This can be used to
indicate, for example, that an attempt was made by dns_query() to make a query,
but the name server (e.g. a DNS server) replied indicating that it had no
matching records.

The DNS query upcall program can report these to keyctl_reject() so that cached
failed queries will respond with these errors until they expire.

Signed-off-by: David Howells <[email protected]>
---

arch/alpha/include/asm/errno.h | 2 ++
arch/mips/include/asm/errno.h | 2 ++
arch/parisc/include/asm/errno.h | 2 ++
arch/sparc/include/asm/errno.h | 2 ++
include/asm-generic/errno.h | 2 ++
5 files changed, 10 insertions(+), 0 deletions(-)

diff --git a/arch/alpha/include/asm/errno.h b/arch/alpha/include/asm/errno.h
index 5edc21e..d6e8582 100644
--- a/arch/alpha/include/asm/errno.h
+++ b/arch/alpha/include/asm/errno.h
@@ -122,6 +122,8 @@

#define ERFKILL 138 /* Operation not possible due to RF-kill */
#define ENOAUTHSERVICE 139 /* Authentication service not available */
+#define ENONAMESERVICE 140 /* Network name service unavailable */
+#define ENAMEUNKNOWN 141 /* Network name unknown */

#define EHWPOISON 139 /* Memory page has hardware error */

diff --git a/arch/mips/include/asm/errno.h b/arch/mips/include/asm/errno.h
index 9e0b83f..5ae25aa 100644
--- a/arch/mips/include/asm/errno.h
+++ b/arch/mips/include/asm/errno.h
@@ -121,6 +121,8 @@

#define ERFKILL 167 /* Operation not possible due to RF-kill */
#define ENOAUTHSERVICE 168 /* Authentication service not available */
+#define ENONAMESERVICE 169 /* Network name service unavailable */
+#define ENAMEUNKNOWN 170 /* Network name unknown */

#define EHWPOISON 168 /* Memory page has hardware error */

diff --git a/arch/parisc/include/asm/errno.h b/arch/parisc/include/asm/errno.h
index c4598b6..6b3bc7f 100644
--- a/arch/parisc/include/asm/errno.h
+++ b/arch/parisc/include/asm/errno.h
@@ -122,6 +122,8 @@

#define ERFKILL 256 /* Operation not possible due to RF-kill */
#define ENOAUTHSERVICE 257 /* Authentication service not available */
+#define ENONAMESERVICE 258 /* Network name service unavailable */
+#define ENAMEUNKNOWN 259 /* Network name unknown */

#define EHWPOISON 257 /* Memory page has hardware error */

diff --git a/arch/sparc/include/asm/errno.h b/arch/sparc/include/asm/errno.h
index ab4f9f5..5fab088 100644
--- a/arch/sparc/include/asm/errno.h
+++ b/arch/sparc/include/asm/errno.h
@@ -112,6 +112,8 @@

#define ERFKILL 134 /* Operation not possible due to RF-kill */
#define ENOAUTHSERVICE 135 /* Authentication service not available */
+#define ENONAMESERVICE 136 /* Network name service unavailable */
+#define ENAMEUNKNOWN 137 /* Network name unknown */

#define EHWPOISON 135 /* Memory page has hardware error */

diff --git a/include/asm-generic/errno.h b/include/asm-generic/errno.h
index 52325ca..719f60c 100644
--- a/include/asm-generic/errno.h
+++ b/include/asm-generic/errno.h
@@ -108,6 +108,8 @@

#define ERFKILL 132 /* Operation not possible due to RF-kill */
#define ENOAUTHSERVICE 133 /* Authentication service not available */
+#define ENONAMESERVICE 134 /* Network name service unavailable */
+#define ENAMEUNKNOWN 135 /* Network name unknown */

#define EHWPOISON 133 /* Memory page has hardware error */



2012-02-08 16:15:25

by Joseph Myers

[permalink] [raw]
Subject: Re: [PATCH 1/2] Define ENOAUTHSERVICE to indicate "Authentication service unavailable"

On Wed, 8 Feb 2012, David Howells wrote:

> #define ERFKILL 132 /* Operation not possible due to RF-kill */
> +#define ENOAUTHSERVICE 133 /* Authentication service not available */
>
> #define EHWPOISON 133 /* Memory page has hardware error */

Defining the new error to have the same value as EHWPOISON seems rather
odd....

--
Joseph S. Myers
[email protected]