[PATCH net v3 09/11] rxrpc: Fix keyring reference count leak in rxrpc_setsockopt()
David Howells
dhowells at redhat.com
Fri Mar 27 00:24:40 PDT 2026
Anderson Nascimento <anderson at allelesecurity.com> wrote:
> To make the logic more coherent, what if we check if (rx->key ||
> rx->securities) in both options and remove the rx->securities check from
> rxrpc_request_key()?
You're allowed to have both a keyring (server) and a key (client). You can
issue client calls on a server socket. The in-kernel kafs filesystem does
this, for example - though it normally sets the outgoing key on individual
calls.
To parallel the kernel example, it might be worth my while adding a CMSG tag
to take a key ID or key description so the rxrpc_sendmsg() can do a
request_key() when setting up a call (the AF_RXRPC socket allows a different
key with each call dispatched), though the AFS command line tools tend only to
talk to a single cell at a time (you only need one key for comms with an
entire cell).
Davod
More information about the linux-afs
mailing list