[PATCH 00/18] Migrate rpcsec_gss_krb5 to the crypto/krb5 library

[Chuck Lever]

The rpcsec_gss_krb5 module carries its own Kerberos 5 crypto imple-
mentation: key derivation, CBC-CTS encryption, HMAC checksumming,
and the encrypt-then-MAC construction from RFC 8009. Keeping
cryptographic code inside an RPC module means it receives review
only from the SUNRPC maintainers, who lack deep crypto expertise.
Vulnerabilities and algorithmic errors can persist unnoticed.

Replacing the private SunRPC Kerberos implementation eliminates
this duplicated audit surface. A single implementation of Kerberos
5 key derivation and authenticated encryption is easier to verify
than two independent copies. New encryption types and hardware
offload added to crypto/krb5 will automatically become available
to SunRPC Kerberos consumers.

The crypto/krb5 library handles enctype differences internally, so
a single encrypt function and a single decrypt function serve all
enctypes, eliminating the per-enctype dispatch table that previously
existed in struct gss_krb5_enctype.

RFC 4121 Section 4.2.4 requires MIC checksums to cover the message
body followed by the GSS token header. The crypto/krb5 get_mic/
verify_mic API hashes optional metadata before the scatterlist
data, which is the wrong order for the GSS header. The header is
therefore placed at the end of the scatterlist rather than passed
as the metadata parameter, and a dedicated gss_krb5_mic_build_sg()
helper constructs this three-section layout (checksum area, message
body, token header) with proper sg_mark_end() termination.

This implementation was available during the Spring 2026 NFS bake-
a-thon, and received testing there.

---
Chuck Lever (18):
      SUNRPC: Add Kconfig dependency on CRYPTO_KRB5
      SUNRPC: Add crypto/krb5 enctype lookup to krb5_ctx
      SUNRPC: Add helpers to convert xdr_buf byte ranges to scatterlists
      SUNRPC: Add errno-to-GSS status conversion helper
      SUNRPC: Prepare crypto/krb5 encryption and checksum handles
      SUNRPC: Switch wrap token encryption to crypto/krb5
      SUNRPC: Switch wrap token decryption to crypto/krb5
      SUNRPC: Switch Camellia decrypt to crypto/krb5
      SUNRPC: Switch MIC token generation to crypto/krb5
      SUNRPC: Switch MIC token verification to crypto/krb5
      SUNRPC: Remove get_mic/verify_mic function pointers from enctype table
      SUNRPC: Remove wrap/unwrap function pointers from enctype table
      SUNRPC: Remove encrypt/decrypt function pointers from enctype table
      SUNRPC: Remove legacy skcipher/ahash handles from krb5_ctx
      SUNRPC: Remove dead code from rpcsec_gss_krb5
      SUNRPC: Remove per-enctype Kconfig options
      SUNRPC: Remove redundant crypto Kconfig dependencies
      SUNRPC: Remove dead rpcsec_gss_krb5 definitions

 include/linux/sunrpc/gss_krb5.h         |  105 --
 include/linux/sunrpc/xdr.h              |   16 +-
 net/sunrpc/.kunitconfig                 |   29 -
 net/sunrpc/Kconfig                      |   56 +-
 net/sunrpc/auth_gss/Makefile            |    4 +-
 net/sunrpc/auth_gss/gss_krb5_crypto.c   | 1014 ++++-------------
 net/sunrpc/auth_gss/gss_krb5_internal.h |  155 +--
 net/sunrpc/auth_gss/gss_krb5_keys.c     |  546 ---------
 net/sunrpc/auth_gss/gss_krb5_mech.c     |  441 ++------
 net/sunrpc/auth_gss/gss_krb5_seal.c     |   47 +-
 net/sunrpc/auth_gss/gss_krb5_test.c     | 1868 -------------------------------
 net/sunrpc/auth_gss/gss_krb5_unseal.c   |   36 +-
 net/sunrpc/auth_gss/gss_krb5_wrap.c     |   13 +-
 net/sunrpc/xdr.c                        |  266 +++--
 14 files changed, 573 insertions(+), 4023 deletions(-)
---
base-commit: f3a96328282e8d41ba9f478d24ac122e4cbd2989
change-id: 20260316-crypto-krb5-api-b9ee22636698

Best regards,
--  
Chuck Lever