Re: [PATCH 00/18] Migrate rpcsec_gss_krb5 to the crypto/krb5 library
From: Jeff Layton
Date: Wed Apr 29 2026 - 02:43:32 EST
On Mon, 2026-04-27 at 09:50 -0400, Chuck Lever wrote:
> The rpcsec_gss_krb5 module carries its own Kerberos 5 crypto imple-
> mentation: key derivation, CBC-CTS encryption, HMAC checksumming,
> and the encrypt-then-MAC construction from RFC 8009. Keeping
> cryptographic code inside an RPC module means it receives review
> only from the SUNRPC maintainers, who lack deep crypto expertise.
> Vulnerabilities and algorithmic errors can persist unnoticed.
>
> Replacing the private SunRPC Kerberos implementation eliminates
> this duplicated audit surface. A single implementation of Kerberos
> 5 key derivation and authenticated encryption is easier to verify
> than two independent copies. New encryption types and hardware
> offload added to crypto/krb5 will automatically become available
> to SunRPC Kerberos consumers.
>
> The crypto/krb5 library handles enctype differences internally, so
> a single encrypt function and a single decrypt function serve all
> enctypes, eliminating the per-enctype dispatch table that previously
> existed in struct gss_krb5_enctype.
>
> RFC 4121 Section 4.2.4 requires MIC checksums to cover the message
> body followed by the GSS token header. The crypto/krb5 get_mic/
> verify_mic API hashes optional metadata before the scatterlist
> data, which is the wrong order for the GSS header. The header is
> therefore placed at the end of the scatterlist rather than passed
> as the metadata parameter, and a dedicated gss_krb5_mic_build_sg()
> helper constructs this three-section layout (checksum area, message
> body, token header) with proper sg_mark_end() termination.
>
> This implementation was available during the Spring 2026 NFS bake-
> a-thon, and received testing there.
>
> ---
> Chuck Lever (18):
> SUNRPC: Add Kconfig dependency on CRYPTO_KRB5
> SUNRPC: Add crypto/krb5 enctype lookup to krb5_ctx
> SUNRPC: Add helpers to convert xdr_buf byte ranges to scatterlists
> SUNRPC: Add errno-to-GSS status conversion helper
> SUNRPC: Prepare crypto/krb5 encryption and checksum handles
> SUNRPC: Switch wrap token encryption to crypto/krb5
> SUNRPC: Switch wrap token decryption to crypto/krb5
> SUNRPC: Switch Camellia decrypt to crypto/krb5
> SUNRPC: Switch MIC token generation to crypto/krb5
> SUNRPC: Switch MIC token verification to crypto/krb5
> SUNRPC: Remove get_mic/verify_mic function pointers from enctype table
> SUNRPC: Remove wrap/unwrap function pointers from enctype table
> SUNRPC: Remove encrypt/decrypt function pointers from enctype table
> SUNRPC: Remove legacy skcipher/ahash handles from krb5_ctx
> SUNRPC: Remove dead code from rpcsec_gss_krb5
> SUNRPC: Remove per-enctype Kconfig options
> SUNRPC: Remove redundant crypto Kconfig dependencies
> SUNRPC: Remove dead rpcsec_gss_krb5 definitions
>
> include/linux/sunrpc/gss_krb5.h | 105 --
> include/linux/sunrpc/xdr.h | 16 +-
> net/sunrpc/.kunitconfig | 29 -
> net/sunrpc/Kconfig | 56 +-
> net/sunrpc/auth_gss/Makefile | 4 +-
> net/sunrpc/auth_gss/gss_krb5_crypto.c | 1014 ++++-------------
> net/sunrpc/auth_gss/gss_krb5_internal.h | 155 +--
> net/sunrpc/auth_gss/gss_krb5_keys.c | 546 ---------
> net/sunrpc/auth_gss/gss_krb5_mech.c | 441 ++------
> net/sunrpc/auth_gss/gss_krb5_seal.c | 47 +-
> net/sunrpc/auth_gss/gss_krb5_test.c | 1868 -------------------------------
> net/sunrpc/auth_gss/gss_krb5_unseal.c | 36 +-
> net/sunrpc/auth_gss/gss_krb5_wrap.c | 13 +-
> net/sunrpc/xdr.c | 266 +++--
> 14 files changed, 573 insertions(+), 4023 deletions(-)
> ---
> base-commit: f3a96328282e8d41ba9f478d24ac122e4cbd2989
> change-id: 20260316-crypto-krb5-api-b9ee22636698
>
> Best regards,
> --
> Chuck Lever
Love that diffstat. Nice work!
One comment in general: Do you need to add Assisted-by: tags to any of
this? You can add this to the set:
Reviewed-by: Jeff Layton <jlayton@xxxxxxxxxx>