Re: [PATCH net v3 09/11] rxrpc: Fix keyring reference count leak in rxrpc_setsockopt()

Next message: Krzysztof Kozlowski: "Re: [PATCH v2 1/7] dt-bindings: dmaengine: Add SpacemiT K1 DMA request definitions"
Previous message: Thomas Zimmermann: "Re: [PATCH v3 1/3] drm: Introduce DRM_MODE_DUMB_KERNEL_MAP flag"
In reply to: Anderson Nascimento: "Re: [PATCH net v3 09/11] rxrpc: Fix keyring reference count leak in rxrpc_setsockopt()"
Next in thread: Anderson Nascimento: "Re: [PATCH net v3 09/11] rxrpc: Fix keyring reference count leak in rxrpc_setsockopt()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: David Howells

Date: Fri Mar 27 2026 - 03:27:47 EST

Anderson Nascimento <anderson@xxxxxxxxxxxxxxxxxx> wrote:

> To make the logic more coherent, what if we check if (rx->key ||
> rx->securities) in both options and remove the rx->securities check from
> rxrpc_request_key()?

You're allowed to have both a keyring (server) and a key (client). You can
issue client calls on a server socket. The in-kernel kafs filesystem does
this, for example - though it normally sets the outgoing key on individual
calls.

To parallel the kernel example, it might be worth my while adding a CMSG tag
to take a key ID or key description so the rxrpc_sendmsg() can do a
request_key() when setting up a call (the AF_RXRPC socket allows a different
key with each call dispatched), though the AFS command line tools tend only to
talk to a single cell at a time (you only need one key for comms with an
entire cell).

Davod