*.o
*.os
libkafs_client.so*
+TAGS
#
###############################################################################
MAN1 := $(MANDIR)/man1
+MAN5 := $(MANDIR)/man5
+MAN7 := $(MANDIR)/man7
+MAN8 := $(MANDIR)/man8
install: all
$(MAKE) -C src install
- $(INSTALL) -D -m 0644 man/aklog-kafs.1 $(DESTDIR)$(MAN1)/aklog-kafs.1
- $(INSTALL) -D -m 0644 man/aklog.1 $(DESTDIR)$(MAN1)/aklog.1
+ $(MKDIR) -p -m755 $(DESTDIR)$(MAN1)/
+ $(MKDIR) -p -m755 $(DESTDIR)$(MAN5)/
+ $(MKDIR) -p -m755 $(DESTDIR)$(MAN7)/
+ $(MKDIR) -p -m755 $(DESTDIR)$(MAN8)/
+ $(INSTALL) -D -m 0644 man/*.1 $(DESTDIR)$(MAN1)/
+ $(INSTALL) -D -m 0644 man/*.5 $(DESTDIR)$(MAN5)/
+ $(INSTALL) -D -m 0644 man/*.7 $(DESTDIR)$(MAN7)/
+ $(INSTALL) -D -m 0644 man/*.8 $(DESTDIR)$(MAN8)/
$(INSTALL) -D -m 0644 conf/cellservdb.conf $(DESTDIR)$(DATADIR)/cellservdb.conf
$(INSTALL) -D -m 0644 conf/etc.conf $(DESTDIR)$(ETCDIR)/kafs/client.conf
$(INSTALL) -D -m 0644 conf/kafs_dns.conf $(DESTDIR)$(ETCDIR)/request-key.d/kafs_dns.conf
--- /dev/null
+.so rxrpc.7
--- /dev/null
+.\"
+.\" Copyright (C) 2019 Red Hat, Inc. All Rights Reserved.
+.\" Written by David Howells (dhowells@redhat.com)
+.\"
+.\" This program is free software; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License
+.\" as published by the Free Software Foundation; either version
+.\" 2 of the License, or (at your option) any later version.
+.\"
+.TH KAFS-CHECK-CONFIG 1 "16 Apr 2019" Linux "AFS Config Checker"
+.SH NAME
+kafs-check-config \- AFS configuration check tool
+.SH SYNOPSIS
+\fBkafs-check-config\fR [OPTION]... [<cellname>]*
+.P
+Where options are:
+.P
+.RS
+[-46PDvv] [-c <conffile>]* [-N <restriction>]
+.RE
+.SH DESCRIPTION
+This program is used to check the configuration for the in-kernel AFS
+filesystem (kAFS). This configuration is used when systemd mounts the
+filesystem to load up the cell database and create cell automounts in the /afs
+directory.
+.P
+The configuration is also used by the kernel name resolver upcall to provide
+static configuration for some cells and to specify overrides and limits on DNS
+lookups.
+.P
+If a list of \fB<cellname>\fR arguments is given, the listed cells will be
+dumped, including the sources of the Volume Location records and address
+records.
+.P
+The available options are:
+.SH ARGUMENTS
+.IP -4
+Only show IPv4 addresses in the dump.
+.IP -6
+Only show IPv6 addresses in the dump.
+.IP -P
+Dump the parse tree of the configuration file(s).
+.IP -D
+Dump the cell database extracted from the configuration.
+.IP -v
+Increase the verbosity of the output. This may be specified multiple times.
+.IP "-c <conffile>"
+Specify a configuration file to read instead of the system default. This may
+be specified multiple times and the configuration files are read and applied in
+order.
+.IP "-N <restriction>"
+Apply a restriction to the lookup performed for the listed cells (if any are).
+Restrictions include:
+.RS
+.IP "-N vl-srv"
+Don't use SRV records to find Volume Location servers.
+.IP "-N vl-afsdb"
+Don't use AFSDB records to find Volume Location servers.
+.IP "-N vl-all"
+Don't use SRV or AFSDB records to find Volume Location servers.
+.IP "-N vl-host"
+Don't look cell name up as hostname to find a Volume Location server.
+.IP "-N vl-dns"
+Don't do any lookups to find Volume Location servers. Use only the static
+configuration.
+.RE
+.SH EXIT STATUS
+.IP 0
+If check okay and any dumping succeeded.
+.IP 1
+If an error occurs during processing.
+.IP 2
+If a command line error occurs.
+.SH SEE ALSO
+.ad l
+.nh
+.BR kafs (7),
+.BR kafs\-client.conf (5)
--- /dev/null
+.\" -*- nroff -*-
+.\" Copyright (C) 2019 Red Hat, Inc. All Rights Reserved.
+.\" Written by David Howells (dhowells@redhat.com)
+.\"
+.\" This program is free software; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License
+.\" as published by the Free Software Foundation; either version
+.\" 2 of the License, or (at your option) any later version.
+.\"
+.TH KAFS-CLIENT.CONF 5 "17 Apr 2019" Linux "kAFS Configuration"
+.SH NAME
+/etc/kafs/client.conf
+.br
+/etc/kafs/client.d/ \- kAFS filesystem configuration
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH DESCRIPTION
+Configuration information for the in-kernel kAFS filesystem can be provided in
+the /etc/kafs/ directory. This may include the following:
+.IP
+- A list of cells to be preconfigured
+.IP
+- Fallback addresses for each cell.
+.IP
+- The name of the default cell (the
+.B @cell
+substitution).
+.IP
+- A list of strings for the
+.BR @sys " substitution."
+.PP
+When the
+.B afs.mount
+service is started by
+.BR systemd (1),
+a configuration service
+.RB ( kafs-config.service )
+runs first and loads the configuration into the kernel from the
+.B client.conf
+file. This contains directives to include other things, such as the contents
+of the
+.B client.d/
+directory and the generic public cell database.
+.PP
+Once the afs.mount service is started (or if an AFS volume is manually
+mounted), if a mountpoint is triggered, the kernel will upcall by means of
+.BR request-key (8)
+to look up addresses for the Volume Location servers for the named cell. This
+will also parse the configuration.
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH CONFIGURATION FILE FORMAT
+The file format is based on the MIT Kerberos configuration file format. There
+are a couple of general directives:
+.TP
+.BR include " " /path/to/file
+This includes the contents of the named file in the parse at this point.
+.TP
+.BR includedir " " /path/to/dir/
+This includes the files in the named directory in the parse at this point.
+Files that have names beginning with "." or ending with "~" are ignored.
+.PP
+Leading and trailing whitespace on a line is ignored. Any line otherwise
+beginning with a "#" character is considered a comment and ignored.
+.PP
+Any line that contains a label bounded by square brackets, e.g. "[cells]", by
+itself on that line denotes a switch to the section specified by that label.
+.PP
+Configuration data is specified within a named section as a series of
+.BR key = value
+pairs, where a value may be one of nothing, an unquoted string, a quoted
+string or a braced lists containing further key=value pairs. Whitespace
+either side of the "=" symbol is ignored.
+.PP
+For example:
+.PP
+.RS
+.nf
+[cells]
+rivendell.example.com = {
+ description = "Last Homely Cell"
+ use_dns = yes
+ servers = {
+ elrond.rivendell.example.com = {
+ address = 192.0.2.23
+ }
+ }
+}
+.fi
+.RE
+.PP
+If two or more consecutive clauses specify values for the same key sequence
+(so cells:rivendell.example.com:use_dns, for example), then they are merged
+together to form a single list. If a single value is expected for a
+configuration item, the last element in the list is taken.
+.PP
+To prevent overriding by subsequent conflicting configuration, an asterisk can
+be placed after the closing brace in a braced list to indicate that that list
+is closed, for example:
+.PP
+.RS
+.nf
+[cells]
+rivendell.example.com = {
+ description = "Foo"
+ use_dns = no
+}*
+.fi
+.RE
+.PP
+Strings that are intepreted as boolean values are classed as false if they
+match one of
+.BR 0 ", " f ", " false ", " n ", " no " or " off ,
+and classed as true if they match one off
+.BR 1 ", " t ", " true ", " y ", " yes " or " on .
+The match is case-independent.
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH GENERAL SETTINGS
+The first section contains general system-level settings shared between all
+utilities and the kernel. This is denoted by the section label
+"\fB[defaults]\fP".
+.PP
+The system settings that may be changed are configured in this section with
+the following key-value pairs:
+.TP
+.B thiscell = <cellname>
+This sets the name of the local cell. This will be used to configure the
+.B @cell
+path substitution and will also supply the default cellname for
+.BR aklog-kafs (1).
+.TP
+.B sysname = [<systype>]*
+This specifies a (potentially empty) list of strings which the kernel should
+attempt to substitute in turn for "\fB@sys\fR" at the end of a filename until
+a match is found.
+
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH CELL DEFINITIONS
+The second section contains a list of preconfigured cells, to be used in
+preloading the cell list in /afs and also to provide fallback or override
+address data for locating Volume Location servers. This is denoted by the
+section label "\fB[cells]\fP".
+.PP
+Within the cell list, each cell is declared with a key=value pair, where the
+key is the name of the cell and the value is a braced list indicating the
+details, e.g.:
+.PP
+.RS
+.nf
+.B [cells]
+rivendell.example.com = {
+ ...
+}
+.fi
+.RE
+.PP
+A cell definition may contain any number of key=value pairs. The keys that
+are taken note of are:
+.TP
+.BR description " = " <string>
+This is a text description for the cell.
+.TP
+.BR show_cell " = " <boolean>
+Whether a cell should be shown in /afs.
+.TP
+.BR use_dns " = " <boolean>
+Whether address look ups for a cell may use the DNS.
+.TP
+.BR kerberos_realm " = " <string>
+The name of the Kerberos realm to use for a cell by default.
+.TP
+.BR servers " = " { " ... " }
+A list of servers for the cell, where each element in the list is a key=value
+pair, where the key is the name of a server and the value is a braced section
+of the details for that server.
+.PP
+The elements in the list of server details attached to each server can
+comprise the following keys:
+.TP
+.B type = vlserver
+The server is an AFS Volume Location server. This is the default.
+.TP
+.B type = ptserver
+The server is an AFS Protection server.
+.TP
+.BR address " = " [<protocol>/]<address>[:<port>]
+Specify a single address for a server. The
+.B address
+is required and can be a single IPv4 or a single IPv6 address, and may be
+brackets with square brackets (to avoid confusion with the port number, if
+specified). The
+.B protocol
+is optional; currently only
+.B udp
+is supported. The
+.B port
+is also optional and may be specified to change the UDP port from the default
+for the server type.
+
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH EXAMPLE
+.PP
+.nf
+.B [defaults]
+thiscell = rivendell.example.com
+sysname = fedora28_x86 amd64_linux
+
+.B [cells]
+corp.example.com = {
+ description = "Valinor Corporation cell"
+ use_dns = yes
+ servers = {
+ manwe.corp.example.com = {
+ address = 2001:db8:123::13
+ address = 203.0.113.19
+ }
+ ulmo.corp.example.com = {
+ address = [2001:db8:123::750c:1234]:6666
+ address = 203.0.113.3:6666
+ }
+ aule.corp.example.com = {
+ address = udp/[2001:db8:123::abcd:9090]
+ address = udp/203.0.113.189
+ }
+ namo.corp.example.com = {
+ type = ptserver
+ address = 2001:db8:123::8888
+ address = 203.0.113.88
+ }
+ }
+}
+
+rivendell.example.com = {
+ description = "Last Homely Cell"
+ servers = {
+ elrond.rivendell.example.com = {
+ address = 192.0.2.23
+ }
+ arwen.rivendell.example.com = {
+ address = 192.0.2.75
+ }
+ }
+}
+.fi
+.PP
+
+
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH SEE ALSO
+.ad l
+.nh
+.BR kafs (7),
+.BR kafs\-check\-config (8),
+.BR systemd (1)
--- /dev/null
+.\"
+.\" Copyright (C) 2019 Red Hat, Inc. All Rights Reserved.
+.\" Written by David Howells (dhowells@redhat.com)
+.\"
+.\" This program is free software; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License
+.\" as published by the Free Software Foundation; either version
+.\" 2 of the License, or (at your option) any later version.
+.\"
+.TH KAFS 7 "16 Apr 2019" Linux "In-kernel AFS filesystem"
+.SH NAME
+kafs \- In-kernel AFS filesystem
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH DESCRIPTION
+.B kafs
+is a network filesystem driver in the Linux kernel that is able to access AFS
+cells and the servers contained therein to locate the logical volumes that
+comprise the cell and the files contained in each volume.
+.P
+It supports transport over IPv4 UDP and IPv6 UDP and security based on
+Kerberos. The authentication token is used to define the user for the purpose
+of providing access control as well as providing communications security.
+.P
+The filesystem is of type "afs" and the mount command can be used to mount afs
+volumes manually using the "-t" flag on
+.BR mount (8).
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH SETTING UP
+The \fBkafs-client\fP package should be installed to so that systemd is
+configured to include a mount of AFS dynamic root on /afs. Note that mounting
+/afs is not enabled by default, so if it is needed, then \fIsystemd\fP should
+be told to enable it. This can be done with the following step:
+.P
+.RS
+.nf
+systemctl enable afs.mount
+.fi
+.RE
+.P
+This will mount a special directory on \fB/afs\fR which will be populated by
+an automount directory for each cell listed in the configuration. Doing a
+pathwalk into one of these directories will result in the \fBafs.cell\fR
+volume from the cell being mounted onto that directory.
+.P
+Local configuration should be placed in a file in the /etc/kafs/client.d/
+directory. This will be included from client.conf in the next directory up.
+.P
+Typically in the local configuration, the local cell name would be specified
+and backup details of its Volume Location server addresses would be given.
+.P
+Also any overrides for the @sys filename substitution would be specified. See
+.BR kafs\-client.conf (5).
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH OPERATION
+Once the kafs-client is set up (and if there's no local cell, this is
+practically zero-conf, provided the cells to be accessed are properly set up
+with AFSDB or SRV records in the DNS), the /afs directory can be accessed:
+.P
+.RS
+.nf
+ls /afs/<cell>/location/within/cell
+.fi
+.RE
+.P
+For example:
+.P
+.RS
+.nf
+ls /afs/rivendell.example.com/doc
+.fi
+.RE
+.P
+The user isn't limited to cells listed in /afs, but any cell can be tried by
+just substituting the name of the cell into the above formula. It does
+require the target to have DNS-based configuration provided.
+.P
+Note that each logical volume gets a discrete superblock and links between
+volumes turn into kernel mountpoints that, if stepped on, cause the
+appropriate volume to be mounted over them.
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH SECURITY
+.P
+kafs supports Kerberos-based authentication and communication encryption
+through the use of Kerberos. The \fBkinit\fP program can be use to
+authenticate with a Kerberos server:
+.P
+.RS
+.nf
+kinit myname@RIVENDELL.EXAMPLE.COM
+.fi
+.RE
+.P
+and then the \fBaklog-kafs\fP program to get a ticket for the kernel
+filesystem to use:
+.P
+.RS
+.nf
+aklog-kafs rivendell.example.com
+.fi
+.RE
+.P
+This will be placed on the caller's session keyring and can be viewed there
+with:
+.P
+.RS
+.nf
+keyctl show
+.fi
+.RE
+.P
+Note that the default realm is assumed to be the same as the cell name, but in
+all upper case.
+
+
+
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH SEE ALSO
+.ad l
+.nh
+.BR aklog\-kafs (1),
+.BR kafs\-client.conf (5),
+.BR keyctl (1),
+.BR kinit (1),
+.BR rxrpc (7),
+.BR session\-keyring (7),
+.BR systemctl (1)
--- /dev/null
+.\"
+.\" Copyright (C) 2019 Red Hat, Inc. All Rights Reserved.
+.\" Written by David Howells (dhowells@redhat.com)
+.\"
+.\" This program is free software; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License
+.\" as published by the Free Software Foundation; either version
+.\" 2 of the License, or (at your option) any later version.
+.\"
+.TH AF_RXRPC 7 "16 Apr 2019" "Linux" "Linux Programmer's Manual"
+.SH NAME
+rxrpc \- Linux RxRPC (AFS) protocol implementation
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH SYNOPSIS
+.B #include <sys/socket.h>
+.br
+.B #include <linux/rxrpc.h>
+.PP
+.IB socket " = socket(AF_RXRPC, SOCK_DGRAM, PF_INET);"
+.br
+.IB socket " = socket(AF_RXRPC, SOCK_DGRAM, PF_INET6);"
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH DESCRIPTION
+Linux optionally implements the RxRPC transport protocol, as used by the AFS
+network filesystem. Both client and server ends are support - even on the same
+socket - and authentication is supported at both ends.
+.P
+This can be used through the BSD socket interface, using the
+.BR sendmsg "(2) and " recvmsg (2)
+system calls with control data to multiplex calls over the socket and to
+provide or retrieve call metadata.
+.BR request_key (2)
+is used to find the authentication keys to use in the calling process's
+keyrings.
+.P
+The AF_RXRPC driver uses \fBudp\fR(7) sockets underneath, either IPv4-only or
+IPv6 (with IPv4), for transport. Under certain circumstances, the underlying
+transport sockets may be shared between client-only sockets (but are never
+shared if a socket is implementing a server).
+.P
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SS Address format
+.in +4n
+.EX
+struct sockaddr_rxrpc {
+ sa_family_t srx_family; /* AF_RXRPC */
+ uint16_t srx_service; /* The service identifier */
+ uint16_t transport_type; /* The type of transport */
+ uint16_t transport_len; /* Transport address length */
+ union {
+ sa_family_t family; /* Transport address family */
+ struct sockaddr_in sin; /* IPv4 transport address */
+ struct sockaddr_in6 sin6; /* IPv6 transport address */
+ } transport;
+};
+.EE
+.in
+.PP
+Where
+.I srx_family
+is always set to
+.BR AF_RXRPC ;
+.I srx_service
+is set to the service ID of the desired service;
+.I transport_type
+is set to the transport type, which is always
+.B SOCK_DGRAM
+for now;
+.I transport_len
+says how big the address in
+.I transport
+is.
+.P
+Inside the transport address part, and appropriate address for the underlying
+socket should be set, including things like family, port and address as
+appropriate. Note that it may be permissible to use IPv4 addresses on an IPv6
+socket.
+.P
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SS Socket Options
+AF_RXRPC provides a number of socket options that can be set with
+.BR setsockopt (2)
+and read with
+.BR getsockopt (2).
+The socket option level for IPv6 is
+.BR SOL_RXRPC .
+.TP
+.B RXRPC_SECURITY_KEY
+The option value is a string that specifies the name of a key to pass to
+.BR request_key (2)
+to get an appropriate authentication key. Such keys are expected to be of
+\fIrxrpc\fR type.
+.IP
+If this isn't set, AF_RXRPC will perform an unauthenticated, unencrypted call
+to the server.
+.TP
+.B RXRPC_SECURITY_KEYRING
+The option value is a string that specifies the name of a keyring to pass to
+.BR request_key (2)
+to specify the keys used by the server end to authenticate connections.
+.IP
+The service keys in the ring should be of type rxrpc_s and their descriptions should be
+of the form "<service-id>:<security-index>" and each should be given an 8-byte secret.
+.TP
+.B RXRPC_EXCLUSIVE_CONNECTION
+The option value should be empty. This causes each call made on this socket to
+get its own virtual connection and thus its own negotiated security context.
+.TP
+.B RXRPC_MIN_SECURITY_LEVEL
+The option value should be a 4-byte unsigned integer. This can be one of the
+following constants:
+.BR RXRPC_SECURITY_PLAIN ", " RXRPC_SECURITY_AUTH " or " RXRPC_SECURITY_ENCRYPT ;
+the first indicating the packets should be securely checksummed only, the
+second that packets should be authenticated and the third that full encryption
+should be employed.
+
+.TP
+.B RXRPC_UPGRADEABLE_SERVICE
+The option value should be a 2-slot array of 2-byte unsigned integers. To use
+this, the socket must be a server socket and must have been bound to more than
+one address with different \fIsrx_service\fP specifiers.
+.IP
+Slot[0] in the array specified the service ID to upgrade from; slot[1]
+specifies the service ID to upgrade to. This allows a client to find out if
+there's a 'better' version of the service available on the same address, but a
+different service ID.
+.IP
+If the client follows the correct protocol for probing an upgradeable service,
+the kernel will automatically upgrade the service ID on the connection and this
+will be reflected in the address returned by
+.IR recvmsg "(2)."
+.TP
+.B RXRPC_SUPPORTED_CMSG
+The option buffer should have room for a 4-byte integer. The maximum control
+buffer message type supported by the kernel is written into the buffer. This
+allows an application to find out what control messages it may use so that it
+can avoid getting an error if it tries to use something unsupported.
+.P
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SS Message flags
+AF_RXRPC communicates certain information by way of the message flags passed to
+and received from
+.BR sendmsg "(2) and " recvmsg (2).
+.TP
+.B MSG_MORE
+This is passed to sendmsg() to indicate that there is more data to be
+transmitted as part of the request phase of a client call or the reply phase of
+a service operation.
+.B MSG_EOR
+recvmsg() sets this to indicate that the call has been terminated (the control
+messages must be parsed for information as to why) and that the kernel has
+discarded the user call ID tag. The tag may now be reused.
+.B MSG_PEEK
+This is passed to recvmsg() to look at the front of the message queue without
+removing any messages or changing the state of any outstanding calls.
+.B MSG_WAITALL
+This is passed to sendmsg() to instruct it not to return for a signal if it is
+still loading up the message queue and progress is being made at the other side
+in emptying it. This works around the problem of sendmsg() getting interrupted
+after partially queuing its data, but not then being able to return how much it
+has consumed.
+.B MSG_DONTWAIT
+This is passed to recvmsg() to indicate that it shouldn't wait if the message
+queue is empty.
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SS Control messages
+AF_RXRPC communicates metadata to the caller through the ancillary data buffer
+(\fImsg_control\fP) in the messages passed to and fro using
+.BR sendmsg "(2) and " recvmsg (2).
+When building a control message buffer for sendmsg(), the RXRPC_SUPPORTED_CMSG
+value should be consulted to make sure that the control message type is
+supported.
+.TP
+.B RXRPC_USER_CALL_ID
+The data for this is an arbitrary long integer/pointer-sized tag that
+represents the call to the kernel. It may, for example, hold a pointer to some
+userspace structure representing the call to the process.
+.IP
+[sendmsg] This is passed to sendmsg() when the message proposed will create a
+client call. It must thereafter be included in all future sendmsg() calls
+pertaining to that call.
+.IP
+[recvmsg] recvmsg() includes the tag in all messages pertaining to a call until
+the final termination message is reached - which recvmsg() will mark by setting
+MSG_EOR.
+.TP
+.B RXRPC_ABORT
+The data for this is a 32-bit integer that is the abort code.
+.IP
+[sendmsg] When passed to sendmsg(), this causes the operation matching the tag
+to be aborted; this will be followed up by recvmsg() indicating MSG_EOR and a
+local error of ECONNABORTED, thereby terminating the tag.
+.IP
+[recvmsg] When obtained from recvmsg(), this indicates that a remote abort was
+received from the peer and the data gives the code for that abort.
+.TP
+.B RXRPC_ACK
+[recvmsg] This conveys no data. It indicates the final acknowledgement to a
+service call has been received.
+.TP
+.B RXRPC_NET_ERROR
+[recvmsg] This conveys a 32-bit integer into which the network error that
+terminated a call will have been placed.
+.TP
+.B RXRPC_BUSY
+[recvmsg] This conveys no data. It indicates that the operation has been
+rejected because the server is busy.
+.TP
+.B RXRPC_LOCAL_ERROR
+[recvmsg] This conveys a 32-bit integer into which the local error that
+terminated a call will have been placed.
+.TP
+.B RXRPC_NEW_CALL
+[recvmsg] This conveys no data. It indicates that a new service call has
+arrived at a server socket and is in need of a tag. RXRPC_ACCEPT is must be
+used for that.
+.TP
+.B RXRPC_ACCEPT
+The data for this is an arbitrary long integer/pointer-sized tag that
+represents the call to the kernel with the same semantics as for
+RXRPC_USER_CALL_ID.
+.IP
+[sendmsg] Supply a user call ID tag to a new service call.
+.TP
+.B RXRPC_EXCLUSIVE_CALL
+[sendmsg] Indicate that this particular call should be made on its own
+connection with an unshared negotiated security context. This requires no
+additional data.
+.TP
+.B RXRPC_UPGRADE_SERVICE
+[sendmsg] Indicate that this call should attempt to probe the service ID on the
+other side to see if it gets upgraded. The answer can be found in the
+srx_service value of the peer address recvmsg() returns for this call. This
+requires no additional data.
+.TP
+.B RXRPC_TX_LENGTH
+The data for this is a signed 64-bit integer.
+.IP
+[sendmsg] Specify the exact total transmit size. This allows AF_RXRPC to work
+out in advance how big encrypted packets are going to be (under some
+circumstances, there's a data length encrypted inside the packet).
+.IP
+If this is set, it may allow AF_RXRPC to be more efficient at filling packets.
+If the wrong amount of data is given (too little or too much), then the call
+will be aborted.
+.TP
+.B RXRPC_SET_CALL_TIMEOUT
+The data for this is an array of 1-3 32-bit integers.
+.IP
+[sendmsg] Specify various call timeouts. The first timeout is the \fIhard\fP timeout
+for the call in seconds: the call will be aborted if it takes longer than this
+amount of time in total.
+.IP
+The second timeout is the \fIidle\fP timeout for the call in milliseconds: the
+call will be aborted if we don't receive the next DATA packet within that
+amount of time during the reception phase.
+.IP
+The third timeout is the \fInormal\fP timeout for the call in milliseconds: the
+call will be aborted if we go for that amount of time without receiving any
+type of packet pertaining to the call.
+
+
+.\"""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+.SH SEE ALSO
+.ad l
+.nh
+.BR kafs (7),
+.BR request_key (2)
%{_bindir}/aklog-kafs
%{_sbindir}/kafs-check-config
%{_unitdir}/*
-%{_mandir}/man1/aklog-kafs.1*
+%{_mandir}/man1/*.1*
+%{_mandir}/man5/*.5*
+%{_mandir}/man7/*.7*
+%{_mandir}/man8/*.8*
%{_libexecdir}/kafs-preload
%{_libexecdir}/kafs-dns
%{_sysconfdir}/request-key.d/kafs_dns.conf
projects / users / dhowells / kafs-client.git / commitdiff