From 84a27b5a4cedd0b19381e27e8026614ddf3e900f Mon Sep 17 00:00:00 2001 From: Bagas Sanjaya Date: Wed, 24 Sep 2025 09:06:23 +0700 Subject: [PATCH 1/3] net: dns_resolver: Use reST bullet list for features list Features overview list uses an asterisk in parentheses (``(*)``) as bullet list marker, which isn't supported by Sphinx as proper bullet. Replace it with just asterisk. Reviewed-by: Simon Horman Signed-off-by: Bagas Sanjaya Link: https://patch.msgid.link/20250924020626.17073-2-bagasdotme@gmail.com Signed-off-by: Jakub Kicinski --- Documentation/networking/dns_resolver.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Documentation/networking/dns_resolver.rst b/Documentation/networking/dns_resolver.rst index c0364f7070af..5cec37bedf99 100644 --- a/Documentation/networking/dns_resolver.rst +++ b/Documentation/networking/dns_resolver.rst @@ -25,11 +25,11 @@ These routines must be supported by userspace tools dns.upcall, cifs.upcall and request-key. It is under development and does not yet provide the full feature set. The features it does support include: - (*) Implements the dns_resolver key_type to contact userspace. + * Implements the dns_resolver key_type to contact userspace. It does not yet support the following AFS features: - (*) Dns query support for AFSDB resource record. + * DNS query support for AFSDB resource record. This code is extracted from the CIFS filesystem. From 1b1fe672337bb7549f637853c1c9536872d3d19c Mon Sep 17 00:00:00 2001 From: Bagas Sanjaya Date: Wed, 24 Sep 2025 09:06:24 +0700 Subject: [PATCH 2/3] net: dns_resolver: Move dns_query() explanation out of code block Documentation for dns_query() is placed in the function's literal code block snippet instead. Move it out of there. Signed-off-by: Bagas Sanjaya Reviewed-by: Simon Horman Link: https://patch.msgid.link/20250924020626.17073-3-bagasdotme@gmail.com Signed-off-by: Jakub Kicinski --- Documentation/networking/dns_resolver.rst | 44 +++++++++++------------ 1 file changed, 21 insertions(+), 23 deletions(-) diff --git a/Documentation/networking/dns_resolver.rst b/Documentation/networking/dns_resolver.rst index 5cec37bedf99..fbbd2c4635cb 100644 --- a/Documentation/networking/dns_resolver.rst +++ b/Documentation/networking/dns_resolver.rst @@ -64,44 +64,42 @@ before the more general line given above as the first match is the one taken:: Usage ===== -To make use of this facility, one of the following functions that are -implemented in the module can be called after doing:: +To make use of this facility, first ``dns_resolver.h`` must be included:: #include - :: +Then queries may be made by calling:: int dns_query(const char *type, const char *name, size_t namelen, const char *options, char **_result, time_t *_expiry); - This is the basic access function. It looks for a cached DNS query and if - it doesn't find it, it upcalls to userspace to make a new DNS query, which - may then be cached. The key description is constructed as a string of the - form:: +This is the basic access function. It looks for a cached DNS query and if +it doesn't find it, it upcalls to userspace to make a new DNS query, which +may then be cached. The key description is constructed as a string of the +form:: [:] - where optionally specifies the particular upcall program to invoke, - and thus the type of query to do, and specifies the string to be - looked up. The default query type is a straight hostname to IP address - set lookup. +where optionally specifies the particular upcall program to invoke, +and thus the type of query, and specifies the string to be looked up. +The default query type is a straight hostname to IP address set lookup. - The name parameter is not required to be a NUL-terminated string, and its - length should be given by the namelen argument. +The name parameter is not required to be a NUL-terminated string, and its +length should be given by the namelen argument. - The options parameter may be NULL or it may be a set of options - appropriate to the query type. +The options parameter may be NULL or it may be a set of options +appropriate to the query type. - The return value is a string appropriate to the query type. For instance, - for the default query type it is just a list of comma-separated IPv4 and - IPv6 addresses. The caller must free the result. +The return value is a string appropriate to the query type. For instance, +for the default query type it is just a list of comma-separated IPv4 and +IPv6 addresses. The caller must free the result. - The length of the result string is returned on success, and a negative - error code is returned otherwise. -EKEYREJECTED will be returned if the - DNS lookup failed. +The length of the result string is returned on success, and a negative +error code is returned otherwise. -EKEYREJECTED will be returned if the +DNS lookup failed. - If _expiry is non-NULL, the expiry time (TTL) of the result will be - returned also. +If _expiry is non-NULL, the expiry time (TTL) of the result will be +returned also. The kernel maintains an internal keyring in which it caches looked up keys. This can be cleared by any process that has the CAP_SYS_ADMIN capability by From ffa8f0791955dec12af2a09a1655a41e3fff783a Mon Sep 17 00:00:00 2001 From: Bagas Sanjaya Date: Wed, 24 Sep 2025 09:06:25 +0700 Subject: [PATCH 3/3] net: dns_resolver: Fix request-key cross-reference Link to "Key Request Service" docs uses file:// scheme instead due to angled brackets markup. Fix it to proper cross-reference. Reviewed-by: Simon Horman Signed-off-by: Bagas Sanjaya Link: https://patch.msgid.link/20250924020626.17073-4-bagasdotme@gmail.com Signed-off-by: Jakub Kicinski --- Documentation/networking/dns_resolver.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Documentation/networking/dns_resolver.rst b/Documentation/networking/dns_resolver.rst index fbbd2c4635cb..52f298834db6 100644 --- a/Documentation/networking/dns_resolver.rst +++ b/Documentation/networking/dns_resolver.rst @@ -140,8 +140,8 @@ the key will be discarded and recreated when the data it holds has expired. dns_query() returns a copy of the value attached to the key, or an error if that is indicated instead. -See for further -information about request-key function. +See Documentation/security/keys/request-key.rst for further information about +request-key function. Debugging