From patchwork Thu Jan 24 17:20:12 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Watson X-Patchwork-Id: 1030588 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=fb.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=fb.com header.i=@fb.com header.b="WJnZO897"; dkim=pass (1024-bit key; unprotected) header.d=fb.onmicrosoft.com header.i=@fb.onmicrosoft.com header.b="YrUyiUmJ"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43lppn0YfBz9s9G for ; Fri, 25 Jan 2019 04:21:21 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728462AbfAXRVT (ORCPT ); Thu, 24 Jan 2019 12:21:19 -0500 Received: from mx0a-00082601.pphosted.com ([67.231.145.42]:38212 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727573AbfAXRVT (ORCPT ); Thu, 24 Jan 2019 12:21:19 -0500 Received: from pps.filterd (m0109334.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x0OHHJxV027645; Thu, 24 Jan 2019 09:20:53 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=facebook; bh=wJb/aPamSzOU1IsHPTLdK9lL/xtdPfAOawlJ82pjzuY=; b=WJnZO897Yiz0K8hintUP4IBeG5F4bdOoddKaUsR36HQ2RjNnwvKel3wnIjkTtzzH4Zxn vpMIzj8OX3ThLuWBhVBCQ/EBhIPKSZjmsaYE3Dr7rF7hRPbxmNResG+Rm87amOPXQGTm vuZLEbHasCW5uV2GFC72IvtFWDEs40u0W08= Received: from mail.thefacebook.com ([199.201.64.23]) by mx0a-00082601.pphosted.com with ESMTP id 2q7fbpgjmu-16 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 24 Jan 2019 09:20:53 -0800 Received: from prn-hub01.TheFacebook.com (2620:10d:c081:35::125) by prn-hub02.TheFacebook.com (2620:10d:c081:35::126) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3; Thu, 24 Jan 2019 09:20:14 -0800 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (192.168.54.28) by o365-in.thefacebook.com (192.168.16.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3 via Frontend Transport; Thu, 24 Jan 2019 09:20:14 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=wJb/aPamSzOU1IsHPTLdK9lL/xtdPfAOawlJ82pjzuY=; b=YrUyiUmJIX/8+e1OCb6pa74nV+jTpWVsVewNnjy+RkXcWzZA01MraCLKWCpIEpSmCfL7oGgktx6EMTGfBGCDHW4elwcV8XMUNl50TFpUZXo+VQw0rt8OV8DMkVNjgy+sRhU82ehTLQ7f/Hnm961aOqd4AXjEdIRTvPlf62z2mFs= Received: from MWHPR15MB1134.namprd15.prod.outlook.com (10.175.2.12) by MWHPR15MB1696.namprd15.prod.outlook.com (10.175.142.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.17; Thu, 24 Jan 2019 17:20:13 +0000 Received: from MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc]) by MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc%8]) with mapi id 15.20.1558.016; Thu, 24 Jan 2019 17:20:12 +0000 From: Dave Watson To: "netdev@vger.kernel.org" , Dave Miller CC: Vakul Garg , Boris Pismenny , Aviad Yehezkel , John Fastabend , Daniel Borkmann Subject: [PATCH net-next 1/7] net: tls: Save iv in tls_rec for async crypto requests Thread-Topic: [PATCH net-next 1/7] net: tls: Save iv in tls_rec for async crypto requests Thread-Index: AQHUtAkQ1EayYPPpvkSdqyiZ3WnSNw== Date: Thu, 24 Jan 2019 17:20:12 +0000 Message-ID: <20190124172146.q4acuud6z35wevm4@davejwatson-mba.dhcp.thefacebook.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: NeoMutt/20180716 x-clientproxiedby: MWHPR22CA0040.namprd22.prod.outlook.com (2603:10b6:300:69::26) To MWHPR15MB1134.namprd15.prod.outlook.com (2603:10b6:320:22::12) x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [2620:10d:c090:180::1:4f45] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; MWHPR15MB1696; 20:f3273rnwfAYs7i0Cokyub8bHSrS1cKlnsCjvHHzmesUrRxyZ8SoV9kB/pUT/4Y/ruQigdnJqwtuQQ0BN4DFreqDJtMoHR/eI/4/kuqwjhWAIsnVCKtmWfVYB6ZxZRPm20s9aaPEB2u1QZEMHE+PWiQzZYBWK/b6PQTy3n4SSF5s= x-ms-office365-filtering-correlation-id: bdef25c7-19a7-4056-31ab-08d6822032ff x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(2017052603328)(7153060)(7193020); SRVR:MWHPR15MB1696; x-ms-traffictypediagnostic: MWHPR15MB1696: x-microsoft-antispam-prvs: x-forefront-prvs: 0927AA37C7 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(396003)(346002)(136003)(39860400002)(366004)(189003)(199004)(6512007)(9686003)(486006)(71190400001)(71200400001)(476003)(14454004)(68736007)(6486002)(46003)(1076003)(256004)(6506007)(86362001)(2906002)(478600001)(102836004)(14444005)(2501003)(386003)(186003)(6436002)(6116002)(53936002)(106356001)(97736004)(4326008)(7736002)(305945005)(39060400002)(52116002)(25786009)(81166006)(33896004)(110136005)(8676002)(54906003)(58126008)(105586002)(81156014)(8936002)(99286004)(316002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR15MB1696; H:MWHPR15MB1134.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1; received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: A31mkBOT/l+2ILKv1MN+8EwUPprGkeEO7g5w2WVUIyHhXlIAfFWq2chQJrB2xhmHVZ+kARSLMFPPp4W4MlRZuiOe599QSxMsuxvCz0nGo9hancN2mZW5dx0gu+egET9gIWu/oF3UUz7GytDWK2HfiUTexHU3QfvpARrEdf52IvzabuzWmsnoCo/mrAvCRSL3X6D3kEwDfPljflC6SrHEYjSOSjNTmXx2/14y1ZCif5d0+XnPHjRuh4AQZlWPHAqTdLf5JKbN0MdlU4Hk2qknHm31ciClyaLNJ4svcIOnYdXXT7RlSyR8Rbplsx67K3mROyy3unADScsYcoDBeU9sOR5F56Cw1lp8duwBzbYpD9gZs4jeGQSGGqEB3vzbpwa7lHWVgOG4UleEEIsER7eEYnuYfvMvhi3QFtgXscdXby4= spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-ID: <37FDFF3C3021B54097ECCEC38B5997E6@namprd15.prod.outlook.com> MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: bdef25c7-19a7-4056-31ab-08d6822032ff X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2019 17:20:12.4522 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR15MB1696 X-OriginatorOrg: fb.com X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-01-24_10:, , signatures=0 X-Proofpoint-Spam-Reason: safe X-FB-Internal: Safe Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org aead_request_set_crypt takes an iv pointer, and we change the iv soon after setting it. Some async crypto algorithms don't save the iv, so we need to save it in the tls_rec for async requests. Found by hardcoding x64 aesni to use async crypto manager (to test the async codepath), however I don't think this combination can happen in the wild. Presumably other hardware offloads will need this fix, but there have been no user reports. Fixes: a42055e8d2c30 ("Add support for async encryption of records...") Signed-off-by: Dave Watson --- include/net/tls.h | 2 ++ net/tls/tls_sw.c | 4 +++- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/include/net/tls.h b/include/net/tls.h index 90bf52db573e..4592606e136a 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -120,6 +120,8 @@ struct tls_rec { struct scatterlist sg_aead_out[2]; char aad_space[TLS_AAD_SPACE_SIZE]; + u8 iv_data[TLS_CIPHER_AES_GCM_128_IV_SIZE + + TLS_CIPHER_AES_GCM_128_SALT_SIZE]; struct aead_request aead_req; u8 aead_req_ctx[]; }; diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 86b9527c4826..0382a4674bb3 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -447,6 +447,8 @@ static int tls_do_encryption(struct sock *sk, struct scatterlist *sge = sk_msg_elem(msg_en, start); int rc; + memcpy(rec->iv_data, tls_ctx->tx.iv, sizeof(rec->iv_data)); + sge->offset += tls_ctx->tx.prepend_size; sge->length -= tls_ctx->tx.prepend_size; @@ -456,7 +458,7 @@ static int tls_do_encryption(struct sock *sk, aead_request_set_ad(aead_req, TLS_AAD_SPACE_SIZE); aead_request_set_crypt(aead_req, rec->sg_aead_in, rec->sg_aead_out, - data_len, tls_ctx->tx.iv); + data_len, rec->iv_data); aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG, tls_encrypt_done, sk); From patchwork Thu Jan 24 17:20:25 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Watson X-Patchwork-Id: 1030587 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=fb.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=fb.com header.i=@fb.com header.b="O9zB49Nv"; dkim=pass (1024-bit key; unprotected) header.d=fb.onmicrosoft.com header.i=@fb.onmicrosoft.com header.b="Z3rDDhzW"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43lppL2kB2z9s9G for ; Fri, 25 Jan 2019 04:20:58 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728345AbfAXRU4 (ORCPT ); Thu, 24 Jan 2019 12:20:56 -0500 Received: from mx0a-00082601.pphosted.com ([67.231.145.42]:34086 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727573AbfAXRU4 (ORCPT ); Thu, 24 Jan 2019 12:20:56 -0500 Received: from pps.filterd (m0044010.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x0OHFgH1002402; Thu, 24 Jan 2019 09:20:27 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=facebook; bh=IhfLIxPSvx57GEB/fmEBKLRMcWPbvv6dLFPhbImED0s=; b=O9zB49NvbFmbtjoFD0uN9YFToOTociahYShTuERhTqMvT4wgssjLzjAPW6U2WzT761/O LXjKapuOnvHt3m7bHYgFcVf7wSmdf5m5y2crmxVtNzH1APf7YzMl08Q/TNCOZb6OeSBk J3bNJFz/VmhCQY6i0tfxsobVDoFC6EfCr6s= Received: from mail.thefacebook.com ([199.201.64.23]) by mx0a-00082601.pphosted.com with ESMTP id 2q7hdpg2dr-6 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 24 Jan 2019 09:20:27 -0800 Received: from prn-hub04.TheFacebook.com (2620:10d:c081:35::128) by prn-hub03.TheFacebook.com (2620:10d:c081:35::127) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3; Thu, 24 Jan 2019 09:20:26 -0800 Received: from NAM05-CO1-obe.outbound.protection.outlook.com (192.168.54.28) by o365-in.thefacebook.com (192.168.16.28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3 via Frontend Transport; Thu, 24 Jan 2019 09:20:26 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=IhfLIxPSvx57GEB/fmEBKLRMcWPbvv6dLFPhbImED0s=; b=Z3rDDhzWZ1w/pbikbVXBQalTd/ii7q3cEC7ptUxde36AzQTLL88fqIU7/OmzZ2Vuap5twAVDPjNBSu9gUVOiqOHvdzhQKN3I5g9hNvSSzu1WIUXze5ZNHkMLyWK/qZGVx0FsG/occco80U/l352i3euxyERdqDuV4nVmt4JV4Js= Received: from MWHPR15MB1134.namprd15.prod.outlook.com (10.175.2.12) by MWHPR15MB1327.namprd15.prod.outlook.com (10.175.3.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.17; Thu, 24 Jan 2019 17:20:25 +0000 Received: from MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc]) by MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc%8]) with mapi id 15.20.1558.016; Thu, 24 Jan 2019 17:20:25 +0000 From: Dave Watson To: "netdev@vger.kernel.org" , Dave Miller CC: Vakul Garg , Boris Pismenny , Aviad Yehezkel , John Fastabend , Daniel Borkmann Subject: [PATCH net-next 2/7] net: tls: Set async_capable for tls zerocopy only if we see EINPROGRESS Thread-Topic: [PATCH net-next 2/7] net: tls: Set async_capable for tls zerocopy only if we see EINPROGRESS Thread-Index: AQHUtAkYSMUf7uatqUSfSfZrCkxr0Q== Date: Thu, 24 Jan 2019 17:20:25 +0000 Message-ID: <20190124172159.li2vci4zdeu3yrxp@davejwatson-mba.dhcp.thefacebook.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: NeoMutt/20180716 x-clientproxiedby: CO2PR05CA0003.namprd05.prod.outlook.com (2603:10b6:102:2::13) To MWHPR15MB1134.namprd15.prod.outlook.com (2603:10b6:320:22::12) x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [2620:10d:c090:180::1:4f45] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; MWHPR15MB1327; 20:R7yq74PVIlu+rRJTG/N8XCCjnomor0JkiHQfiYf0gbN32PS6Bt7pvt2es+Z6XBIN1yfq7CYBfb4aImkdKmPyT/tXy+wbCAPIx1ANxMGs8cGU2QdCdkmjYz4CxIRzUTyhXERTRuUvzJhpA64CY7FKOm3QKymG25pz7q8KQoOtnZI= x-ms-office365-filtering-correlation-id: c434a83e-3816-4e4b-546c-08d682203a82 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(2017052603328)(7153060)(7193020); SRVR:MWHPR15MB1327; x-ms-traffictypediagnostic: MWHPR15MB1327: x-microsoft-antispam-prvs: x-forefront-prvs: 0927AA37C7 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(346002)(376002)(396003)(366004)(39860400002)(199004)(189003)(476003)(186003)(6486002)(33896004)(68736007)(105586002)(316002)(14444005)(97736004)(6506007)(386003)(2906002)(102836004)(46003)(486006)(256004)(1076003)(25786009)(14454004)(71190400001)(71200400001)(8936002)(81166006)(81156014)(8676002)(86362001)(305945005)(9686003)(6512007)(6436002)(106356001)(4326008)(478600001)(7736002)(39060400002)(54906003)(99286004)(6116002)(53936002)(110136005)(58126008)(2501003)(52116002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR15MB1327; H:MWHPR15MB1134.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: Bzjz1Z4rGZT/Sp3Dt8HJpBpjRzghhnAq7ZjxSepwx6ETyCA7XONuo7T6AphB49Rt7tAbMX+nKzIysvpLGgepi1WfGdtgdco227cFF2m+Z31i39UmG3X+mNCb7UDJ7E1vRNks/H58METjSbOTZCpiq4Ctcj5H2h9HUKmEQhKaIapfHK76iyczJ4iMEI102F2o4I+Onr4taSc84SfCaN+XzNG40yxW0+y/5u1bo10QnDoqj+3FPjdNoDi2JeiImMlSFsTEjMQbL6dnc+hHDCtVXUIDqyejkjc5x7xwLiPhNi2bYNQw1mzIIwpYzGUq+adsUWyAWdUFFLriA42/grQWTQpGoHp+m8Us1WCKqWtio1H7a2YYSU3dkPDG8eD8PUbgkMIDUAikrkfrMe7BuXw+PKJRJvmjzPuMy3tyrLeLg8A= Content-ID: MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: c434a83e-3816-4e4b-546c-08d682203a82 X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2019 17:20:25.0917 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR15MB1327 X-OriginatorOrg: fb.com X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-01-24_10:, , signatures=0 X-Proofpoint-Spam-Reason: safe X-FB-Internal: Safe Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Currently we don't zerocopy if the crypto framework async bit is set. However some crypto algorithms (such as x86 AESNI) support async, but in the context of sendmsg, will never run asynchronously. Instead, check for actual EINPROGRESS return code before assuming algorithm is async. Signed-off-by: Dave Watson --- include/net/tls.h | 1 + net/tls/tls_sw.c | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/include/net/tls.h b/include/net/tls.h index 4592606e136a..eb73e62ac8c9 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -139,6 +139,7 @@ struct tls_sw_context_tx { struct list_head tx_list; atomic_t encrypt_pending; int async_notify; + int async_capable; #define BIT_TX_SCHEDULED 0 unsigned long tx_bitmask; diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 0382a4674bb3..acfafe8190a3 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -673,6 +673,7 @@ static int tls_push_record(struct sock *sk, int flags, tls_merge_open_record(sk, rec, tmp, orig_end); } } + ctx->async_capable = 1; return rc; } else if (split) { msg_pl = &tmp->msg_plaintext; @@ -814,8 +815,7 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size) long timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT); struct tls_context *tls_ctx = tls_get_ctx(sk); struct tls_sw_context_tx *ctx = tls_sw_ctx_tx(tls_ctx); - struct crypto_tfm *tfm = crypto_aead_tfm(ctx->aead_send); - bool async_capable = tfm->__crt_alg->cra_flags & CRYPTO_ALG_ASYNC; + bool async_capable = ctx->async_capable; unsigned char record_type = TLS_RECORD_TYPE_DATA; bool is_kvec = iov_iter_is_kvec(&msg->msg_iter); bool eor = !(msg->msg_flags & MSG_MORE); From patchwork Thu Jan 24 17:20:38 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Watson X-Patchwork-Id: 1030589 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=fb.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=fb.com header.i=@fb.com header.b="JPYjOQNw"; dkim=pass (1024-bit key; unprotected) header.d=fb.onmicrosoft.com header.i=@fb.onmicrosoft.com header.b="jde15m9O"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43lppq60SDz9s9G for ; Fri, 25 Jan 2019 04:21:23 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728650AbfAXRVW (ORCPT ); Thu, 24 Jan 2019 12:21:22 -0500 Received: from mx0a-00082601.pphosted.com ([67.231.145.42]:34780 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727786AbfAXRVU (ORCPT ); Thu, 24 Jan 2019 12:21:20 -0500 Received: from pps.filterd (m0109333.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x0OHHTOo013484; Thu, 24 Jan 2019 09:20:55 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=facebook; bh=uKhPTEAeYYfwpKSFVEDjRPEabl9ShGkNIASXn0Ymmlg=; b=JPYjOQNw5WRVvBc7WNrep5vmy0e2dyGPFqvVFqNa67PgVrTpiZkTGWngnffwSMdtj77s QuPSqUkZ/+yOHh2zbBdIXobKFYRMaq8aFqM0T3BQd54imVu3F4AgWUhAZ3iK6FV0wXm8 m7eDAO97ZPz8znPsL4ZcHnIfHnEUN+yujOg= Received: from mail.thefacebook.com ([199.201.64.23]) by mx0a-00082601.pphosted.com with ESMTP id 2q7gmxg87k-8 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 24 Jan 2019 09:20:55 -0800 Received: from prn-hub02.TheFacebook.com (2620:10d:c081:35::126) by prn-hub03.TheFacebook.com (2620:10d:c081:35::127) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3; Thu, 24 Jan 2019 09:20:45 -0800 Received: from NAM05-CO1-obe.outbound.protection.outlook.com (192.168.54.28) by o365-in.thefacebook.com (192.168.16.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3 via Frontend Transport; Thu, 24 Jan 2019 09:20:45 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=uKhPTEAeYYfwpKSFVEDjRPEabl9ShGkNIASXn0Ymmlg=; b=jde15m9OYf3GV+x+E7mbLB6C9RACEUFIFezAKAy3fwNtCzf0Xbled3m39I59jMp7BJczNKovUIGVy17CuOLizG9x0hbk6Ya4MLjbEUTotmJ7hTwY97vNzTmCDNAooyu8gZIFtxOhpxvoDyKjztx8ynrJGL/Vsz/HjPrjMW/gXBc= Received: from MWHPR15MB1134.namprd15.prod.outlook.com (10.175.2.12) by MWHPR15MB1327.namprd15.prod.outlook.com (10.175.3.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.17; Thu, 24 Jan 2019 17:20:38 +0000 Received: from MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc]) by MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc%8]) with mapi id 15.20.1558.016; Thu, 24 Jan 2019 17:20:38 +0000 From: Dave Watson To: "netdev@vger.kernel.org" , Dave Miller CC: Vakul Garg , Boris Pismenny , Aviad Yehezkel , John Fastabend , Daniel Borkmann Subject: [PATCH net-next 3/7] net: tls: Support 256 bit keys Thread-Topic: [PATCH net-next 3/7] net: tls: Support 256 bit keys Thread-Index: AQHUtAkgaB7fqsz0p0Cwn5ppzSfYdw== Date: Thu, 24 Jan 2019 17:20:38 +0000 Message-ID: <20190124172212.2q737piza7v5sdnb@davejwatson-mba.dhcp.thefacebook.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: NeoMutt/20180716 x-clientproxiedby: MWHPR22CA0064.namprd22.prod.outlook.com (2603:10b6:300:12a::26) To MWHPR15MB1134.namprd15.prod.outlook.com (2603:10b6:320:22::12) x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [2620:10d:c090:180::1:4f45] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; MWHPR15MB1327; 20:D9xX2rx60foX0yYjB5fI+iDL2N+8cLBF/iDoob5yQdRDe+zOmFi2AnJMA5XbOolk60bhMXhGP/CNLK5prgzJdK4dXEFDrPSnZlx1Sa9sYXKygbLxz29jSJ8U8Q/zrz/OmrcjcuOUK00G9LX8dLj0GU46Umh8buwS3oUoi+Njoo0= x-ms-office365-filtering-correlation-id: 5805bd39-a97c-4e2f-6b8c-08d682204273 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(2017052603328)(7153060)(7193020); SRVR:MWHPR15MB1327; x-ms-traffictypediagnostic: MWHPR15MB1327: x-microsoft-antispam-prvs: x-forefront-prvs: 0927AA37C7 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(346002)(376002)(396003)(366004)(39860400002)(199004)(189003)(476003)(186003)(6486002)(33896004)(68736007)(105586002)(316002)(14444005)(97736004)(6506007)(386003)(2906002)(102836004)(46003)(486006)(256004)(1076003)(25786009)(14454004)(71190400001)(71200400001)(8936002)(81166006)(81156014)(8676002)(86362001)(305945005)(9686003)(6512007)(6436002)(106356001)(4326008)(478600001)(7736002)(39060400002)(54906003)(99286004)(6116002)(53936002)(110136005)(58126008)(2501003)(52116002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR15MB1327; H:MWHPR15MB1134.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: /ha7O7UmTzT3gTQgOSQIr7A1byrDNv+nAUixEqwtEIej0c4+kEYgHKgDaDqPnq8a1nHnWNVD4HHKtWh2Z0uKAamOaqf+RRWOVLW0t4pycKyXVtxBrDR9DVYEsEUJPQal9fQU72Jtus2/Zqy67s/35TiItcfZS0KQxc9pNYyNBFlP6sscvl70EE4AYFiRbD0gze9DtF21TZUP7rKd+W+Xcn3QU+e4m94jKzQQVw2CfDdvSMt91R1kpXp2vPOTWBJciJ78sXjZpVYy0beIBQHQ2aON9CoQPbhhySkqNd8/be2n7b85SGgJ62TYUlOaxN9TnKfLrgL3E3En5FV3KpNJvFe22p9ANNhiWbrlNyZxYPU3vK3JvLQRPeCErzq2MsPCfG1Svuruc93cNJLvmBXiDRxYzQbxWGdhDD3ptpcFNfo= Content-ID: <2D6CA99AB534A34388C2A4D9BEDC68D4@namprd15.prod.outlook.com> MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: 5805bd39-a97c-4e2f-6b8c-08d682204273 X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2019 17:20:38.4037 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR15MB1327 X-OriginatorOrg: fb.com X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-01-24_10:, , signatures=0 X-Proofpoint-Spam-Reason: safe X-FB-Internal: Safe Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Wire up support for 256 bit keys from the setsockopt to the crypto framework Signed-off-by: Dave Watson --- include/net/tls.h | 5 ++- include/uapi/linux/tls.h | 15 ++++++++ net/tls/tls_main.c | 33 +++++++++++++++- net/tls/tls_sw.c | 29 +++++++++++++-- tools/testing/selftests/net/tls.c | 62 +++++++++++++++++++++++++++++++ 5 files changed, 137 insertions(+), 7 deletions(-) diff --git a/include/net/tls.h b/include/net/tls.h index eb73e62ac8c9..675161ed37eb 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -207,7 +207,10 @@ struct cipher_context { union tls_crypto_context { struct tls_crypto_info info; - struct tls12_crypto_info_aes_gcm_128 aes_gcm_128; + union { + struct tls12_crypto_info_aes_gcm_128 aes_gcm_128; + struct tls12_crypto_info_aes_gcm_256 aes_gcm_256; + }; }; struct tls_context { diff --git a/include/uapi/linux/tls.h b/include/uapi/linux/tls.h index ff02287495ac..9affceaa3db4 100644 --- a/include/uapi/linux/tls.h +++ b/include/uapi/linux/tls.h @@ -59,6 +59,13 @@ #define TLS_CIPHER_AES_GCM_128_TAG_SIZE 16 #define TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE 8 +#define TLS_CIPHER_AES_GCM_256 52 +#define TLS_CIPHER_AES_GCM_256_IV_SIZE 8 +#define TLS_CIPHER_AES_GCM_256_KEY_SIZE 32 +#define TLS_CIPHER_AES_GCM_256_SALT_SIZE 4 +#define TLS_CIPHER_AES_GCM_256_TAG_SIZE 16 +#define TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE 8 + #define TLS_SET_RECORD_TYPE 1 #define TLS_GET_RECORD_TYPE 2 @@ -75,4 +82,12 @@ struct tls12_crypto_info_aes_gcm_128 { unsigned char rec_seq[TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE]; }; +struct tls12_crypto_info_aes_gcm_256 { + struct tls_crypto_info info; + unsigned char iv[TLS_CIPHER_AES_GCM_256_IV_SIZE]; + unsigned char key[TLS_CIPHER_AES_GCM_256_KEY_SIZE]; + unsigned char salt[TLS_CIPHER_AES_GCM_256_SALT_SIZE]; + unsigned char rec_seq[TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE]; +}; + #endif /* _UAPI_LINUX_TLS_H */ diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index d36d095cbcf0..0f028cfdf835 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -372,6 +372,30 @@ static int do_tls_getsockopt_tx(struct sock *sk, char __user *optval, rc = -EFAULT; break; } + case TLS_CIPHER_AES_GCM_256: { + struct tls12_crypto_info_aes_gcm_256 * + crypto_info_aes_gcm_256 = + container_of(crypto_info, + struct tls12_crypto_info_aes_gcm_256, + info); + + if (len != sizeof(*crypto_info_aes_gcm_256)) { + rc = -EINVAL; + goto out; + } + lock_sock(sk); + memcpy(crypto_info_aes_gcm_256->iv, + ctx->tx.iv + TLS_CIPHER_AES_GCM_256_SALT_SIZE, + TLS_CIPHER_AES_GCM_256_IV_SIZE); + memcpy(crypto_info_aes_gcm_256->rec_seq, ctx->tx.rec_seq, + TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE); + release_sock(sk); + if (copy_to_user(optval, + crypto_info_aes_gcm_256, + sizeof(*crypto_info_aes_gcm_256))) + rc = -EFAULT; + break; + } default: rc = -EINVAL; } @@ -412,6 +436,7 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval, { struct tls_crypto_info *crypto_info; struct tls_context *ctx = tls_get_ctx(sk); + size_t optsize; int rc = 0; int conf; @@ -444,8 +469,12 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval, } switch (crypto_info->cipher_type) { - case TLS_CIPHER_AES_GCM_128: { - if (optlen != sizeof(struct tls12_crypto_info_aes_gcm_128)) { + case TLS_CIPHER_AES_GCM_128: + case TLS_CIPHER_AES_GCM_256: { + optsize = crypto_info->cipher_type == TLS_CIPHER_AES_GCM_128 ? + sizeof(struct tls12_crypto_info_aes_gcm_128) : + sizeof(struct tls12_crypto_info_aes_gcm_256); + if (optlen != optsize) { rc = -EINVAL; goto err_crypto_info; } diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index acfafe8190a3..706ff02dc379 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -1997,6 +1997,7 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) { struct tls_crypto_info *crypto_info; struct tls12_crypto_info_aes_gcm_128 *gcm_128_info; + struct tls12_crypto_info_aes_gcm_256 *gcm_256_info; struct tls_sw_context_tx *sw_ctx_tx = NULL; struct tls_sw_context_rx *sw_ctx_rx = NULL; struct cipher_context *cctx; @@ -2004,7 +2005,8 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) struct strp_callbacks cb; u16 nonce_size, tag_size, iv_size, rec_seq_size; struct crypto_tfm *tfm; - char *iv, *rec_seq; + char *iv, *rec_seq, *key, *salt; + size_t keysize; int rc = 0; if (!ctx) { @@ -2065,6 +2067,24 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) ((struct tls12_crypto_info_aes_gcm_128 *)crypto_info)->rec_seq; gcm_128_info = (struct tls12_crypto_info_aes_gcm_128 *)crypto_info; + keysize = TLS_CIPHER_AES_GCM_128_KEY_SIZE; + key = gcm_128_info->key; + salt = gcm_128_info->salt; + break; + } + case TLS_CIPHER_AES_GCM_256: { + nonce_size = TLS_CIPHER_AES_GCM_256_IV_SIZE; + tag_size = TLS_CIPHER_AES_GCM_256_TAG_SIZE; + iv_size = TLS_CIPHER_AES_GCM_256_IV_SIZE; + iv = ((struct tls12_crypto_info_aes_gcm_256 *)crypto_info)->iv; + rec_seq_size = TLS_CIPHER_AES_GCM_256_REC_SEQ_SIZE; + rec_seq = + ((struct tls12_crypto_info_aes_gcm_256 *)crypto_info)->rec_seq; + gcm_256_info = + (struct tls12_crypto_info_aes_gcm_256 *)crypto_info; + keysize = TLS_CIPHER_AES_GCM_256_KEY_SIZE; + key = gcm_256_info->key; + salt = gcm_256_info->salt; break; } default: @@ -2088,7 +2108,8 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) rc = -ENOMEM; goto free_priv; } - memcpy(cctx->iv, gcm_128_info->salt, TLS_CIPHER_AES_GCM_128_SALT_SIZE); + /* Note: 128 & 256 bit salt are the same size */ + memcpy(cctx->iv, salt, TLS_CIPHER_AES_GCM_128_SALT_SIZE); memcpy(cctx->iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE, iv, iv_size); cctx->rec_seq_size = rec_seq_size; cctx->rec_seq = kmemdup(rec_seq, rec_seq_size, GFP_KERNEL); @@ -2108,8 +2129,8 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) ctx->push_pending_record = tls_sw_push_pending_record; - rc = crypto_aead_setkey(*aead, gcm_128_info->key, - TLS_CIPHER_AES_GCM_128_KEY_SIZE); + rc = crypto_aead_setkey(*aead, key, keysize); + if (rc) goto free_aead; diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/net/tls.c index ff68ed19c0ef..c356f481de79 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c @@ -763,4 +763,66 @@ TEST_F(tls, control_msg) EXPECT_EQ(memcmp(buf, test_str, send_len), 0); } +TEST(keysizes) { + struct tls12_crypto_info_aes_gcm_256 tls12; + struct sockaddr_in addr; + int sfd, ret, fd, cfd; + socklen_t len; + bool notls; + + notls = false; + len = sizeof(addr); + + memset(&tls12, 0, sizeof(tls12)); + tls12.info.version = TLS_1_2_VERSION; + tls12.info.cipher_type = TLS_CIPHER_AES_GCM_256; + + addr.sin_family = AF_INET; + addr.sin_addr.s_addr = htonl(INADDR_ANY); + addr.sin_port = 0; + + fd = socket(AF_INET, SOCK_STREAM, 0); + sfd = socket(AF_INET, SOCK_STREAM, 0); + + ret = bind(sfd, &addr, sizeof(addr)); + ASSERT_EQ(ret, 0); + ret = listen(sfd, 10); + ASSERT_EQ(ret, 0); + + ret = getsockname(sfd, &addr, &len); + ASSERT_EQ(ret, 0); + + ret = connect(fd, &addr, sizeof(addr)); + ASSERT_EQ(ret, 0); + + ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); + if (ret != 0) { + notls = true; + printf("Failure setting TCP_ULP, testing without tls\n"); + } + + if (!notls) { + ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, + sizeof(tls12)); + EXPECT_EQ(ret, 0); + } + + cfd = accept(sfd, &addr, &len); + ASSERT_GE(cfd, 0); + + if (!notls) { + ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", + sizeof("tls")); + EXPECT_EQ(ret, 0); + + ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, + sizeof(tls12)); + EXPECT_EQ(ret, 0); + } + + close(sfd); + close(fd); + close(cfd); +} + TEST_HARNESS_MAIN From patchwork Thu Jan 24 17:20:47 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Watson X-Patchwork-Id: 1030590 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=fb.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=fb.com header.i=@fb.com header.b="T2gBtzM0"; dkim=pass (1024-bit key; unprotected) header.d=fb.onmicrosoft.com header.i=@fb.onmicrosoft.com header.b="Q+ehLzwu"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43lpq83m6Fz9s9G for ; Fri, 25 Jan 2019 04:21:40 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728952AbfAXRVj (ORCPT ); Thu, 24 Jan 2019 12:21:39 -0500 Received: from mx0a-00082601.pphosted.com ([67.231.145.42]:38310 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727786AbfAXRVi (ORCPT ); Thu, 24 Jan 2019 12:21:38 -0500 Received: from pps.filterd (m0109334.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x0OHHCLM027555; Thu, 24 Jan 2019 09:21:10 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=facebook; bh=qh4g/2IWjafB0R5NIyfQgUn6CWY9UIDq/3YHflUTDQg=; b=T2gBtzM0N7zPnvccUqkPFKEqcHSYzOznQUZzQ1qErT5WUm/CDvf8VpbeTLaWEpZ9IILj kpaPLmOK1u5lJBJR5nHI4XMdzi3DEO9Nfi6mZniB1B3ztDLhFzHjiv1m9epIuaVMHpSE 5lMO3B/Y62qj36PcIyA1D10CEm50zfC/NZI= Received: from maileast.thefacebook.com ([199.201.65.23]) by mx0a-00082601.pphosted.com with ESMTP id 2q7fbpgjp1-12 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 24 Jan 2019 09:21:10 -0800 Received: from frc-mbx02.TheFacebook.com (2620:10d:c0a1:f82::26) by frc-hub06.TheFacebook.com (2620:10d:c021:18::176) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3; Thu, 24 Jan 2019 09:20:50 -0800 Received: from frc-hub03.TheFacebook.com (2620:10d:c021:18::173) by frc-mbx02.TheFacebook.com (2620:10d:c0a1:f82::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3; Thu, 24 Jan 2019 09:20:49 -0800 Received: from NAM05-CO1-obe.outbound.protection.outlook.com (192.168.183.28) by o365-in.thefacebook.com (192.168.177.73) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3 via Frontend Transport; Thu, 24 Jan 2019 09:20:49 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=qh4g/2IWjafB0R5NIyfQgUn6CWY9UIDq/3YHflUTDQg=; b=Q+ehLzwubNQVYNhLaB0ap89j8FXjvis+9l37FvIx3JUGyltpnYYi2XfCMDwglXLf2F2X1anYC2oLALiYNb8DlP3dOQTHM+kp1sZ9UIzRrAShGXgF6W15yKINuepGj75HtzPb/vlbfP1Lvz3iXWrSpi6OBcC2fd/idCPhID9vhcg= Received: from MWHPR15MB1134.namprd15.prod.outlook.com (10.175.2.12) by MWHPR15MB1327.namprd15.prod.outlook.com (10.175.3.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.17; Thu, 24 Jan 2019 17:20:48 +0000 Received: from MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc]) by MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc%8]) with mapi id 15.20.1558.016; Thu, 24 Jan 2019 17:20:48 +0000 From: Dave Watson To: "netdev@vger.kernel.org" , Dave Miller CC: Vakul Garg , Boris Pismenny , Aviad Yehezkel , John Fastabend , Daniel Borkmann Subject: [PATCH net-next 4/7] net: tls: Refactor tls aad space size calculation Thread-Topic: [PATCH net-next 4/7] net: tls: Refactor tls aad space size calculation Thread-Index: AQHUtAklyLE5bkNnjk6BQWpcdxNLUg== Date: Thu, 24 Jan 2019 17:20:47 +0000 Message-ID: <20190124172222.ws6i2z2xjit2xizb@davejwatson-mba.dhcp.thefacebook.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: NeoMutt/20180716 x-clientproxiedby: MWHPR18CA0048.namprd18.prod.outlook.com (2603:10b6:320:31::34) To MWHPR15MB1134.namprd15.prod.outlook.com (2603:10b6:320:22::12) x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [2620:10d:c090:180::1:4f45] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; MWHPR15MB1327; 20:ZMwjirWYegm3RYBL+E5uPb1AIYDSRWYs3qxX4WcuyoibeiEf4iEo3DtArjeCew9Z40ljnCZQiIdfpOC7tw52yCAlPZE6n7Qx4PRIT1H5VgPy5vE7LuovTSydskk7JRP1M397AvS0rOvyqwJZN8KdqA2xdpjkZRnmcCqAKbrbkqY= x-ms-office365-filtering-correlation-id: 70cde3ec-f341-4956-a92a-08d6822047eb x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(2017052603328)(7153060)(7193020); SRVR:MWHPR15MB1327; x-ms-traffictypediagnostic: MWHPR15MB1327: x-microsoft-antispam-prvs: x-forefront-prvs: 0927AA37C7 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(346002)(376002)(396003)(366004)(39860400002)(199004)(189003)(476003)(186003)(6486002)(33896004)(68736007)(105586002)(316002)(14444005)(97736004)(6506007)(386003)(2906002)(102836004)(46003)(486006)(256004)(1076003)(25786009)(14454004)(71190400001)(71200400001)(8936002)(81166006)(81156014)(8676002)(86362001)(305945005)(9686003)(6512007)(6436002)(106356001)(4326008)(478600001)(7736002)(39060400002)(54906003)(99286004)(6116002)(53936002)(110136005)(58126008)(2501003)(52116002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR15MB1327; H:MWHPR15MB1134.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: iWMG5rLnHukzw2T6Tqg+yyIN+/ls4hf/Pd5QZ9O04nUl9f2PqxjUt8bDKFK8XYWHf+OkmsjsrmhMkUJmF5g57SbLGjEHKgmdgkDo+ITF3lBxfNw3uhdt+l3IK+cFsI2YPVl9FQeA3JKYKaC6bEEQ8xsG4mOm58rD/wJ69vf0if6ic2PePErqmWbVIFUWS/AFgRveiWnPBB0BpVzsviKTkdL+TDxm66Ov9vSIaQjykeVmRcw+hJYcAXp2w0TLPANDi016zS6XdrfzlO+nY1qAeyWHaeagiv7iRK7lgfikRnw08FG6zq5AdeZe9r8UQVOCJDM5IlIcnlR6MbP1XLAQyyoS/7z8Mv8/BHv0AMd8eCLU1YuRazu61bOt9tv+nQqD2o4Urp0vmCO/UmbgCDR4KwVefgjcKQ8iC1cYVpk01dk= Content-ID: MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: 70cde3ec-f341-4956-a92a-08d6822047eb X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2019 17:20:47.5954 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR15MB1327 X-OriginatorOrg: fb.com X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-01-24_10:, , signatures=0 X-Proofpoint-Spam-Reason: safe X-FB-Internal: Safe Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org TLS 1.3 has a different AAD size, use a variable in the code to make TLS 1.3 support easy. Signed-off-by: Dave Watson --- include/net/tls.h | 1 + net/tls/tls_sw.c | 17 +++++++++-------- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/include/net/tls.h b/include/net/tls.h index 675161ed37eb..9edb2cc7023a 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -203,6 +203,7 @@ struct cipher_context { char *iv; u16 rec_seq_size; char *rec_seq; + u16 aad_size; }; union tls_crypto_context { diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 706ff02dc379..1003494d0563 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -185,7 +185,7 @@ static int tls_do_decryption(struct sock *sk, int ret; aead_request_set_tfm(aead_req, ctx->aead_recv); - aead_request_set_ad(aead_req, TLS_AAD_SPACE_SIZE); + aead_request_set_ad(aead_req, tls_ctx->rx.aad_size); aead_request_set_crypt(aead_req, sgin, sgout, data_len + tls_ctx->rx.tag_size, (u8 *)iv_recv); @@ -289,12 +289,12 @@ static struct tls_rec *tls_get_rec(struct sock *sk) sg_init_table(rec->sg_aead_in, 2); sg_set_buf(&rec->sg_aead_in[0], rec->aad_space, - sizeof(rec->aad_space)); + tls_ctx->tx.aad_size); sg_unmark_end(&rec->sg_aead_in[1]); sg_init_table(rec->sg_aead_out, 2); sg_set_buf(&rec->sg_aead_out[0], rec->aad_space, - sizeof(rec->aad_space)); + tls_ctx->tx.aad_size); sg_unmark_end(&rec->sg_aead_out[1]); return rec; @@ -455,7 +455,7 @@ static int tls_do_encryption(struct sock *sk, msg_en->sg.curr = start; aead_request_set_tfm(aead_req, ctx->aead_send); - aead_request_set_ad(aead_req, TLS_AAD_SPACE_SIZE); + aead_request_set_ad(aead_req, tls_ctx->tx.aad_size); aead_request_set_crypt(aead_req, rec->sg_aead_in, rec->sg_aead_out, data_len, rec->iv_data); @@ -1317,7 +1317,7 @@ static int decrypt_internal(struct sock *sk, struct sk_buff *skb, aead_size = sizeof(*aead_req) + crypto_aead_reqsize(ctx->aead_recv); mem_size = aead_size + (nsg * sizeof(struct scatterlist)); - mem_size = mem_size + TLS_AAD_SPACE_SIZE; + mem_size = mem_size + tls_ctx->rx.aad_size; mem_size = mem_size + crypto_aead_ivsize(ctx->aead_recv); /* Allocate a single block of memory which contains @@ -1333,7 +1333,7 @@ static int decrypt_internal(struct sock *sk, struct sk_buff *skb, sgin = (struct scatterlist *)(mem + aead_size); sgout = sgin + n_sgin; aad = (u8 *)(sgout + n_sgout); - iv = aad + TLS_AAD_SPACE_SIZE; + iv = aad + tls_ctx->rx.aad_size; /* Prepare IV */ err = skb_copy_bits(skb, rxm->offset + TLS_HEADER_SIZE, @@ -1352,7 +1352,7 @@ static int decrypt_internal(struct sock *sk, struct sk_buff *skb, /* Prepare sgin */ sg_init_table(sgin, n_sgin); - sg_set_buf(&sgin[0], aad, TLS_AAD_SPACE_SIZE); + sg_set_buf(&sgin[0], aad, tls_ctx->rx.aad_size); err = skb_to_sgvec(skb, &sgin[1], rxm->offset + tls_ctx->rx.prepend_size, rxm->full_len - tls_ctx->rx.prepend_size); @@ -1364,7 +1364,7 @@ static int decrypt_internal(struct sock *sk, struct sk_buff *skb, if (n_sgout) { if (out_iov) { sg_init_table(sgout, n_sgout); - sg_set_buf(&sgout[0], aad, TLS_AAD_SPACE_SIZE); + sg_set_buf(&sgout[0], aad, tls_ctx->rx.aad_size); *chunk = 0; err = tls_setup_from_iter(sk, out_iov, data_len, @@ -2098,6 +2098,7 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) goto free_priv; } + cctx->aad_size = TLS_AAD_SPACE_SIZE; cctx->prepend_size = TLS_HEADER_SIZE + nonce_size; cctx->tag_size = tag_size; cctx->overhead_size = cctx->prepend_size + cctx->tag_size; From patchwork Thu Jan 24 17:21:00 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Watson X-Patchwork-Id: 1030592 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=fb.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=fb.com header.i=@fb.com header.b="TcfSU1Mh"; dkim=pass (1024-bit key; unprotected) header.d=fb.onmicrosoft.com header.i=@fb.onmicrosoft.com header.b="gBifrV0c"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43lpqy4ZJBz9sDB for ; Fri, 25 Jan 2019 04:22:22 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728983AbfAXRWV (ORCPT ); Thu, 24 Jan 2019 12:22:21 -0500 Received: from mx0a-00082601.pphosted.com ([67.231.145.42]:38614 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727786AbfAXRWV (ORCPT ); Thu, 24 Jan 2019 12:22:21 -0500 Received: from pps.filterd (m0109334.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x0OHHIAD027624; Thu, 24 Jan 2019 09:21:54 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=facebook; bh=fYpmAeXAAIRYlh2hl8/JCVxCGq5ksoRq5RWMktcERjY=; b=TcfSU1Mhwpq3sTk+EI366EM1Efis7rXRL439E61kHQwknLR0b8y0BzEeudMS3zxebmS3 /FDXZrNeZfJrEyJb8+EXq+WVM2rb/jxE40xvH9zZWCWsq3rYlsyJ8qugIY8+TYaqbloT MVTd/AXLzbo3l5zdf+UfUIgrztTPkrtfbXY= Received: from mail.thefacebook.com ([199.201.64.23]) by mx0a-00082601.pphosted.com with ESMTP id 2q7fbpgjsj-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 24 Jan 2019 09:21:54 -0800 Received: from prn-mbx04.TheFacebook.com (2620:10d:c081:6::18) by prn-hub03.TheFacebook.com (2620:10d:c081:35::127) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3; Thu, 24 Jan 2019 09:21:01 -0800 Received: from prn-hub02.TheFacebook.com (2620:10d:c081:35::126) by prn-mbx04.TheFacebook.com (2620:10d:c081:6::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3; Thu, 24 Jan 2019 09:21:00 -0800 Received: from NAM05-CO1-obe.outbound.protection.outlook.com (192.168.54.28) by o365-in.thefacebook.com (192.168.16.26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3 via Frontend Transport; Thu, 24 Jan 2019 09:21:00 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fYpmAeXAAIRYlh2hl8/JCVxCGq5ksoRq5RWMktcERjY=; b=gBifrV0cq6bTWNWG+G726D5c+TRY1UEvYYfGn5TXMzivFJK9DeejkJdy717Atu0wBl/SYvJHRhjM6WOn5ERPqgcGT/jnxj1PVb5vnqYoz5P8+NvvDjwIcnl7eNYcwcOgRUY6n51uTzNCl5aXGjbRmEDU7K+NTxqxeBt8YfuPXlQ= Received: from MWHPR15MB1134.namprd15.prod.outlook.com (10.175.2.12) by MWHPR15MB1327.namprd15.prod.outlook.com (10.175.3.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.17; Thu, 24 Jan 2019 17:21:00 +0000 Received: from MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc]) by MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc%8]) with mapi id 15.20.1558.016; Thu, 24 Jan 2019 17:21:00 +0000 From: Dave Watson To: "netdev@vger.kernel.org" , Dave Miller CC: Vakul Garg , Boris Pismenny , Aviad Yehezkel , John Fastabend , Daniel Borkmann Subject: [PATCH net-next 5/7] net: tls: Refactor control message handling on recv Thread-Topic: [PATCH net-next 5/7] net: tls: Refactor control message handling on recv Thread-Index: AQHUtAks74Gn2YmnDUSeJa2vm8/v8A== Date: Thu, 24 Jan 2019 17:21:00 +0000 Message-ID: <20190124172233.gszno7sbbhjyx64t@davejwatson-mba.dhcp.thefacebook.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: NeoMutt/20180716 x-clientproxiedby: MWHPR14CA0064.namprd14.prod.outlook.com (2603:10b6:300:81::26) To MWHPR15MB1134.namprd15.prod.outlook.com (2603:10b6:320:22::12) x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [2620:10d:c090:180::1:4f45] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; MWHPR15MB1327; 20:qR8TsD6Bsx7k6lrBqdN6fOIKucWPwq2GBMH+BHVeZYy5tjdeKQbjhNBvuC8MBAW6xk9WS7OYTLW65nTC6U0Jo/F39XfwcyeKRYdMdUPfP8sOh+phXUs82Tf9AgDp1mum2cGKxa28M4p6V0JgdqYtcpeGASzg1jp4h2ffdldRrTs= x-ms-office365-filtering-correlation-id: f526afcc-4449-43bc-33ef-08d682204f23 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(2017052603328)(7153060)(7193020); SRVR:MWHPR15MB1327; x-ms-traffictypediagnostic: MWHPR15MB1327: x-microsoft-antispam-prvs: x-forefront-prvs: 0927AA37C7 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(346002)(376002)(396003)(366004)(39860400002)(199004)(189003)(476003)(186003)(6486002)(33896004)(68736007)(105586002)(316002)(14444005)(97736004)(6506007)(386003)(2906002)(15650500001)(102836004)(46003)(486006)(256004)(1076003)(25786009)(14454004)(71190400001)(71200400001)(8936002)(81166006)(81156014)(8676002)(86362001)(305945005)(9686003)(6512007)(6436002)(106356001)(4326008)(478600001)(7736002)(39060400002)(54906003)(99286004)(6116002)(53936002)(110136005)(58126008)(2501003)(52116002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR15MB1327; H:MWHPR15MB1134.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: skDSVKg2s90mY32xYbTjjnLvj6TELnWPLXpbP87ySG7kQ6GCGKPHi7YjeMx7G0ONBL9OzksBIiMVdxLkBL4yCkIDNoUC2mQbxDXHVTZgwGOUm/i0Ltnh66c0QDdVXXNiIuaIijJZnpC+27N1e6Iz8EyKL0UTM4VHV1vTwS9My2+R/Fr3FbBO5mytR7ZMiwV0PE9IYshDBQLfmpcx+OaaaJsYVNSfYqgj4oWFS7PJvwsluLqy3glLkQ4HoZnS/iODy89xIUT3cplF8Td2VS6HOxFPjNUV1gnRpjg2+baAWP2TtThJ2iwUKWYQf4xwJ0dKBWafGJa83gOw5pgE4IvW8y3mz5f8XtyyKgm+yOKOsSKV3X/MwsW1imMxZ3ZnXiL7x4x/AQYVSbNJAm7vHgKaY9HHLFH04NKBci0KKmbdK1c= Content-ID: <091E644315E3BF49B41799F5C41BB07D@namprd15.prod.outlook.com> MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: f526afcc-4449-43bc-33ef-08d682204f23 X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2019 17:20:59.7034 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR15MB1327 X-OriginatorOrg: fb.com X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-01-24_10:, , signatures=0 X-Proofpoint-Spam-Reason: safe X-FB-Internal: Safe Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org For TLS 1.3, the control message is encrypted. Handle control message checks after decryption. Signed-off-by: Dave Watson --- net/tls/tls_sw.c | 88 ++++++++++++++++++++++++------------------------ 1 file changed, 44 insertions(+), 44 deletions(-) diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 1003494d0563..367f5b0128f2 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -1421,16 +1421,15 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb, return err; } + rxm->offset += tls_ctx->rx.prepend_size; + rxm->full_len -= tls_ctx->rx.overhead_size; + tls_advance_record_sn(sk, &tls_ctx->rx); + ctx->decrypted = true; + ctx->saved_data_ready(sk); } else { *zc = false; } - rxm->offset += tls_ctx->rx.prepend_size; - rxm->full_len -= tls_ctx->rx.overhead_size; - tls_advance_record_sn(sk, &tls_ctx->rx); - ctx->decrypted = true; - ctx->saved_data_ready(sk); - return err; } @@ -1609,6 +1608,25 @@ int tls_sw_recvmsg(struct sock *sk, rxm = strp_msg(skb); + to_decrypt = rxm->full_len - tls_ctx->rx.overhead_size; + + if (to_decrypt <= len && !is_kvec && !is_peek && + ctx->control == TLS_RECORD_TYPE_DATA) + zc = true; + + err = decrypt_skb_update(sk, skb, &msg->msg_iter, + &chunk, &zc, ctx->async_capable); + if (err < 0 && err != -EINPROGRESS) { + tls_err_abort(sk, EBADMSG); + goto recv_end; + } + + if (err == -EINPROGRESS) { + async = true; + num_async++; + goto pick_next_record; + } + if (!cmsg) { int cerr; @@ -1626,40 +1644,22 @@ int tls_sw_recvmsg(struct sock *sk, goto recv_end; } - to_decrypt = rxm->full_len - tls_ctx->rx.overhead_size; - - if (to_decrypt <= len && !is_kvec && !is_peek) - zc = true; - - err = decrypt_skb_update(sk, skb, &msg->msg_iter, - &chunk, &zc, ctx->async_capable); - if (err < 0 && err != -EINPROGRESS) { - tls_err_abort(sk, EBADMSG); - goto recv_end; - } - - if (err == -EINPROGRESS) { - async = true; - num_async++; - goto pick_next_record; - } else { - if (!zc) { - if (rxm->full_len > len) { - retain_skb = true; - chunk = len; - } else { - chunk = rxm->full_len; - } + if (!zc) { + if (rxm->full_len > len) { + retain_skb = true; + chunk = len; + } else { + chunk = rxm->full_len; + } - err = skb_copy_datagram_msg(skb, rxm->offset, - msg, chunk); - if (err < 0) - goto recv_end; + err = skb_copy_datagram_msg(skb, rxm->offset, + msg, chunk); + if (err < 0) + goto recv_end; - if (!is_peek) { - rxm->offset = rxm->offset + chunk; - rxm->full_len = rxm->full_len - chunk; - } + if (!is_peek) { + rxm->offset = rxm->offset + chunk; + rxm->full_len = rxm->full_len - chunk; } } @@ -1759,15 +1759,15 @@ ssize_t tls_sw_splice_read(struct socket *sock, loff_t *ppos, if (!skb) goto splice_read_end; - /* splice does not support reading control messages */ - if (ctx->control != TLS_RECORD_TYPE_DATA) { - err = -ENOTSUPP; - goto splice_read_end; - } - if (!ctx->decrypted) { err = decrypt_skb_update(sk, skb, NULL, &chunk, &zc, false); + /* splice does not support reading control messages */ + if (ctx->control != TLS_RECORD_TYPE_DATA) { + err = -ENOTSUPP; + goto splice_read_end; + } + if (err < 0) { tls_err_abort(sk, EBADMSG); goto splice_read_end; From patchwork Thu Jan 24 17:21:14 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Watson X-Patchwork-Id: 1030591 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=fb.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=fb.com header.i=@fb.com header.b="if8I9TxA"; dkim=pass (1024-bit key; unprotected) header.d=fb.onmicrosoft.com header.i=@fb.onmicrosoft.com header.b="M/80hN8i"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43lpqW1MBVz9s9G for ; Fri, 25 Jan 2019 04:21:59 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728974AbfAXRV5 (ORCPT ); Thu, 24 Jan 2019 12:21:57 -0500 Received: from mx0b-00082601.pphosted.com ([67.231.153.30]:58970 "EHLO mx0b-00082601.pphosted.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727786AbfAXRV5 (ORCPT ); Thu, 24 Jan 2019 12:21:57 -0500 Received: from pps.filterd (m0109331.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x0OHGOI3009216; Thu, 24 Jan 2019 09:21:29 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=facebook; bh=rH4Fb93VMOPMqXlsOkmhczqjsd9TWMHKjNkqN0Ap5L8=; b=if8I9TxAgOec5d97yxLs5W2KNqq8JbYpmyauNrZbRfNI1LAp6irc7eG+Qk7cTs8g/XND 0pwNLsMU+kBmOPwJwOE2Rn375I3mTr+R5oswkPWH+N5olzO4CpDy5q27PZ1rOsrW6pY4 riX+vqcPiHL95B0Yba6zqxSGDhGBOVCoj7A= Received: from maileast.thefacebook.com ([199.201.65.23]) by mx0a-00082601.pphosted.com with ESMTP id 2q7gfd8br1-20 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 24 Jan 2019 09:21:29 -0800 Received: from frc-hub04.TheFacebook.com (2620:10d:c021:18::174) by frc-hub02.TheFacebook.com (2620:10d:c021:18::172) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3; Thu, 24 Jan 2019 09:21:16 -0800 Received: from NAM05-CO1-obe.outbound.protection.outlook.com (192.168.183.28) by o365-in.thefacebook.com (192.168.177.74) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3 via Frontend Transport; Thu, 24 Jan 2019 09:21:16 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rH4Fb93VMOPMqXlsOkmhczqjsd9TWMHKjNkqN0Ap5L8=; b=M/80hN8ijdlPbDe8UvA0brp/NRUNWCiXjyXmBEpyDBSHdIllPD56Grg+UQERjAE/kpFfLZuVl8NkNxeS3BqfTxz7vI+rO2o98lohAbIq4BQtGBH7UwaiQBNAzdVeGLgYcecjPbOpBnx4I7rlmtPaz4NDevkZ/Q734eYO5B3rktc= Received: from MWHPR15MB1134.namprd15.prod.outlook.com (10.175.2.12) by MWHPR15MB1327.namprd15.prod.outlook.com (10.175.3.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.17; Thu, 24 Jan 2019 17:21:14 +0000 Received: from MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc]) by MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc%8]) with mapi id 15.20.1558.016; Thu, 24 Jan 2019 17:21:14 +0000 From: Dave Watson To: "netdev@vger.kernel.org" , Dave Miller CC: Vakul Garg , Boris Pismenny , Aviad Yehezkel , John Fastabend , Daniel Borkmann Subject: [PATCH net-next 6/7] net: tls: Add tls 1.3 support Thread-Topic: [PATCH net-next 6/7] net: tls: Add tls 1.3 support Thread-Index: AQHUtAk1AX+uKRbrK0m3XMVR5BAvPQ== Date: Thu, 24 Jan 2019 17:21:14 +0000 Message-ID: <20190124172247.mmc6bh67q4vqyx72@davejwatson-mba.dhcp.thefacebook.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: NeoMutt/20180716 x-clientproxiedby: MWHPR22CA0052.namprd22.prod.outlook.com (2603:10b6:300:12a::14) To MWHPR15MB1134.namprd15.prod.outlook.com (2603:10b6:320:22::12) x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [2620:10d:c090:180::1:4f45] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; MWHPR15MB1327; 20:4rdkZTrg1e5nXCDbb+TNVDR6MJYEidYQDEukTBz0b/4+s7IXh5VktWiYfLSegccTpgN1ajaRDGieOCsIxO/7kmmnTMK69gbCUfN8poZl3kMj95QGkckwG5FJeXQVkRITBlDZuViQ3r3/XFbFW2XiicXuOn9Mko1tqAl/Aae4YIQ= x-ms-office365-filtering-correlation-id: 29f46a30-92b1-4f51-c6a6-08d6822057a2 x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(2017052603328)(7153060)(7193020); SRVR:MWHPR15MB1327; x-ms-traffictypediagnostic: MWHPR15MB1327: x-microsoft-antispam-prvs: x-forefront-prvs: 0927AA37C7 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(346002)(376002)(396003)(366004)(39860400002)(199004)(189003)(476003)(186003)(6486002)(33896004)(68736007)(105586002)(316002)(14444005)(97736004)(6506007)(30864003)(386003)(2906002)(102836004)(46003)(486006)(256004)(1076003)(25786009)(14454004)(71190400001)(71200400001)(8936002)(81166006)(81156014)(8676002)(86362001)(305945005)(9686003)(6512007)(6436002)(106356001)(4326008)(478600001)(7736002)(39060400002)(54906003)(99286004)(6116002)(53936002)(110136005)(58126008)(2501003)(52116002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR15MB1327; H:MWHPR15MB1134.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: EuJe/x7Vk6SUH4PoCzNCxDD0P5nX4AdEIdzcOkEMxb8Bz2hGRBW/ofbg4OnUKgDozZlThrhChtmaEqiQ5vWjjhP/9jqGY/Z16/C5mc0eeo6bS6ZlUipLoZH5fNBebGJazt/L/KSEsKHeY4tLUcPeVwLM7NpCOV8zGctTb8qVUi6jGyu28rkQZ6nUSfyAu6MrhiPeHBf/GnCANLxvMLl3iD4BCknVL6YdXbhVL0gX5g/OEs2fa6eF+mrpu42su67yceZdqHu7hZmwCP03w/TVCfC1tSJUnLn4UjsruEufJdE+VS1BggSdVPIdedcumhlwE4OZ1xTzfQaI+Zh7Fmro22/MjQtjzrk4gJVTT6eTTxCMsdrJ/mX53IO7k/dOvhJhMtajm01qu2iqmcqHB6KC6s5cLKWPLAyNntVgXzAF0q0= Content-ID: MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: 29f46a30-92b1-4f51-c6a6-08d6822057a2 X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2019 17:21:13.9563 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR15MB1327 X-OriginatorOrg: fb.com X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-01-24_10:, , signatures=0 X-Proofpoint-Spam-Reason: safe X-FB-Internal: Safe Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org TLS 1.3 has minor changes from TLS 1.2 at the record layer. * Header now hardcodes the same version and application content type in the header. * The real content type is appended after the data, before encryption (or after decryption). * The IV is xored with the sequence number, instead of concatinating four bytes of IV with the explicit IV. * Zero-padding: No exlicit length is given, we search backwards from the end of the decrypted data for the first non-zero byte, which is the content type. Currently recv supports reading zero-padding, but there is no way for send to add zero padding. Signed-off-by: Dave Watson --- include/net/tls.h | 66 ++++++++++++++----- include/uapi/linux/tls.h | 4 ++ net/tls/tls_device.c | 5 +- net/tls/tls_device_fallback.c | 3 +- net/tls/tls_main.c | 3 +- net/tls/tls_sw.c | 116 +++++++++++++++++++++++++++------- 6 files changed, 154 insertions(+), 43 deletions(-) diff --git a/include/net/tls.h b/include/net/tls.h index 9edb2cc7023a..a93a8ed8f716 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -119,6 +119,9 @@ struct tls_rec { /* AAD | msg_encrypted.sg.data (data contains overhead for hdr & iv & tag) */ struct scatterlist sg_aead_out[2]; + char content_type; + struct scatterlist sg_content_type; + char aad_space[TLS_AAD_SPACE_SIZE]; u8 iv_data[TLS_CIPHER_AES_GCM_128_IV_SIZE + TLS_CIPHER_AES_GCM_128_SALT_SIZE]; @@ -204,6 +207,7 @@ struct cipher_context { u16 rec_seq_size; char *rec_seq; u16 aad_size; + u16 tail_size; }; union tls_crypto_context { @@ -398,49 +402,77 @@ static inline bool tls_bigint_increment(unsigned char *seq, int len) } static inline void tls_advance_record_sn(struct sock *sk, - struct cipher_context *ctx) + struct cipher_context *ctx, + int version) { if (tls_bigint_increment(ctx->rec_seq, ctx->rec_seq_size)) tls_err_abort(sk, EBADMSG); - tls_bigint_increment(ctx->iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE, - ctx->iv_size); + + if (version != TLS_1_3_VERSION) { + tls_bigint_increment(ctx->iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE, + ctx->iv_size); + } } static inline void tls_fill_prepend(struct tls_context *ctx, char *buf, size_t plaintext_len, - unsigned char record_type) + unsigned char record_type, + int version) { size_t pkt_len, iv_size = ctx->tx.iv_size; - pkt_len = plaintext_len + iv_size + ctx->tx.tag_size; + pkt_len = plaintext_len + ctx->tx.tag_size; + if (version != TLS_1_3_VERSION) { + pkt_len += iv_size; + + memcpy(buf + TLS_NONCE_OFFSET, + ctx->tx.iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE, iv_size); + } /* we cover nonce explicit here as well, so buf should be of * size KTLS_DTLS_HEADER_SIZE + KTLS_DTLS_NONCE_EXPLICIT_SIZE */ - buf[0] = record_type; - buf[1] = TLS_VERSION_MINOR(ctx->crypto_send.info.version); - buf[2] = TLS_VERSION_MAJOR(ctx->crypto_send.info.version); + buf[0] = version == TLS_1_3_VERSION ? + TLS_RECORD_TYPE_DATA : record_type; + /* Note that VERSION must be TLS_1_2 for both TLS1.2 and TLS1.3 */ + buf[1] = TLS_1_2_VERSION_MINOR; + buf[2] = TLS_1_2_VERSION_MAJOR; /* we can use IV for nonce explicit according to spec */ buf[3] = pkt_len >> 8; buf[4] = pkt_len & 0xFF; - memcpy(buf + TLS_NONCE_OFFSET, - ctx->tx.iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE, iv_size); } static inline void tls_make_aad(char *buf, size_t size, char *record_sequence, int record_sequence_size, - unsigned char record_type) + unsigned char record_type, + int version) +{ + if (version != TLS_1_3_VERSION) { + memcpy(buf, record_sequence, record_sequence_size); + buf += 8; + } else { + size += TLS_CIPHER_AES_GCM_128_TAG_SIZE; + } + + buf[0] = version == TLS_1_3_VERSION ? + TLS_RECORD_TYPE_DATA : record_type; + buf[1] = TLS_1_2_VERSION_MAJOR; + buf[2] = TLS_1_2_VERSION_MINOR; + buf[3] = size >> 8; + buf[4] = size & 0xFF; +} + +static inline void xor_iv_with_seq(int version, char *iv, char *seq) { - memcpy(buf, record_sequence, record_sequence_size); + int i; - buf[8] = record_type; - buf[9] = TLS_1_2_VERSION_MAJOR; - buf[10] = TLS_1_2_VERSION_MINOR; - buf[11] = size >> 8; - buf[12] = size & 0xFF; + if (version == TLS_1_3_VERSION) { + for (i = 0; i < 8; i++) + iv[i + 4] ^= seq[i]; + } } static inline struct tls_context *tls_get_ctx(const struct sock *sk) diff --git a/include/uapi/linux/tls.h b/include/uapi/linux/tls.h index 9affceaa3db4..401d6f01de6a 100644 --- a/include/uapi/linux/tls.h +++ b/include/uapi/linux/tls.h @@ -51,6 +51,10 @@ #define TLS_1_2_VERSION_MINOR 0x3 #define TLS_1_2_VERSION TLS_VERSION_NUMBER(TLS_1_2) +#define TLS_1_3_VERSION_MAJOR 0x3 +#define TLS_1_3_VERSION_MINOR 0x4 +#define TLS_1_3_VERSION TLS_VERSION_NUMBER(TLS_1_3) + /* Supported ciphers */ #define TLS_CIPHER_AES_GCM_128 51 #define TLS_CIPHER_AES_GCM_128_IV_SIZE 8 diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c index d753e362d2d9..7ee9008b2187 100644 --- a/net/tls/tls_device.c +++ b/net/tls/tls_device.c @@ -257,7 +257,8 @@ static int tls_push_record(struct sock *sk, tls_fill_prepend(ctx, skb_frag_address(frag), record->len - ctx->tx.prepend_size, - record_type); + record_type, + ctx->crypto_send.info.version); /* HW doesn't care about the data in the tag, because it fills it. */ dummy_tag_frag.page = skb_frag_page(frag); @@ -270,7 +271,7 @@ static int tls_push_record(struct sock *sk, spin_unlock_irq(&offload_ctx->lock); offload_ctx->open_record = NULL; set_bit(TLS_PENDING_CLOSED_RECORD, &ctx->flags); - tls_advance_record_sn(sk, &ctx->tx); + tls_advance_record_sn(sk, &ctx->tx, ctx->crypto_send.info.version); for (i = 0; i < record->num_frags; i++) { frag = &record->frags[i]; diff --git a/net/tls/tls_device_fallback.c b/net/tls/tls_device_fallback.c index 450a6dbc5a88..54c3a758f2a7 100644 --- a/net/tls/tls_device_fallback.c +++ b/net/tls/tls_device_fallback.c @@ -73,7 +73,8 @@ static int tls_enc_record(struct aead_request *aead_req, len -= TLS_CIPHER_AES_GCM_128_IV_SIZE; tls_make_aad(aad, len - TLS_CIPHER_AES_GCM_128_TAG_SIZE, - (char *)&rcd_sn, sizeof(rcd_sn), buf[0]); + (char *)&rcd_sn, sizeof(rcd_sn), buf[0], + TLS_1_2_VERSION); memcpy(iv + TLS_CIPHER_AES_GCM_128_SALT_SIZE, buf + TLS_HEADER_SIZE, TLS_CIPHER_AES_GCM_128_IV_SIZE); diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index 0f028cfdf835..d1c2fd9a3f63 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -463,7 +463,8 @@ static int do_tls_setsockopt_conf(struct sock *sk, char __user *optval, } /* check version */ - if (crypto_info->version != TLS_1_2_VERSION) { + if (crypto_info->version != TLS_1_2_VERSION && + crypto_info->version != TLS_1_3_VERSION) { rc = -ENOTSUPP; goto err_crypto_info; } diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 367f5b0128f2..5e46112c9efd 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -120,6 +120,34 @@ static int skb_nsg(struct sk_buff *skb, int offset, int len) return __skb_nsg(skb, offset, len, 0); } +static int padding_length(struct tls_sw_context_rx *ctx, + struct tls_context *tls_ctx, struct sk_buff *skb) +{ + struct strp_msg *rxm = strp_msg(skb); + int sub = 0; + + /* Determine zero-padding length */ + if (tls_ctx->crypto_recv.info.version == TLS_1_3_VERSION) { + char content_type = 0; + int err; + int back = 17; + + while (content_type == 0) { + if (back > rxm->full_len) + return -EBADMSG; + err = skb_copy_bits(skb, + rxm->offset + rxm->full_len - back, + &content_type, 1); + if (content_type) + break; + sub++; + back++; + } + ctx->control = content_type; + } + return sub; +} + static void tls_decrypt_done(struct crypto_async_request *req, int err) { struct aead_request *aead_req = (struct aead_request *)req; @@ -142,7 +170,7 @@ static void tls_decrypt_done(struct crypto_async_request *req, int err) tls_err_abort(skb->sk, err); } else { struct strp_msg *rxm = strp_msg(skb); - + rxm->full_len -= padding_length(ctx, tls_ctx, skb); rxm->offset += tls_ctx->rx.prepend_size; rxm->full_len -= tls_ctx->rx.overhead_size; } @@ -448,6 +476,8 @@ static int tls_do_encryption(struct sock *sk, int rc; memcpy(rec->iv_data, tls_ctx->tx.iv, sizeof(rec->iv_data)); + xor_iv_with_seq(tls_ctx->crypto_send.info.version, rec->iv_data, + tls_ctx->tx.rec_seq); sge->offset += tls_ctx->tx.prepend_size; sge->length -= tls_ctx->tx.prepend_size; @@ -483,7 +513,8 @@ static int tls_do_encryption(struct sock *sk, /* Unhook the record from context if encryption is not failure */ ctx->open_rec = NULL; - tls_advance_record_sn(sk, &tls_ctx->tx); + tls_advance_record_sn(sk, &tls_ctx->tx, + tls_ctx->crypto_send.info.version); return rc; } @@ -640,7 +671,17 @@ static int tls_push_record(struct sock *sk, int flags, i = msg_pl->sg.end; sk_msg_iter_var_prev(i); - sg_mark_end(sk_msg_elem(msg_pl, i)); + + rec->content_type = record_type; + if (tls_ctx->crypto_send.info.version == TLS_1_3_VERSION) { + /* Add content type to end of message. No padding added */ + sg_set_buf(&rec->sg_content_type, &rec->content_type, 1); + sg_mark_end(&rec->sg_content_type); + sg_chain(msg_pl->sg.data, msg_pl->sg.end + 1, + &rec->sg_content_type); + } else { + sg_mark_end(sk_msg_elem(msg_pl, i)); + } i = msg_pl->sg.start; sg_chain(rec->sg_aead_in, 2, rec->inplace_crypto ? @@ -653,18 +694,22 @@ static int tls_push_record(struct sock *sk, int flags, i = msg_en->sg.start; sg_chain(rec->sg_aead_out, 2, &msg_en->sg.data[i]); - tls_make_aad(rec->aad_space, msg_pl->sg.size, + tls_make_aad(rec->aad_space, msg_pl->sg.size + tls_ctx->tx.tail_size, tls_ctx->tx.rec_seq, tls_ctx->tx.rec_seq_size, - record_type); + record_type, + tls_ctx->crypto_send.info.version); tls_fill_prepend(tls_ctx, page_address(sg_page(&msg_en->sg.data[i])) + - msg_en->sg.data[i].offset, msg_pl->sg.size, - record_type); + msg_en->sg.data[i].offset, + msg_pl->sg.size + tls_ctx->tx.tail_size, + record_type, + tls_ctx->crypto_send.info.version); tls_ctx->pending_open_record_frags = false; - rc = tls_do_encryption(sk, tls_ctx, ctx, req, msg_pl->sg.size, i); + rc = tls_do_encryption(sk, tls_ctx, ctx, req, + msg_pl->sg.size + tls_ctx->tx.tail_size, i); if (rc < 0) { if (rc != -EINPROGRESS) { tls_err_abort(sk, EBADMSG); @@ -1292,7 +1337,8 @@ static int decrypt_internal(struct sock *sk, struct sk_buff *skb, u8 *aad, *iv, *mem = NULL; struct scatterlist *sgin = NULL; struct scatterlist *sgout = NULL; - const int data_len = rxm->full_len - tls_ctx->rx.overhead_size; + const int data_len = rxm->full_len - tls_ctx->rx.overhead_size + + tls_ctx->rx.tail_size; if (*zc && (out_iov || out_sg)) { if (out_iov) @@ -1343,12 +1389,20 @@ static int decrypt_internal(struct sock *sk, struct sk_buff *skb, kfree(mem); return err; } - memcpy(iv, tls_ctx->rx.iv, TLS_CIPHER_AES_GCM_128_SALT_SIZE); + if (tls_ctx->crypto_recv.info.version == TLS_1_3_VERSION) + memcpy(iv, tls_ctx->rx.iv, crypto_aead_ivsize(ctx->aead_recv)); + else + memcpy(iv, tls_ctx->rx.iv, TLS_CIPHER_AES_GCM_128_SALT_SIZE); + + xor_iv_with_seq(tls_ctx->crypto_recv.info.version, iv, + tls_ctx->rx.rec_seq); /* Prepare AAD */ - tls_make_aad(aad, rxm->full_len - tls_ctx->rx.overhead_size, + tls_make_aad(aad, rxm->full_len - tls_ctx->rx.overhead_size + + tls_ctx->rx.tail_size, tls_ctx->rx.rec_seq, tls_ctx->rx.rec_seq_size, - ctx->control); + ctx->control, + tls_ctx->crypto_recv.info.version); /* Prepare sgin */ sg_init_table(sgin, n_sgin); @@ -1405,6 +1459,7 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb, { struct tls_context *tls_ctx = tls_get_ctx(sk); struct tls_sw_context_rx *ctx = tls_sw_ctx_rx(tls_ctx); + int version = tls_ctx->crypto_recv.info.version; struct strp_msg *rxm = strp_msg(skb); int err = 0; @@ -1417,13 +1472,17 @@ static int decrypt_skb_update(struct sock *sk, struct sk_buff *skb, err = decrypt_internal(sk, skb, dest, NULL, chunk, zc, async); if (err < 0) { if (err == -EINPROGRESS) - tls_advance_record_sn(sk, &tls_ctx->rx); + tls_advance_record_sn(sk, &tls_ctx->rx, + version); return err; } + + rxm->full_len -= padding_length(ctx, tls_ctx, skb); + rxm->offset += tls_ctx->rx.prepend_size; rxm->full_len -= tls_ctx->rx.overhead_size; - tls_advance_record_sn(sk, &tls_ctx->rx); + tls_advance_record_sn(sk, &tls_ctx->rx, version); ctx->decrypted = true; ctx->saved_data_ready(sk); } else { @@ -1611,7 +1670,8 @@ int tls_sw_recvmsg(struct sock *sk, to_decrypt = rxm->full_len - tls_ctx->rx.overhead_size; if (to_decrypt <= len && !is_kvec && !is_peek && - ctx->control == TLS_RECORD_TYPE_DATA) + ctx->control == TLS_RECORD_TYPE_DATA && + tls_ctx->crypto_recv.info.version != TLS_1_3_VERSION) zc = true; err = decrypt_skb_update(sk, skb, &msg->msg_iter, @@ -1835,9 +1895,12 @@ static int tls_read_size(struct strparser *strp, struct sk_buff *skb) data_len = ((header[4] & 0xFF) | (header[3] << 8)); - cipher_overhead = tls_ctx->rx.tag_size + tls_ctx->rx.iv_size; + cipher_overhead = tls_ctx->rx.tag_size; + if (tls_ctx->crypto_recv.info.version != TLS_1_3_VERSION) + cipher_overhead += tls_ctx->rx.iv_size; - if (data_len > TLS_MAX_PAYLOAD_SIZE + cipher_overhead) { + if (data_len > TLS_MAX_PAYLOAD_SIZE + cipher_overhead + + tls_ctx->rx.tail_size) { ret = -EMSGSIZE; goto read_failure; } @@ -1846,12 +1909,12 @@ static int tls_read_size(struct strparser *strp, struct sk_buff *skb) goto read_failure; } - if (header[1] != TLS_VERSION_MINOR(tls_ctx->crypto_recv.info.version) || - header[2] != TLS_VERSION_MAJOR(tls_ctx->crypto_recv.info.version)) { + /* Note that both TLS1.3 and TLS1.2 use TLS_1_2 version here */ + if (header[1] != TLS_1_2_VERSION_MINOR || + header[2] != TLS_1_2_VERSION_MAJOR) { ret = -EINVAL; goto read_failure; } - #ifdef CONFIG_TLS_DEVICE handle_device_resync(strp->sk, TCP_SKB_CB(skb)->seq + rxm->offset, *(u64*)tls_ctx->rx.rec_seq); @@ -2098,10 +2161,19 @@ int tls_set_sw_offload(struct sock *sk, struct tls_context *ctx, int tx) goto free_priv; } - cctx->aad_size = TLS_AAD_SPACE_SIZE; + if (crypto_info->version == TLS_1_3_VERSION) { + nonce_size = 0; + cctx->aad_size = TLS_HEADER_SIZE; + cctx->tail_size = 1; + } else { + cctx->aad_size = TLS_AAD_SPACE_SIZE; + cctx->tail_size = 0; + } + cctx->prepend_size = TLS_HEADER_SIZE + nonce_size; cctx->tag_size = tag_size; - cctx->overhead_size = cctx->prepend_size + cctx->tag_size; + cctx->overhead_size = cctx->prepend_size + cctx->tag_size + + cctx->tail_size; cctx->iv_size = iv_size; cctx->iv = kmalloc(iv_size + TLS_CIPHER_AES_GCM_128_SALT_SIZE, GFP_KERNEL); From patchwork Thu Jan 24 17:21:23 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Dave Watson X-Patchwork-Id: 1030593 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=none dis=none) header.from=fb.com Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=fb.com header.i=@fb.com header.b="bpoEA72+"; dkim=pass (1024-bit key; unprotected) header.d=fb.onmicrosoft.com header.i=@fb.onmicrosoft.com header.b="e6FxvKjk"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 43lpr41Zl0z9s9G for ; Fri, 25 Jan 2019 04:22:28 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727786AbfAXRW1 (ORCPT ); Thu, 24 Jan 2019 12:22:27 -0500 Received: from mx0b-00082601.pphosted.com ([67.231.153.30]:52622 "EHLO mx0a-00082601.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1728984AbfAXRW0 (ORCPT ); Thu, 24 Jan 2019 12:22:26 -0500 Received: from pps.filterd (m0001255.ppops.net [127.0.0.1]) by mx0b-00082601.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x0OHINUP030425; Thu, 24 Jan 2019 09:22:02 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : content-type : content-id : content-transfer-encoding : mime-version; s=facebook; bh=KI/nx3GuYibUg+OebmT5ttBmTA3TlbuCKVL9bunvWsE=; b=bpoEA72+3PL1FvmE9FXbcHfUVYVHoWUCDMsv2vwc6TJoyb+17h4di7YfMvWNxktoAEoP dKdd9a96AGofRGT2rlQEG8hRwzYnsWd0/bjX6UXmdrUbO6WBe13/lnTui6FuNqmnbXX/ xl7/PW7I6fXI0PhihOuKz7c3Wd6SxiojOqc= Received: from mail.thefacebook.com ([199.201.64.23]) by mx0b-00082601.pphosted.com with ESMTP id 2q7g2brek6-4 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Thu, 24 Jan 2019 09:22:02 -0800 Received: from prn-hub04.TheFacebook.com (2620:10d:c081:35::128) by prn-hub01.TheFacebook.com (2620:10d:c081:35::125) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3; Thu, 24 Jan 2019 09:21:24 -0800 Received: from NAM05-CO1-obe.outbound.protection.outlook.com (192.168.54.28) by o365-in.thefacebook.com (192.168.16.28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.1.1531.3 via Frontend Transport; Thu, 24 Jan 2019 09:21:24 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.onmicrosoft.com; s=selector1-fb-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KI/nx3GuYibUg+OebmT5ttBmTA3TlbuCKVL9bunvWsE=; b=e6FxvKjkNXi9rU7YjBDxhWRzfPGss8WnpQ2Oa91WLHJNF6PhBOC61cwfZ1mlSNQX01g85yBRubxX59pxYVgQ+gkfi2XGGJ7jCtkNGy3waQ8kGScKpgw+FD3Kfuga+c7f+Z7+GldOIWF1ykPQ9WJ/PAgEyilzI4i3KT6YaCsFVTQ= Received: from MWHPR15MB1134.namprd15.prod.outlook.com (10.175.2.12) by MWHPR15MB1327.namprd15.prod.outlook.com (10.175.3.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1558.17; Thu, 24 Jan 2019 17:21:24 +0000 Received: from MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc]) by MWHPR15MB1134.namprd15.prod.outlook.com ([fe80::93f:b6fe:a6e9:80dc%8]) with mapi id 15.20.1558.016; Thu, 24 Jan 2019 17:21:24 +0000 From: Dave Watson To: "netdev@vger.kernel.org" , Dave Miller CC: Vakul Garg , Boris Pismenny , Aviad Yehezkel , John Fastabend , Daniel Borkmann Subject: [PATCH net-next 7/7] net: tls: Add tests for TLS 1.3 Thread-Topic: [PATCH net-next 7/7] net: tls: Add tests for TLS 1.3 Thread-Index: AQHUtAk7dfNglf/3fEa0HgVuaehXtQ== Date: Thu, 24 Jan 2019 17:21:23 +0000 Message-ID: <20190124172257.e5yb47es3kqilrun@davejwatson-mba.dhcp.thefacebook.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: user-agent: NeoMutt/20180716 x-clientproxiedby: MWHPR0201CA0012.namprd02.prod.outlook.com (2603:10b6:301:74::25) To MWHPR15MB1134.namprd15.prod.outlook.com (2603:10b6:320:22::12) x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [2620:10d:c090:180::1:4f45] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; MWHPR15MB1327; 20:e1oSL2OGtXW7AYn+tDbE5Y72UGSl02bNIgXEc4/DVzQ8ftexaMgzmK0ObMKvFNcRcXpCJj/43g66jT8/Zu90h+LqMOy8fp1e+LWnOrWvfiADPkQhdlcRYaQMxz/J2ZHrpEhMDfL7yJn+BD2T0PhRbN1ubhvQ/cmiSmkcKAWwHG0= x-ms-office365-filtering-correlation-id: 7c55d03a-ba5e-4547-f450-08d682205d4c x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(2017052603328)(7153060)(7193020); SRVR:MWHPR15MB1327; x-ms-traffictypediagnostic: MWHPR15MB1327: x-microsoft-antispam-prvs: x-forefront-prvs: 0927AA37C7 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(136003)(346002)(376002)(396003)(366004)(39860400002)(199004)(189003)(476003)(186003)(6486002)(33896004)(68736007)(105586002)(316002)(14444005)(97736004)(6506007)(386003)(2906002)(102836004)(46003)(486006)(256004)(1076003)(25786009)(14454004)(71190400001)(71200400001)(8936002)(81166006)(81156014)(8676002)(86362001)(305945005)(9686003)(6512007)(6436002)(106356001)(4326008)(478600001)(7736002)(39060400002)(54906003)(99286004)(6116002)(53936002)(110136005)(58126008)(2501003)(52116002); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR15MB1327; H:MWHPR15MB1134.namprd15.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: fb.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: rNEU/0A8JYxQZdGcYSraVaI38GCqz8gwTuXJ+5CK7Ze04GnqZatFSyHy/kWC3pbFWtZvbeJERbH2aYGTV8b8A4c8NQKOx/7lJecoxJ44F6p8uYPZIrQ+u77neBmXPpsHEXF46m9ZzWxLeZzXEyLoPoTLBtSCKsUJhSDUB3gHsxtRCQkS8jvn5lsfBhyZ/c9/Fv0jKULc8vGtdXcFr8Ip+MJ88k1hRvghoDUocsVVBPM4i0FI0tBs2EaKtvN8aJtdkxirlgiIOdhr5St+6fm8FheReYof++2tqhT67SyD0ag2OftnA8lqa2qdMsr6ZVsQKxuR9MR+FlxwbBbL4agvvbKYmqpE2NbAS4072wuABkYXg37i2UAalCtU+zTpHoOCj+DJuxLVm5FR/HpJ0awoaKMdsLYnwhD6ptfx5ga65OA= Content-ID: MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: 7c55d03a-ba5e-4547-f450-08d682205d4c X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jan 2019 17:21:23.4621 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR15MB1327 X-OriginatorOrg: fb.com X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-01-24_10:, , signatures=0 X-Proofpoint-Spam-Reason: safe X-FB-Internal: Safe Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Change most tests to TLS 1.3, while adding tests for previous TLS 1.2 behavior. Signed-off-by: Dave Watson --- tools/testing/selftests/net/tls.c | 76 ++++++++++++++++++++++++++++++- 1 file changed, 75 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/net/tls.c index c356f481de79..4ac50ccb3272 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c @@ -42,7 +42,7 @@ FIXTURE_SETUP(tls) len = sizeof(addr); memset(&tls12, 0, sizeof(tls12)); - tls12.info.version = TLS_1_2_VERSION; + tls12.info.version = TLS_1_3_VERSION; tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; addr.sin_family = AF_INET; @@ -825,4 +825,78 @@ TEST(keysizes) { close(cfd); } +TEST(tls12) { + int fd, cfd; + bool notls; + + struct tls12_crypto_info_aes_gcm_128 tls12; + struct sockaddr_in addr; + socklen_t len; + int sfd, ret; + + notls = false; + len = sizeof(addr); + + memset(&tls12, 0, sizeof(tls12)); + tls12.info.version = TLS_1_2_VERSION; + tls12.info.cipher_type = TLS_CIPHER_AES_GCM_128; + + addr.sin_family = AF_INET; + addr.sin_addr.s_addr = htonl(INADDR_ANY); + addr.sin_port = 0; + + fd = socket(AF_INET, SOCK_STREAM, 0); + sfd = socket(AF_INET, SOCK_STREAM, 0); + + ret = bind(sfd, &addr, sizeof(addr)); + ASSERT_EQ(ret, 0); + ret = listen(sfd, 10); + ASSERT_EQ(ret, 0); + + ret = getsockname(sfd, &addr, &len); + ASSERT_EQ(ret, 0); + + ret = connect(fd, &addr, sizeof(addr)); + ASSERT_EQ(ret, 0); + + ret = setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); + if (ret != 0) { + notls = true; + printf("Failure setting TCP_ULP, testing without tls\n"); + } + + if (!notls) { + ret = setsockopt(fd, SOL_TLS, TLS_TX, &tls12, + sizeof(tls12)); + ASSERT_EQ(ret, 0); + } + + cfd = accept(sfd, &addr, &len); + ASSERT_GE(cfd, 0); + + if (!notls) { + ret = setsockopt(cfd, IPPROTO_TCP, TCP_ULP, "tls", + sizeof("tls")); + ASSERT_EQ(ret, 0); + + ret = setsockopt(cfd, SOL_TLS, TLS_RX, &tls12, + sizeof(tls12)); + ASSERT_EQ(ret, 0); + } + + close(sfd); + + char const *test_str = "test_read"; + int send_len = 10; + char buf[10]; + + send_len = strlen(test_str) + 1; + EXPECT_EQ(send(fd, test_str, send_len, 0), send_len); + EXPECT_NE(recv(cfd, buf, send_len, 0), -1); + EXPECT_EQ(memcmp(buf, test_str, send_len), 0); + + close(fd); + close(cfd); +} + TEST_HARNESS_MAIN