Received: by 2002:a25:ab43:0:0:0:0:0 with SMTP id u61csp3551319ybi;
        Tue, 18 Jun 2019 02:39:31 -0700 (PDT)
X-Google-Smtp-Source: APXvYqyTpDGJ7rqa9dBrlW0gwZ3wFlyXKkdxZKQIf3deELjMziOVWh9rcHCh9aWQlKM47mbxAMt4
X-Received: by 2002:a63:6105:: with SMTP id v5mr1820364pgb.312.1560850771563;
        Tue, 18 Jun 2019 02:39:31 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1560850771; cv=none;
        d=google.com; s=arc-20160816;
        b=ShIzCg+uWpuxdmWGD9TxPp2KfoSBbGBGLskP7q9XC8UeG3o1y9MfdkmGW3xr0Q7HvJ
         RBSn8cSCkD06/nmR3DewAT5dHzjn77aUN6oka5TcTmQyCmN4LYOZVujHhhcPnACj6r3a
         3ARgbvy4Y+GsB7Uzjto2f/ibhw35RaY8aNGwmpDqWAHns3zV0ZVqiOzzPouQ1jyn/0xG
         SPYrNZbHvQW+TTnEkZfDGXKpAOAU1Xz9jo16TBG0nAKzHMSklX/ymCOBWZD0XqKfxgv1
         FoCrVqWr0VGVsJYQw8VrBYDy/ny0hSMQdEqwC0kd1NY+v+rHAa+XK2Ac0WHZ82LldoDz
         96tg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature;
        bh=leaXUi5ri0cQyDOTph/umJ47L10A5R130By8h9bkWuM=;
        b=Nwkd95nmswlc+LPYqTbysBjsxx7GYZmmWO+KkQ3b0hoAlgsYmjHVHNB2syjX6oAe3u
         KTbJ3nq7draq3gaTDhsKYKqZA22rh0i6eiynIrS06CL0RDsR7VaO6mm7o7pyveWODJ2m
         2AybnoNemz8gF18YDLJlMpgAEtRt1flWpeFEGHR6aCC2pqd5QK4GB+uR00KLveqzs5pg
         MNCavKRAOLldJlqc5walz/c0tWqaKNyqvUyPDmfIoGCkcx5RNOtem6gWQLZSoOUL6fYr
         kLmd2GFpVtKgyckHNZH87QF/Evo9pgiBQ+t1KvgLv0T1fxjrv929EGkZihNBLg+NI3jr
         hk5Q==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=GiJrqR8t;
       spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-crypto-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 64si12641307ply.399.2019.06.18.02.39.18;
        Tue, 18 Jun 2019 02:39:31 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=GiJrqR8t;
       spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729296AbfFRJjQ (ORCPT <rfc822;venktesh.bolla@gmail.com>
        + 99 others); Tue, 18 Jun 2019 05:39:16 -0400
Received: from mail-yw1-f68.google.com ([209.85.161.68]:38096 "EHLO
        mail-yw1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1729113AbfFRJjQ (ORCPT
        <rfc822;linux-crypto@vger.kernel.org>);
        Tue, 18 Jun 2019 05:39:16 -0400
Received: by mail-yw1-f68.google.com with SMTP id k125so6440216ywe.5
        for <linux-crypto@vger.kernel.org>; Tue, 18 Jun 2019 02:39:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=leaXUi5ri0cQyDOTph/umJ47L10A5R130By8h9bkWuM=;
        b=GiJrqR8tEg+IgMf+ERQsK3vkLG/3KxpD6hP1IKk+/jSWrrTb0LJmXU7Z1Iv8SthYTG
         /+L+fPxg3AE5IR5cgOTyRvHzcfSwNUWHkAEiWIW+DBZYBd1GJJJ/aaibb4vnhIPVogvK
         JJtEKDlQ3glh8mrfetO+lYKUunHPcj0yAVVuEss9Pt9QC583HKroYWioqBc24zTgJI3h
         knS35KmWHe4nAy8P0vJDzyY3RvLNnXI8Il1eTIP3CyCx7YXcYXbQCHQR6Gr1uauCYlER
         tLhy/Uy38JoJcfweB/H8HfFwZ3rOZM2SPwAO7H/qisjo5ITX0+vm2KS3fMABNEDqaatW
         BJ7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=leaXUi5ri0cQyDOTph/umJ47L10A5R130By8h9bkWuM=;
        b=qneQir4CLDHq2uDosPkkrAU5MWX69scj+Ik8Uu3w29tGNRG9WRSZMqnNeKww2NW6Xi
         70jVgik53KUoYwBVa62fDrS1tq8xhUijGL0SUkCvuhHpuqT9SYttlWyTUToWRF1aTFW4
         SW0z/F0J+iMZlA+FGQBUrb5pEciaCAYxph9hxHT8jR3LE/qdlW9xDv+rVykF/EKCcrw0
         Hd35bylwz/0Xiiw6qPH/hcubpxIbM3BH3EQVZHBEAdvOCbh+73PxWHIgnv86S5zC0HQ7
         pkstBSHiEzVFA18d0tTMLDW0025gi8BR8jEhY/7l8tSdXqJeG43tOdGIMp2RDogN6jmD
         Nl2g==
X-Gm-Message-State: APjAAAV6q4qySFBULRj7IeYnO6YgOGfbpFfIEYkmBjC7GJ4tEXGAScX+
        YJyXymk4JNJMFrJz4lzgKrij/FJ4bTlT3TDxlBs+JikHyCg=
X-Received: by 2002:a0d:dfc4:: with SMTP id i187mr20962306ywe.146.1560850755293;
 Tue, 18 Jun 2019 02:39:15 -0700 (PDT)
MIME-Version: 1.0
References: <20190618093207.13436-1-ard.biesheuvel@linaro.org> <20190618093207.13436-2-ard.biesheuvel@linaro.org>
In-Reply-To: <20190618093207.13436-2-ard.biesheuvel@linaro.org>
From:   Eric Dumazet <edumazet@google.com>
Date:   Tue, 18 Jun 2019 02:39:04 -0700
Message-ID: <CANn89iJuTq36KMf1madQH08g6K0a-Uj-PDH80ao9zuEw+WNcZg@mail.gmail.com>
Subject: Re: [PATCH 1/2] net: fastopen: make key handling more robust against
 future changes
To:     Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc:     netdev <netdev@vger.kernel.org>,
        Eric Biggers <ebiggers@kernel.org>,
        linux-crypto@vger.kernel.org,
        Herbert Xu <herbert@gondor.apana.org.au>,
        David Miller <davem@davemloft.net>,
        Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>,
        Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
        Jason Baron <jbaron@akamai.com>,
        Christoph Paasch <cpaasch@apple.com>,
        David Laight <David.Laight@aculab.com>,
        Yuchung Cheng <ycheng@google.com>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org

On Tue, Jun 18, 2019 at 2:32 AM Ard Biesheuvel
<ard.biesheuvel@linaro.org> wrote:
>
> Some changes to the TCP fastopen code to make it more robust
> against future changes in the choice of key/cookie size, etc.
>
> - Instead of keeping the SipHash key in an untyped u8[] buffer
>   and casting it to the right type upon use, use the correct
>   siphash_key_t type directly. This ensures that the key will
>   appear at the correct alignment if we ever change the way
>   these data structures are allocated. (Currently, they are
>   only allocated via kmalloc so they always appear at the
>   correct alignment)
>
> - Use DIV_ROUND_UP when sizing the u64[] array to hold the
>   cookie, so it is always of sufficient size, even when
>   TCP_FASTOPEN_COOKIE_MAX is no longer a multiple of 8.
>
> - Add a key length check to tcp_fastopen_reset_cipher(). No
>   callers exist currently that fail this check (they all pass
>   compile constant values that equal TCP_FASTOPEN_KEY_LENGTH),
>   but future changes might create problems, e.g., by leaving part
>   of the key uninitialized, or overflowing the key buffers.
>
> Note that none of these are functional changes wrt the current
> state of the code.
>
...

> -       memcpy(ctx->key[0], primary_key, len);
> +       if (unlikely(len != TCP_FASTOPEN_KEY_LENGTH)) {
> +               pr_err("TCP: TFO key length %u invalid\n", len);
> +               err = -EINVAL;
> +               goto out;
> +       }


Why a pr_err() is there ?

Can unpriv users flood the syslog ?