Received: by 2002:a05:6a10:c604:0:0:0:0 with SMTP id y4csp19193pxt; Wed, 11 Aug 2021 13:24:23 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw0GMphRGa+jwtD8cm53vBAC626oxTedZyk3+5kwrQyJrbptSOFsNEOeh6WJF+4FFa27Oll X-Received: by 2002:a05:6638:412a:: with SMTP id ay42mr562992jab.59.1628713463720; Wed, 11 Aug 2021 13:24:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1628713463; cv=none; d=google.com; s=arc-20160816; b=AFXzW9KXdtfs7s5WLBM3qHVU1KnHikC/0GtvZSXjNZ/NHYok3L0JgperouB7B3MWih FB9IyXjB6i8LCHbIFsO/AmzJnEei+sj8ebmeP4UHhrB4O15+XzuL2bSWk+TyE+Qg4Gpa innYRLjLda3BnMdclgZfn89GY2gnsJ2kqTFVw2Rf3YYPEBCsX7v4+8c5kkdfXoXOFc0K qG0XgHuEinMFrssSugfPAd14wUCvXCvu1Xwr4AFnSvjYaubq2ug9TMu+Zc17An1d1jnF n7BueOh5OwrZK+ilGHPc5hveg1pP8pt3bc5b8A06L99+3eOjaGOV8DTKlGEq8vMKDda2 ktMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:from:references :cc:to:subject:dkim-signature; bh=s+f+4MX2HmyiNsKxDkCt5V/RaI2cWZb37FwnlbVo/jE=; b=IIP3P6At3LnEq5lDCnG/E1qsDQD9zaOwQf7Pbar41qpqI5GRIiER76ReJDIFhfvpgT WCBzw0XafyPLz2OhsekXbKuLocFRB8GzcvCKGr0x1bvPyCv8qEAbMzXRipbSUxCNKRnK 6OH4bHZenkDjZ98YsV8CHY9nS7XuxTtGRIPYVsOvhJAaf2VMse3pqqhHjRrs7shWgdCY GSlwJtOLjjoLNwwCsvXxyB+r6km7TKVsrdhgp5uzvUcZPk/5kr7dVdF3z1PjZHYMmRnG 955lgp/wShKX4AlISkC9ARMTZu8LrgppFfGlB5D8b9et87N2Ou6nCz4bScpvUF3aWDBk sQ3A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=eUxw0T9I; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id l15si350918ios.94.2021.08.11.13.23.58; Wed, 11 Aug 2021 13:24:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=eUxw0T9I; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231481AbhHKUYU (ORCPT + 99 others); Wed, 11 Aug 2021 16:24:20 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55964 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229655AbhHKUYT (ORCPT ); Wed, 11 Aug 2021 16:24:19 -0400 Received: from mail-oi1-x236.google.com (mail-oi1-x236.google.com [IPv6:2607:f8b0:4864:20::236]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AA9CFC061765; Wed, 11 Aug 2021 13:23:55 -0700 (PDT) Received: by mail-oi1-x236.google.com with SMTP id bj40so6477393oib.6; Wed, 11 Aug 2021 13:23:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=s+f+4MX2HmyiNsKxDkCt5V/RaI2cWZb37FwnlbVo/jE=; b=eUxw0T9IKgcPXbhrsmyjy4aDmWDoefgFWeeZD4RDrjTUuqw+/gWNg8Yu/aAvbMxwff 1h2TS2Oljy/vpW4RVfkmjqIhm6poXAcDQJi2gA4v9zX7JpHL5+u1AsHFkv29hY4R0S4u Cr1rFalTQSDwjKruWYmU8cCZ5Po3V9a0n+M+qTYsjP5yp1M/CqRcOkN4+yCe4eJV5Ydb my1XlMknuobvZpg64bQ7OZcXbosvKy0ECno/jrcdF8yvKaWrWnKUiKUiS/huBlMgmDoR FnNXtM26m4X6go0ybI3/D5vCPAz1zoRcVs8JiPVRo5dARry4xu/ziwtRl5bKzRWdh9jt S6OQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=s+f+4MX2HmyiNsKxDkCt5V/RaI2cWZb37FwnlbVo/jE=; b=RDUZ3HNDMNsvAkUTXu6FOpS+cwlpyQL/C76fQCygiy08OMfAlBOwhTt7nMKGj+LJjf a31GWZt1A8Y1d9FinzDpF8mVfginpfK5Mfa5DvL0EV3t80kS9OnptSZkCwsVU7Ud/xYS WfJGkrcN8P8cjyIs1XdwPsjnXKw16JNLluDZ5NgJUwiYrnGPW+xaodoggFd0NikBiy+c 2RzWZKz8ajqQ3RAlEiwEkNHR0kmSRg6lLstZLyDzyOWEoMCnpnGX4zWgOAwtDRiXsMGf OzvAOCY9whWZxdxEeInSzvLy/SVRoXgJdDZM4gAE2nrHA+072AD0Kiu8LnQRPH4BIWdh 1FKw== X-Gm-Message-State: AOAM532Oku8g/uGpjK11DNQlMwj9SQCqanh51NtzIZz3xnj293AcTzrG wrW6dfe4Da3hxrAWsrMezAU= X-Received: by 2002:a05:6808:181a:: with SMTP id bh26mr9075974oib.113.1628713435132; Wed, 11 Aug 2021 13:23:55 -0700 (PDT) Received: from Davids-MacBook-Pro.local ([8.48.134.45]) by smtp.googlemail.com with ESMTPSA id t3sm125779otm.28.2021.08.11.13.23.53 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 11 Aug 2021 13:23:54 -0700 (PDT) Subject: Re: [RFCv2 1/9] tcp: authopt: Initial support and key management To: Dmitry Safonov <0x7f454c46@gmail.com>, Leonard Crestez Cc: Eric Dumazet , "David S. Miller" , Herbert Xu , Kuniyuki Iwashima , David Ahern , Hideaki YOSHIFUJI , Jakub Kicinski , Yuchung Cheng , Francesco Ruggeri , Mat Martineau , Christoph Paasch , Ivan Delalande , Priyaranjan Jha , Menglong Dong , open list , linux-crypto@vger.kernel.org, Network Development , Dmitry Safonov References: <67c1471683200188b96a3f712dd2e8def7978462.1628544649.git.cdleonard@gmail.com> <1e2848fb-1538-94aa-0431-636fa314a36d@gmail.com> <68749e37-8e29-7a51-2186-7692f5fd6a79@gmail.com> <2c39e02b-1da5-7a62-512e-67f008fe15fc@gmail.com> From: David Ahern Message-ID: <89dae60c-7310-40a9-0ddb-566068799a58@gmail.com> Date: Wed, 11 Aug 2021 14:23:52 -0600 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.12.0 MIME-Version: 1.0 In-Reply-To: <2c39e02b-1da5-7a62-512e-67f008fe15fc@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On 8/11/21 2:12 PM, Dmitry Safonov wrote: > Hi David, > > On 8/11/21 6:15 PM, David Ahern wrote: >> On 8/11/21 8:31 AM, Dmitry Safonov wrote: >>> On 8/11/21 9:29 AM, Leonard Crestez wrote: >>>> On 8/10/21 11:41 PM, Dmitry Safonov wrote: > [..] >>>>> I'm pretty sure it's not a good choice to write partly tcp_authopt. >>>>> And a user has no way to check what's the correct len on this kernel. >>>>> Instead of len = min_t(unsigned int, len, sizeof(info)), it should be >>>>> if (len != sizeof(info)) >>>>>      return -EINVAL; >>>> >>>> Purpose is to allow sockopts to grow as md5 has grown. >>> >>> md5 has not grown. See above. >> >> MD5 uapi has - e.g., 8917a777be3ba and 6b102db50cdde. We want similar >> capabilities for growth with this API. > > So, you mean adding a new setsockopt when the struct has to be extended? > Like TCP_AUTHOPT_EXT? uh, no. That was needed because of failures with the original implementation wrt checking that all unused bits are 0. If checking is not done from day 1, that field can never be used in the future. My point here was only that MD5 uapi was extended. My second point is more relevant to Leonard as a very recent example of how to build an extendable struct. >> >> Look at how TCP_ZEROCOPY_RECEIVE has grown over releases as an example >> of how to properly handle this. > > Exactly. > > : switch (len) { > : case offsetofend(...) > : case offsetofend(...) > > And than also: > : if (unlikely(len > sizeof(zc))) { > : err = check_zeroed_user(optval + sizeof(zc), > : len - sizeof(zc)); > > Does it sound similar to what I've written in my ABI review? > And what the LWN article has in it. > Please, look again at the patch I replied to. > > Thanks, > Dmitry >