Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp1285633rwi; Thu, 27 Oct 2022 13:48:54 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6RKMq0OQ9QoOD95Kl15gB0cB9qinLZhDLFjTYZtNadRMp8SwzMQNunnhJPYtrcxFlqHYPA X-Received: by 2002:a17:902:ab8f:b0:185:46d3:8c96 with SMTP id f15-20020a170902ab8f00b0018546d38c96mr53483614plr.136.1666903734595; Thu, 27 Oct 2022 13:48:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666903734; cv=none; d=google.com; s=arc-20160816; b=y7UnZOEhnnzMoJAnAvH6kEjfbSlPdfNRFOX5X6IlGjjs7N9JAxoq5aUNuyYhRf+TOk o7vTIUiBb25rQDUVvEKltTLybuApzZf7QaSSHfkBRJPTWw6FF+Uogm0XDc7u3CloiafW Gd8imPjRCP0b577KQ4HP1Pa+1gV9QxbY82gjoywrWtMvw+l4WrPpRazQtA35AYDTEH/6 8g15pmOa/g3i7um9NYlnpvBctCQCxuQFjdxwsGYR6p/22jCgP5HH9gV5zl3IsAX/mxRZ kK1+I5jru9a913HFvtADIm512N0FK1Qh5EzNkSrAmnjIuxQTRFWanl3+kzVkuu/MEJeA s+aA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=gvBXVhpcez3XO6Nwqh+zOqiYrLDIacbTKCXk4BjRv5s=; b=xlpL1w6EPaslk08yxfWgBSJFPsRWz1bj/D0TaubZbLNT8+3Lwzo74FdMPK6mL391FL MHYQCTJ5OpjtuJMoIq5ZShc0+DkGWOqti8T7OpUczyEUMDQLFmxRWq244cz/LH35LPGD kaQPC7goikwoj1ijdmfKLGvUFVSgAoUWsE+TtTIZJDlfkZ3t5SAhvozjTt5FyT4SdQ2h u8YOHwmM50zwef/zvg3fP1VBOs+kWu/xwDWW/gd4M0DZowEVEYJpRd4QB/DJAu3l3NWL oc7wx4bgFmDeUkLbLeJqOtxgXKYDDe3augGjqfoBcosQTVUc2WUmr5NRujMLTjRaKMCK OATQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@arista.com header.s=google header.b=Z8PpdAqq; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=arista.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g65-20020a636b44000000b0046aeec7fe3dsi2685640pgc.703.2022.10.27.13.48.39; Thu, 27 Oct 2022 13:48:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@arista.com header.s=google header.b=Z8PpdAqq; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=arista.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237027AbiJ0UsD (ORCPT + 99 others); Thu, 27 Oct 2022 16:48:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59358 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236795AbiJ0Uq4 (ORCPT ); Thu, 27 Oct 2022 16:46:56 -0400 Received: from mail-wm1-x331.google.com (mail-wm1-x331.google.com [IPv6:2a00:1450:4864:20::331]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2F62B95AE1 for ; Thu, 27 Oct 2022 13:44:21 -0700 (PDT) Received: by mail-wm1-x331.google.com with SMTP id v130-20020a1cac88000000b003bcde03bd44so5030854wme.5 for ; Thu, 27 Oct 2022 13:44:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=arista.com; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=gvBXVhpcez3XO6Nwqh+zOqiYrLDIacbTKCXk4BjRv5s=; b=Z8PpdAqqLG+AGpd66BAet9X6Fv80W/8P937UE8S+yQNaeJMuJrIi1kPg5bS2RI1OPD 09AvAHVlARgtYke5uCesAim0uJbWxSBWRw+o2hBejZh/MFJ+kV29R96EuEON/1+bYZtT wji29Zh36zeZU4dXFtF4OWAB9o89wezEVDNn8nZhDxgPsVCXL6CNA8NFWoTnnPR+LxZi Y9V01B8k0vNg4H3HBGoYHSwATqESwLRojHSR6XB021D05rF/5bQdB/n0DbPxKt4f6je4 AKOESphu0YkETf1SZAN10+18mSdzqCN7Yxox5Vc1jGkUZ/XQM89w92fjojjzeHBUvH+k 5/HQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=gvBXVhpcez3XO6Nwqh+zOqiYrLDIacbTKCXk4BjRv5s=; b=q5cUadX+DyomDL21XOXmyglKRYYwa9Ey071gcPYUGxAhTPFSHmekrM2Zne/g48eq+n wzxsLN282wrG34KJ38RUoDI7xBH75NA3TJBWxGaK5sWCDZkgeTJsG89qG5q7eqX9O6pP bdipD2QonYjqlM2BXTNa4b30GP3FtWx9/QtE2PDHI+pWvMbzdpjvTHhRWifGE8rkzeZV oSBD6AvtVguSyiV3trEAxp2AcKojsNOwq8mFpSgRd7YNUoiG2u2UXf4rEjj9WDnrF9n+ oUzqoYuvZ089lwFG5YpsYMyvTTabhRh5hHkefAv2HPzUWFFya/NUYq1KstwydFtYPflz P9rA== X-Gm-Message-State: ACrzQf2fLRTGq0bS1ce19SogYuU0LOwGUz8MkL/lIyH2qKuSSog7eDqi Uv3/jCSb9wGZIdBgUyLIMAIFxA== X-Received: by 2002:a05:600c:1e2a:b0:3c8:353b:253f with SMTP id ay42-20020a05600c1e2a00b003c8353b253fmr7307325wmb.51.1666903459436; Thu, 27 Oct 2022 13:44:19 -0700 (PDT) Received: from Mindolluin.ire.aristanetworks.com ([217.173.96.166]) by smtp.gmail.com with ESMTPSA id n3-20020a5d6b83000000b00236644228besm1968739wrx.40.2022.10.27.13.44.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 27 Oct 2022 13:44:19 -0700 (PDT) From: Dmitry Safonov To: linux-kernel@vger.kernel.org, David Ahern , Eric Dumazet Cc: Dmitry Safonov , Andy Lutomirski , Ard Biesheuvel , Bob Gilligan , Dan Carpenter , "David S. Miller" , Dmitry Safonov <0x7f454c46@gmail.com>, Eric Biggers , "Eric W. Biederman" , Francesco Ruggeri , Herbert Xu , Hideaki YOSHIFUJI , Ivan Delalande , Jakub Kicinski , Leonard Crestez , Paolo Abeni , Salam Noureddine , Shuah Khan , netdev@vger.kernel.org, linux-crypto@vger.kernel.org Subject: [PATCH v3 16/36] net/tcp: Sign SYN-ACK segments with TCP-AO Date: Thu, 27 Oct 2022 21:43:27 +0100 Message-Id: <20221027204347.529913-17-dima@arista.com> X-Mailer: git-send-email 2.38.1 In-Reply-To: <20221027204347.529913-1-dima@arista.com> References: <20221027204347.529913-1-dima@arista.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Similarly to RST segments, wire SYN-ACKs to TCP-AO. tcp_rsk_used_ao() is handy here to check if the request socket used AO and needs a signature on the outgoing segments. Co-developed-by: Francesco Ruggeri Signed-off-by: Francesco Ruggeri Co-developed-by: Salam Noureddine Signed-off-by: Salam Noureddine Signed-off-by: Dmitry Safonov --- include/net/tcp.h | 4 ++++ include/net/tcp_ao.h | 6 ++++++ net/ipv4/tcp_ao.c | 14 ++++++++++++++ net/ipv4/tcp_ipv4.c | 1 + net/ipv4/tcp_output.c | 37 +++++++++++++++++++++++++++++++------ net/ipv6/tcp_ao.c | 14 ++++++++++++++ net/ipv6/tcp_ipv6.c | 1 + 7 files changed, 71 insertions(+), 6 deletions(-) diff --git a/include/net/tcp.h b/include/net/tcp.h index bda03d4925ed..5855ca6f1437 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -2119,6 +2119,10 @@ struct tcp_request_sock_ops { int sndid, int rcvid); int (*ao_calc_key)(struct tcp_ao_key *mkt, u8 *key, struct request_sock *sk); + int (*ao_synack_hash)(char *ao_hash, struct tcp_ao_key *mkt, + struct request_sock *req, + const struct sk_buff *skb, + int hash_offset, u32 sne); #endif #ifdef CONFIG_SYN_COOKIES __u32 (*cookie_init_seq)(const struct sk_buff *skb, diff --git a/include/net/tcp_ao.h b/include/net/tcp_ao.h index e93db866bd44..731f0d6263db 100644 --- a/include/net/tcp_ao.h +++ b/include/net/tcp_ao.h @@ -139,6 +139,9 @@ int tcp_ao_hash_hdr(unsigned short family, char *ao_hash, int tcp_v4_parse_ao(struct sock *sk, int optname, sockptr_t optval, int optlen); struct tcp_ao_key *tcp_v4_ao_lookup(const struct sock *sk, struct sock *addr_sk, int sndid, int rcvid); +int tcp_v4_ao_synack_hash(char *ao_hash, struct tcp_ao_key *mkt, + struct request_sock *req, const struct sk_buff *skb, + int hash_offset, u32 sne); int tcp_v4_ao_calc_key_sk(struct tcp_ao_key *mkt, u8 *key, const struct sock *sk, __be32 sisn, __be32 disn, bool send); @@ -173,6 +176,9 @@ int tcp_v6_ao_hash_skb(char *ao_hash, struct tcp_ao_key *key, const u8 *tkey, int hash_offset, u32 sne); int tcp_v6_parse_ao(struct sock *sk, int cmd, sockptr_t optval, int optlen); +int tcp_v6_ao_synack_hash(char *ao_hash, struct tcp_ao_key *ao_key, + struct request_sock *req, const struct sk_buff *skb, + int hash_offset, u32 sne); void tcp_ao_finish_connect(struct sock *sk, struct sk_buff *skb); void tcp_ao_connect_init(struct sock *sk); void tcp_ao_syncookie(struct sock *sk, const struct sk_buff *skb, diff --git a/net/ipv4/tcp_ao.c b/net/ipv4/tcp_ao.c index c9d3e29a28f1..e24a90505f08 100644 --- a/net/ipv4/tcp_ao.c +++ b/net/ipv4/tcp_ao.c @@ -604,6 +604,20 @@ int tcp_v4_ao_hash_skb(char *ao_hash, struct tcp_ao_key *key, tkey, hash_offset, sne); } +int tcp_v4_ao_synack_hash(char *ao_hash, struct tcp_ao_key *ao_key, + struct request_sock *req, const struct sk_buff *skb, + int hash_offset, u32 sne) +{ + char traffic_key[TCP_AO_MAX_HASH_SIZE] __tcp_ao_key_align; + + tcp_v4_ao_calc_key_rsk(ao_key, traffic_key, req); + + tcp_ao_hash_skb(AF_INET, ao_hash, ao_key, req_to_sk(req), skb, + traffic_key, hash_offset, sne); + + return 0; +} + struct tcp_ao_key *tcp_v4_ao_lookup_rsk(const struct sock *sk, struct request_sock *req, int sndid, int rcvid) diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 47325f148f29..37f344e2ae6b 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -1678,6 +1678,7 @@ const struct tcp_request_sock_ops tcp_request_sock_ipv4_ops = { #ifdef CONFIG_TCP_AO .ao_lookup = tcp_v4_ao_lookup_rsk, .ao_calc_key = tcp_v4_ao_calc_key_rsk, + .ao_synack_hash = tcp_v4_ao_synack_hash, #endif #ifdef CONFIG_SYN_COOKIES .cookie_init_seq = cookie_v4_init_sequence, diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index 758c4a6e851b..3a121d9cd6dd 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c @@ -3637,6 +3637,7 @@ struct sk_buff *tcp_make_synack(const struct sock *sk, struct dst_entry *dst, struct inet_request_sock *ireq = inet_rsk(req); const struct tcp_sock *tp = tcp_sk(sk); struct tcp_md5sig_key *md5 = NULL; + struct tcp_ao_key *ao_key = NULL; struct tcp_out_options opts; struct sk_buff *skb; int tcp_header_size; @@ -3687,16 +3688,32 @@ struct sk_buff *tcp_make_synack(const struct sock *sk, struct dst_entry *dst, tcp_rsk(req)->snt_synack = tcp_skb_timestamp_us(skb); } -#ifdef CONFIG_TCP_MD5SIG +#if defined(CONFIG_TCP_MD5SIG) || defined(CONFIG_TCP_AO) rcu_read_lock(); - md5 = tcp_rsk(req)->af_specific->req_md5_lookup(sk, req_to_sk(req)); #endif + if (tcp_rsk_used_ao(req)) { +#ifdef CONFIG_TCP_AO + /* TODO: what should we do if the key is no longer available on + * the listening socket? Maybe we can try a different matching + * key (without sndid match). If that also fails what should + * we do? We currently send an unsigned synack. It's probably + * better to not send anything. + */ + ao_key = tcp_sk(sk)->af_specific->ao_lookup(sk, req_to_sk(req), + tcp_rsk(req)->ao_keyid, -1); +#endif + } else { +#ifdef CONFIG_TCP_MD5SIG + md5 = tcp_rsk(req)->af_specific->req_md5_lookup(sk, + req_to_sk(req)); +#endif + } skb_set_hash(skb, tcp_rsk(req)->txhash, PKT_HASH_TYPE_L4); /* bpf program will be interested in the tcp_flags */ TCP_SKB_CB(skb)->tcp_flags = TCPHDR_SYN | TCPHDR_ACK; tcp_header_size = tcp_synack_options(sk, req, mss, skb, &opts, md5, - NULL, foc, synack_type, - syn_skb) + sizeof(*th); + ao_key, foc, synack_type, syn_skb) + + sizeof(*th); skb_push(skb, tcp_header_size); skb_reset_transport_header(skb); @@ -3716,7 +3733,7 @@ struct sk_buff *tcp_make_synack(const struct sock *sk, struct dst_entry *dst, /* RFC1323: The window in SYN & SYN/ACK segments is never scaled. */ th->window = htons(min(req->rsk_rcv_wnd, 65535U)); - tcp_options_write(th, NULL, NULL, &opts, NULL); + tcp_options_write(th, NULL, tcp_rsk(req), &opts, NULL); th->doff = (tcp_header_size >> 2); __TCP_INC_STATS(sock_net(sk), TCP_MIB_OUTSEGS); @@ -3724,7 +3741,15 @@ struct sk_buff *tcp_make_synack(const struct sock *sk, struct dst_entry *dst, /* Okay, we have all we need - do the md5 hash if needed */ if (md5) tcp_rsk(req)->af_specific->calc_md5_hash(opts.hash_location, - md5, req_to_sk(req), skb); + md5, req_to_sk(req), skb); +#endif +#ifdef CONFIG_TCP_AO + if (ao_key) + tcp_rsk(req)->af_specific->ao_synack_hash(opts.hash_location, + ao_key, req, skb, + opts.hash_location - (u8 *)th, 0); +#endif +#if defined(CONFIG_TCP_MD5SIG) || defined(CONFIG_TCP_AO) rcu_read_unlock(); #endif diff --git a/net/ipv6/tcp_ao.c b/net/ipv6/tcp_ao.c index 31ae504af8e6..526bbe232a64 100644 --- a/net/ipv6/tcp_ao.c +++ b/net/ipv6/tcp_ao.c @@ -123,3 +123,17 @@ int tcp_v6_parse_ao(struct sock *sk, int cmd, { return tcp_parse_ao(sk, cmd, AF_INET6, optval, optlen); } + +int tcp_v6_ao_synack_hash(char *ao_hash, struct tcp_ao_key *ao_key, + struct request_sock *req, const struct sk_buff *skb, + int hash_offset, u32 sne) +{ + char traffic_key[TCP_AO_MAX_HASH_SIZE] __tcp_ao_key_align; + + tcp_v6_ao_calc_key_rsk(ao_key, traffic_key, req); + + tcp_ao_hash_skb(AF_INET6, ao_hash, ao_key, req_to_sk(req), skb, + traffic_key, hash_offset, sne); + + return 0; +} diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 88a8e6ce41dc..10ac715217cb 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -856,6 +856,7 @@ const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = { #ifdef CONFIG_TCP_AO .ao_lookup = tcp_v6_ao_lookup_rsk, .ao_calc_key = tcp_v6_ao_calc_key_rsk, + .ao_synack_hash = tcp_v6_ao_synack_hash, #endif #ifdef CONFIG_SYN_COOKIES .cookie_init_seq = cookie_v6_init_sequence, -- 2.38.1