Received: by 2002:a05:7412:b10a:b0:f3:1519:9f41 with SMTP id az10csp2140387rdb;
        Sun, 3 Dec 2023 04:31:43 -0800 (PST)
X-Google-Smtp-Source: AGHT+IHcr2le7425pTQ4f2MzDLZZlcjJu6pGksew3iw+sJpy0qkJD3vg2eamcLsTQ47Zlx/WsV+5
X-Received: by 2002:a05:620a:8787:b0:77e:fba3:58f1 with SMTP id py7-20020a05620a878700b0077efba358f1mr2372191qkn.130.1701606703180;
        Sun, 03 Dec 2023 04:31:43 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1701606703; cv=none;
        d=google.com; s=arc-20160816;
        b=rmd7Xusvwvu3T3AiaR67hv63uFMozpzQcWVicQbk6twnya3qevHzzlDaIBrVbNgvLI
         5txBBDzj1ZCW2Uq2/E9bnplbvG/1IO3s3UvGmaC65M93tW4rN/soaABQU/qm/Qz54+lf
         oDu4Yv0hk5c0UsXo23APx/4IAJKd76mzDW7uFxjaic+6z50jBvv684wusklESG0sTKaR
         y6DQoZMTb0Eum9S89cvmocsYHgkm7T2OxLKwtsAgzFgH8BXyjZ4yU1+hSnFBYi5l6y/x
         fMxZyDFcWRmclmfgKOzHLasyn0ye1OWWRV4TZzyZnfkEEVluR7wCoVi3pOBaOqwuk1Tn
         SJUQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:content-disposition:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:message-id:subject:cc
         :to:from:date:dkim-signature;
        bh=TeeOkpKOzUapFTYLWlICd3iPbd0R7XRrneSdjpjiT88=;
        fh=si41yM2HnWiDcuNg8S1DoMrzup3eAh/M34JJTbly2PM=;
        b=q3EHJAeBW2YSRA/9YoWb7NqPDHjw+aNOA2D8lZRO+frXOM9agVGWdXgv+3El1Qunqp
         1v0j8SE2S2Rsa/KzxvQXRnZne9cV4kMoSjba8A7DUWa43JXcuDFgmX1LolvN3LhDNQpq
         ECo9ty5ir3uymVn8batyQpewkCKGgftcrpa4LLiDUgfVm3kfy+etwxu7kO6Pe8mRvqBr
         IsdcuoYHINWGYrpnxtjSiW10rzuqMouSA+fTy2fkoDboHnV6EAkXSO4Sr79GRa8a9U5D
         o9sqORvLdiJ8RsOFz+zXpaODt4SIHgp03ouQ1XBmlptzZKngkrJAVYPy9qJaD99W0uua
         Nx+w==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=niFuO8i6;
       spf=pass (google.com: domain of linux-crypto+bounces-508-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-crypto+bounces-508-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-crypto+bounces-508-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223])
        by mx.google.com with ESMTPS id g3-20020a05620a40c300b0077f0a9abdb6si532280qko.101.2023.12.03.04.31.43
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 03 Dec 2023 04:31:43 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-crypto+bounces-508-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=niFuO8i6;
       spf=pass (google.com: domain of linux-crypto+bounces-508-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-crypto+bounces-508-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ny.mirrors.kernel.org (Postfix) with ESMTPS id D2A8F1C20441
	for <linux.lists.archive@gmail.com>; Sun,  3 Dec 2023 12:31:42 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 3FDA7FC02
	for <linux.lists.archive@gmail.com>; Sun,  3 Dec 2023 12:31:42 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="niFuO8i6"
X-Original-To: linux-crypto@vger.kernel.org
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id A92C22F27;
	Sun,  3 Dec 2023 10:57:55 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 89A62C433C9;
	Sun,  3 Dec 2023 10:57:52 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1701601075;
	bh=43f8bUPZp0iGFDUL0GcDc58JQwF/ijHhb/27pEEGxts=;
	h=Date:From:To:Cc:Subject:References:In-Reply-To:From;
	b=niFuO8i67ZUQKhOErcUDpenEFCIDxGsu17E6g4mMYektxGBjZFge02x7adZtgs+hb
	 LJPH5bHC7hdMZqY3N4EJfXUrBDgilT08Kh/MayXl+hKeEklwvicQDJx/GdRA9QVQt7
	 TXojEbpzQ+it7+EzQDTfmM+Mr3B2M+sptI/aEJJYeGR0qAxH7ORisaZYr/PT+PDo0C
	 x7ni2z1iQUkHOhBM02mefMWwnr2lmiM78Ox7TcPlqJvkP8WAiHAzaiINKriQTTU9B5
	 e2BBq0WNEc36rvtV+6vvm6d3NDTygX3u3xcb/YoNHF+NeZx/oCQwOlN/N5AJISCwrb
	 uh4EUPRCheGwg==
Date: Sun, 3 Dec 2023 10:57:48 +0000
From: Simon Horman <horms@kernel.org>
To: Vadim Fedorenko <vadfed@meta.com>
Cc: Vadim Fedorenko <vadim.fedorenko@linux.dev>,
	Jakub Kicinski <kuba@kernel.org>,
	Martin KaFai Lau <martin.lau@linux.dev>,
	Andrii Nakryiko <andrii@kernel.org>,
	Alexei Starovoitov <ast@kernel.org>,
	Mykola Lysenko <mykolal@fb.com>,
	Herbert Xu <herbert@gondor.apana.org.au>, netdev@vger.kernel.org,
	linux-crypto@vger.kernel.org, bpf@vger.kernel.org
Subject: Re: [PATCH bpf-next v7 1/3] bpf: make common crypto API for TC/XDP
 programs
Message-ID: <20231203105748.GD50400@kernel.org>
References: <20231202010604.1877561-1-vadfed@meta.com>
Precedence: bulk
X-Mailing-List: linux-crypto@vger.kernel.org
List-Id: <linux-crypto.vger.kernel.org>
List-Subscribe: <mailto:linux-crypto+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-crypto+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20231202010604.1877561-1-vadfed@meta.com>

On Fri, Dec 01, 2023 at 05:06:02PM -0800, Vadim Fedorenko wrote:
> Add crypto API support to BPF to be able to decrypt or encrypt packets
> in TC/XDP BPF programs. Special care should be taken for initialization
> part of crypto algo because crypto alloc) doesn't work with preemtion
> disabled, it can be run only in sleepable BPF program. Also async crypto
> is not supported because of the very same issue - TC/XDP BPF programs
> are not sleepable.
> 
> Signed-off-by: Vadim Fedorenko <vadfed@meta.com>

...

> +/**
> + * bpf_crypto_ctx_create() - Create a mutable BPF crypto context.
> + *
> + * Allocates a crypto context that can be used, acquired, and released by
> + * a BPF program. The crypto context returned by this function must either
> + * be embedded in a map as a kptr, or freed with bpf_crypto_ctx_release().
> + * As crypto API functions use GFP_KERNEL allocations, this function can
> + * only be used in sleepable BPF programs.
> + *
> + * bpf_crypto_ctx_create() allocates memory for crypto context.
> + * It may return NULL if no memory is available.
> + * @type__str: pointer to string representation of crypto type.
> + * @algo__str: pointer to string representation of algorithm.
> + * @pkey:      bpf_dynptr which holds cipher key to do crypto.

Hi Vadim,

a minor nit from my side: something about @authsize should go here.

> + * @err:       integer to store error code when NULL is returned
> + */
> +__bpf_kfunc struct bpf_crypto_ctx *
> +bpf_crypto_ctx_create(const char *type__str, const char *algo__str,
> +		      const struct bpf_dynptr_kern *pkey,
> +		      unsigned int authsize, int *err)

...