Received: by 2002:a05:7412:5112:b0:fa:6e18:a558 with SMTP id fm18csp1689205rdb; Thu, 25 Jan 2024 03:19:34 -0800 (PST) X-Google-Smtp-Source: AGHT+IFPkdqStM2J46B/ChlTnXmJ3IQa2AmZGWoTdUjNviITV0XX0TCqLg9yyGju8dkwdVNdaPEP X-Received: by 2002:a05:651c:505:b0:2cf:209f:55b1 with SMTP id o5-20020a05651c050500b002cf209f55b1mr302289ljp.28.1706181574635; Thu, 25 Jan 2024 03:19:34 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1706181574; cv=pass; d=google.com; s=arc-20160816; b=q0yB55yMNttrj8T+siC7zN5ShyWPEOcolk2g0jmbyt4q9hkyCGyKcBPj3kWKQysloi WtLTXv/xYqfFJmbHzCycFe8brUvpm91+9A6eNJlU+lBiDjPliHDeLJ9/07U6qbUatDhn IGy/uTLuK/rjQmAWRs2pplRSeD6ygFIBc3IcLuGCXfBX+5H3OI9UVB86FpVK928opT53 skwwF9J4hzgvXKt5QFVL5YXcaBkS+sI3bgB0HI6DxyCxuboLKBfQlkIZHU2f4azMSHkQ 0Gey5drBeQJ56TAPjWcWf/ah9H6e2eNF8Dyvlvh9r1vlxNQFpM/YFBo/jknnuue2331f oL/g== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:in-reply-to:from:references:cc:to :content-language:subject:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:dkim-signature:message-id; bh=P8URD1vAOHrfsrYKDP5G3s1YP4WHQXpABy6Lvzc8bus=; fh=4hF93TmZBqt6L3UJbXyLx4z9hpK8g6FxgSYLCWmprBw=; b=IK0HGz50BrbxecAHUuulggs8n/0SjW7cj2RBTzQYthnJYU0RwUMddjOys4udibQqpB Uf0islZ1UzYKnkRFWhHMdRghHoLhKF4CckkKbgU1cJ58jXrliOO6ezqZ7oxUE7uFNWJ3 ekc9M5Tq985S1KsTiFMRV2+RFxYtrt9oLTVouAQ9ZuDs3Z/YFR1ebEjJS6J6SOW/wj1I MshRarC1129U8HIbTXq7lRbxg769UO8R5whNDKAS3NqQkTPpIaaVIrSypom2Gc0RmOmY GUJ+Em+JBYA7kjIWArSqR+P5Hca1FhKRTSJNUglfSkWlv2pvpg2BlVnV2vdh4nXFAXc7 kGQA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=JY3dvuhI; arc=pass (i=1 spf=pass spfdomain=linux.dev dkim=pass dkdomain=linux.dev dmarc=pass fromdomain=linux.dev); spf=pass (google.com: domain of linux-crypto+bounces-1602-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-crypto+bounces-1602-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [147.75.80.249]) by mx.google.com with ESMTPS id er20-20020a056402449400b0055c8ec36e22si2620690edb.677.2024.01.25.03.19.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 25 Jan 2024 03:19:34 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto+bounces-1602-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) client-ip=147.75.80.249; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.dev header.s=key1 header.b=JY3dvuhI; arc=pass (i=1 spf=pass spfdomain=linux.dev dkim=pass dkdomain=linux.dev dmarc=pass fromdomain=linux.dev); spf=pass (google.com: domain of linux-crypto+bounces-1602-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.80.249 as permitted sender) smtp.mailfrom="linux-crypto+bounces-1602-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.dev Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 62BEE1F21E1D for ; Thu, 25 Jan 2024 11:19:34 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id E4B5B224E8; Thu, 25 Jan 2024 11:19:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="JY3dvuhI" X-Original-To: linux-crypto@vger.kernel.org Received: from out-174.mta0.migadu.com (out-174.mta0.migadu.com [91.218.175.174]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EBDCC2C68E for ; Thu, 25 Jan 2024 11:19:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.218.175.174 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706181566; cv=none; b=ry+0Y235bc37yk53F+K/dtyQiNJRlGWa4beSBiZCT9dM4JznZ8agVz7k+SMmyPSpVC3CN2J/Z6SB5w2CgAM5B7w4J/JZbMoxAc+iCAensvRfKB2kRsgOm04F/BbFHIXHSXEQ3FK+yXNlNRng8gvQs6z0Vp538moZQNQBBYK1IIs= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1706181566; c=relaxed/simple; bh=xKAsoMcYtFoyZPEPpTE0PQGxfXqVqP/pt/GlEQ4Bizo=; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From: In-Reply-To:Content-Type; b=c8dh7Sam5uBzjAHjHQSehxOTdvmMYXZSdQZXwHfu0Lr0BUQxgrEKK6jeIZ5o7qyN5SZcevetG3jFeHODYsbrUpyuJNcLPGraTsZjFIgpXxoBqYqWaUOgmTEGdAiQv8YCCOlWuXPK/iQePzDHkUt1HABGhVpQX0Lpz/zidzC31m0= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=JY3dvuhI; arc=none smtp.client-ip=91.218.175.174 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Message-ID: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1706181562; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=P8URD1vAOHrfsrYKDP5G3s1YP4WHQXpABy6Lvzc8bus=; b=JY3dvuhI05AEZr9tYAf6eR1MXe/uXQ+eBRG9klw71qQ49wt0jA69SHS87vhtky8eoD5N7P e96zcDc1oWQc/cxtjeKZv8LEJSxiRNMlniXHMb797AL88bYM+PpeyCLxxzlJF1XFkoqA/Y omXTF0mHtAwZd2B1u+j5Py6DuAURyMQ= Date: Thu, 25 Jan 2024 11:19:17 +0000 Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Subject: Re: [PATCH bpf-next v8 1/3] bpf: make common crypto API for TC/XDP programs Content-Language: en-US To: Martin KaFai Lau , Vadim Fedorenko Cc: netdev@vger.kernel.org, linux-crypto@vger.kernel.org, bpf@vger.kernel.org, Victor Stewart , Jakub Kicinski , Andrii Nakryiko , Alexei Starovoitov , Mykola Lysenko , Herbert Xu References: <20240115220803.1973440-1-vadfed@meta.com> <3d2d5f4e-c554-4648-bcec-839d83585123@linux.dev> X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Vadim Fedorenko In-Reply-To: <3d2d5f4e-c554-4648-bcec-839d83585123@linux.dev> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT On 25/01/2024 01:10, Martin KaFai Lau wrote: > On 1/15/24 2:08 PM, Vadim Fedorenko wrote: >> +static int bpf_crypto_crypt(const struct bpf_crypto_ctx *ctx, >> +                const struct bpf_dynptr_kern *src, >> +                struct bpf_dynptr_kern *dst, >> +                const struct bpf_dynptr_kern *siv, >> +                bool decrypt) >> +{ >> +    u32 src_len, dst_len, siv_len; >> +    const u8 *psrc; >> +    u8 *pdst, *piv; >> +    int err; >> + >> +    if (ctx->type->get_flags(ctx->tfm) & CRYPTO_TFM_NEED_KEY) > > nit. Does the indirect call get_flags() return different values? > Should it be rejected earlier, e.g. in bpf_crypto_ctx_create()? Well, that is the common pattern in crypto subsys to check flags. But after looking at it second time, I think I have to refactor this part. CRYPTO_TFM_NEED_KEY is set during tfm creation if algo requires the key. And it's freed when the key setup is successful. As there is no way bpf programs can modify tfm directly we can move this check to bpf_crypto_ctx_create() to key setup part and avoid indirect call in this place. > >> +        return -EINVAL; >> + >> +    if (__bpf_dynptr_is_rdonly(dst)) >> +        return -EINVAL; >> + >> +    siv_len = __bpf_dynptr_size(siv); >> +    src_len = __bpf_dynptr_size(src); >> +    dst_len = __bpf_dynptr_size(dst); >> +    if (!src_len || !dst_len) >> +        return -EINVAL; >> + >> +    if (siv_len != (ctx->type->ivsize(ctx->tfm) + >> ctx->type->statesize(ctx->tfm))) > > Same here, two indirect calls per en/decrypt kfunc call. Does the return > value change? I have to check the size of IV provided by the caller, and then to avoid indirect calls I have to store these values somewhere in ctx. It gives a direct access to these values to bpf programs, which can potentially abuse them. Not sure if it's good to open such opportunity. > >> +        return -EINVAL; >> + >> +    psrc = __bpf_dynptr_data(src, src_len); >> +    if (!psrc) >> +        return -EINVAL; >> +    pdst = __bpf_dynptr_data_rw(dst, dst_len); >> +    if (!pdst) >> +        return -EINVAL; >> + >> +    piv = siv_len ? __bpf_dynptr_data_rw(siv, siv_len) : NULL; >> +    if (siv_len && !piv) >> +        return -EINVAL; >> + >> +    err = decrypt ? ctx->type->decrypt(ctx->tfm, psrc, pdst, src_len, >> piv) >> +              : ctx->type->encrypt(ctx->tfm, psrc, pdst, src_len, piv); >> + >> +    return err; >> +} >