From: kernel test robot <lkp@intel.com>
To: kbuild-all@lists.01.org
Subject: Re: [RFCv2 4/9] tcp: authopt: Compute packet signatures
Date: Tue, 10 Aug 2021 09:33:07 +0800 [thread overview]
Message-ID: <202108100948.gGJeTIvI-lkp@intel.com> (raw)
In-Reply-To: <346319324bb9accf73b79dbb6d00017726c16508.1628544649.git.cdleonard@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 6812 bytes --]
Hi Leonard,
[FYI, it's a private test report for your RFC patch.]
[auto build test WARNING on 2a2b6e3640c43a808dcb5226963e2cc0669294b1]
url: https://github.com/0day-ci/linux/commits/Leonard-Crestez/tcp-Initial-support-for-RFC5925-auth-option/20210810-053824
base: 2a2b6e3640c43a808dcb5226963e2cc0669294b1
config: riscv-allyesconfig (attached as .config)
compiler: riscv64-linux-gcc (GCC) 10.3.0
reproduce (this is a W=1 build):
wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
chmod +x ~/bin/make.cross
# https://github.com/0day-ci/linux/commit/1a34e246690a909d4f7e783ae2aa8db24a22ca72
git remote add linux-review https://github.com/0day-ci/linux
git fetch --no-tags linux-review Leonard-Crestez/tcp-Initial-support-for-RFC5925-auth-option/20210810-053824
git checkout 1a34e246690a909d4f7e783ae2aa8db24a22ca72
# save the attached .config to linux build tree
COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-10.3.0 make.cross ARCH=riscv
If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>
All warnings (new ones prefixed by >>):
net/ipv4/tcp_authopt.c:160:30: warning: no previous prototype for '__tcp_authopt_key_info_lookup' [-Wmissing-prototypes]
160 | struct tcp_authopt_key_info *__tcp_authopt_key_info_lookup(const struct sock *sk,
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/ipv4/tcp_authopt.c: In function 'tcp_set_authopt':
net/ipv4/tcp_authopt.c:211:62: error: expected ';' before ')' token
211 | info->flags = opt.flags & TCP_AUTHOPT_FLAG_REJECT_UNEXPECTED);
| ^
| ;
net/ipv4/tcp_authopt.c:211:62: error: expected statement before ')' token
net/ipv4/tcp_authopt.c: At top level:
net/ipv4/tcp_authopt.c:249:6: warning: no previous prototype for '__tcp_authopt_info_free' [-Wmissing-prototypes]
249 | void __tcp_authopt_info_free(struct sock *sk, struct tcp_authopt_info *info)
| ^~~~~~~~~~~~~~~~~~~~~~~
net/ipv4/tcp_authopt.c: In function 'tcp_authopt_shash_traffic_key':
>> net/ipv4/tcp_authopt.c:377:21: warning: variable 'daddr' set but not used [-Wunused-but-set-variable]
377 | struct in6_addr *daddr;
| ^~~~~
>> net/ipv4/tcp_authopt.c:376:21: warning: variable 'saddr' set but not used [-Wunused-but-set-variable]
376 | struct in6_addr *saddr;
| ^~~~~
net/ipv4/tcp_authopt.c: At top level:
>> net/ipv4/tcp_authopt.c:769:5: warning: no previous prototype for '__tcp_authopt_calc_mac' [-Wmissing-prototypes]
769 | int __tcp_authopt_calc_mac(struct sock *sk,
| ^~~~~~~~~~~~~~~~~~~~~~
net/ipv4/tcp_authopt.c:117:13: warning: 'tcp_authopt_alg_incref' defined but not used [-Wunused-function]
117 | static void tcp_authopt_alg_incref(struct tcp_authopt_alg_imp *alg)
| ^~~~~~~~~~~~~~~~~~~~~~
vim +/daddr +377 net/ipv4/tcp_authopt.c
346
347 /* feed traffic key into shash */
348 static int tcp_authopt_shash_traffic_key(struct shash_desc *desc,
349 struct sock *sk,
350 struct sk_buff *skb,
351 bool input,
352 bool ipv6)
353 {
354 struct tcphdr *th = tcp_hdr(skb);
355 int err;
356 __be32 sisn, disn;
357 __be16 digestbits = htons(crypto_shash_digestsize(desc->tfm) * 8);
358
359 // RFC5926 section 3.1.1.1
360 err = crypto_shash_update(desc, "\x01TCP-AO", 7);
361 if (err)
362 return err;
363
364 /* Addresses from packet on input and from socket on output
365 * This is because on output MAC is computed before prepending IP header
366 */
367 if (input) {
368 if (ipv6)
369 err = crypto_shash_update(desc, (u8 *)&ipv6_hdr(skb)->saddr, 32);
370 else
371 err = crypto_shash_update(desc, (u8 *)&ip_hdr(skb)->saddr, 8);
372 if (err)
373 return err;
374 } else {
375 if (ipv6) {
> 376 struct in6_addr *saddr;
> 377 struct in6_addr *daddr;
378
379 saddr = &sk->sk_v6_rcv_saddr;
380 daddr = &sk->sk_v6_daddr;
381 err = crypto_shash_update(desc, (u8 *)&sk->sk_v6_rcv_saddr, 16);
382 if (err)
383 return err;
384 err = crypto_shash_update(desc, (u8 *)&sk->sk_v6_daddr, 16);
385 if (err)
386 return err;
387 } else {
388 err = crypto_shash_update(desc, (u8 *)&sk->sk_rcv_saddr, 4);
389 if (err)
390 return err;
391 err = crypto_shash_update(desc, (u8 *)&sk->sk_daddr, 4);
392 if (err)
393 return err;
394 }
395 }
396
397 /* TCP ports from header */
398 err = crypto_shash_update(desc, (u8 *)&th->source, 4);
399 if (err)
400 return err;
401
402 /* special cases for SYN and SYN/ACK */
403 if (th->syn && !th->ack) {
404 sisn = th->seq;
405 disn = 0;
406 } else if (th->syn && th->ack) {
407 sisn = th->seq;
408 disn = htonl(ntohl(th->ack_seq) - 1);
409 } else {
410 struct tcp_authopt_info *authopt_info;
411
412 /* Fetching authopt_info like this means it's possible that authopt_info
413 * was deleted while we were hashing. If that happens we drop the packet
414 * which should be fine.
415 *
416 * A better solution might be to always pass info as a parameter, or
417 * compute traffic_key for established sockets separately.
418 */
419 rcu_read_lock();
420 authopt_info = rcu_dereference(tcp_sk(sk)->authopt_info);
421 if (!authopt_info) {
422 rcu_read_unlock();
423 return -EINVAL;
424 }
425 /* Initial sequence numbers for ESTABLISHED connections from info */
426 if (input) {
427 sisn = htonl(authopt_info->dst_isn);
428 disn = htonl(authopt_info->src_isn);
429 } else {
430 sisn = htonl(authopt_info->src_isn);
431 disn = htonl(authopt_info->dst_isn);
432 }
433 rcu_read_unlock();
434 }
435
436 err = crypto_shash_update(desc, (u8 *)&sisn, 4);
437 if (err)
438 return err;
439 err = crypto_shash_update(desc, (u8 *)&disn, 4);
440 if (err)
441 return err;
442
443 err = crypto_shash_update(desc, (u8 *)&digestbits, 2);
444 if (err)
445 return err;
446
447 return 0;
448 }
449
---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org
[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 70174 bytes --]
next prev parent reply other threads:[~2021-08-10 1:33 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-09 21:35 [RFCv2 0/9] tcp: Initial support for RFC5925 auth option Leonard Crestez
2021-08-09 21:35 ` [RFCv2 1/9] tcp: authopt: Initial support and key management Leonard Crestez
2021-08-10 0:59 ` kernel test robot
2021-08-10 20:41 ` Dmitry Safonov
2021-08-11 8:29 ` Leonard Crestez
2021-08-11 13:42 ` David Ahern
2021-08-11 19:11 ` Leonard Crestez
2021-08-11 20:26 ` Dmitry Safonov
2021-08-11 20:26 ` David Ahern
2021-08-11 14:31 ` Dmitry Safonov
2021-08-11 17:15 ` David Ahern
2021-08-11 20:12 ` Dmitry Safonov
2021-08-11 20:23 ` David Ahern
2021-08-11 19:08 ` Leonard Crestez
2021-08-12 19:46 ` Leonard Crestez
2021-08-09 21:35 ` [RFCv2 2/9] docs: Add user documentation for tcp_authopt Leonard Crestez
2021-08-09 21:35 ` [RFCv2 3/9] tcp: authopt: Add crypto initialization Leonard Crestez
2021-08-09 21:35 ` [RFCv2 4/9] tcp: authopt: Compute packet signatures Leonard Crestez
2021-08-10 1:33 ` kernel test robot [this message]
2021-08-09 21:35 ` [RFCv2 5/9] tcp: authopt: Hook into tcp core Leonard Crestez
2021-08-10 2:17 ` kernel test robot
2021-08-09 21:35 ` [RFCv2 6/9] tcp: authopt: Add key selection controls Leonard Crestez
2021-08-09 21:35 ` [RFCv2 7/9] tcp: authopt: Add snmp counters Leonard Crestez
2021-08-09 21:35 ` [RFCv2 8/9] selftests: Initial TCP-AO support for nettest Leonard Crestez
2021-08-09 21:35 ` [RFCv2 9/9] selftests: Initial TCP-AO support for fcnal-test Leonard Crestez
2021-08-11 13:46 ` David Ahern
2021-08-11 19:09 ` Leonard Crestez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202108100948.gGJeTIvI-lkp@intel.com \
--to=lkp@intel.com \
--cc=kbuild-all@lists.01.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.