All of lore.kernel.org
 help / color / mirror / Atom feed
From: kernel test robot <lkp@intel.com>
To: kbuild-all@lists.01.org
Subject: Re: [RFCv2 4/9] tcp: authopt: Compute packet signatures
Date: Tue, 10 Aug 2021 09:33:07 +0800	[thread overview]
Message-ID: <202108100948.gGJeTIvI-lkp@intel.com> (raw)
In-Reply-To: <346319324bb9accf73b79dbb6d00017726c16508.1628544649.git.cdleonard@gmail.com>

[-- Attachment #1: Type: text/plain, Size: 6812 bytes --]

Hi Leonard,

[FYI, it's a private test report for your RFC patch.]
[auto build test WARNING on 2a2b6e3640c43a808dcb5226963e2cc0669294b1]

url:    https://github.com/0day-ci/linux/commits/Leonard-Crestez/tcp-Initial-support-for-RFC5925-auth-option/20210810-053824
base:   2a2b6e3640c43a808dcb5226963e2cc0669294b1
config: riscv-allyesconfig (attached as .config)
compiler: riscv64-linux-gcc (GCC) 10.3.0
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://github.com/0day-ci/linux/commit/1a34e246690a909d4f7e783ae2aa8db24a22ca72
        git remote add linux-review https://github.com/0day-ci/linux
        git fetch --no-tags linux-review Leonard-Crestez/tcp-Initial-support-for-RFC5925-auth-option/20210810-053824
        git checkout 1a34e246690a909d4f7e783ae2aa8db24a22ca72
        # save the attached .config to linux build tree
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-10.3.0 make.cross ARCH=riscv 

If you fix the issue, kindly add following tag as appropriate
Reported-by: kernel test robot <lkp@intel.com>

All warnings (new ones prefixed by >>):

   net/ipv4/tcp_authopt.c:160:30: warning: no previous prototype for '__tcp_authopt_key_info_lookup' [-Wmissing-prototypes]
     160 | struct tcp_authopt_key_info *__tcp_authopt_key_info_lookup(const struct sock *sk,
         |                              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   net/ipv4/tcp_authopt.c: In function 'tcp_set_authopt':
   net/ipv4/tcp_authopt.c:211:62: error: expected ';' before ')' token
     211 |  info->flags = opt.flags & TCP_AUTHOPT_FLAG_REJECT_UNEXPECTED);
         |                                                              ^
         |                                                              ;
   net/ipv4/tcp_authopt.c:211:62: error: expected statement before ')' token
   net/ipv4/tcp_authopt.c: At top level:
   net/ipv4/tcp_authopt.c:249:6: warning: no previous prototype for '__tcp_authopt_info_free' [-Wmissing-prototypes]
     249 | void __tcp_authopt_info_free(struct sock *sk, struct tcp_authopt_info *info)
         |      ^~~~~~~~~~~~~~~~~~~~~~~
   net/ipv4/tcp_authopt.c: In function 'tcp_authopt_shash_traffic_key':
>> net/ipv4/tcp_authopt.c:377:21: warning: variable 'daddr' set but not used [-Wunused-but-set-variable]
     377 |    struct in6_addr *daddr;
         |                     ^~~~~
>> net/ipv4/tcp_authopt.c:376:21: warning: variable 'saddr' set but not used [-Wunused-but-set-variable]
     376 |    struct in6_addr *saddr;
         |                     ^~~~~
   net/ipv4/tcp_authopt.c: At top level:
>> net/ipv4/tcp_authopt.c:769:5: warning: no previous prototype for '__tcp_authopt_calc_mac' [-Wmissing-prototypes]
     769 | int __tcp_authopt_calc_mac(struct sock *sk,
         |     ^~~~~~~~~~~~~~~~~~~~~~
   net/ipv4/tcp_authopt.c:117:13: warning: 'tcp_authopt_alg_incref' defined but not used [-Wunused-function]
     117 | static void tcp_authopt_alg_incref(struct tcp_authopt_alg_imp *alg)
         |             ^~~~~~~~~~~~~~~~~~~~~~


vim +/daddr +377 net/ipv4/tcp_authopt.c

   346	
   347	/* feed traffic key into shash */
   348	static int tcp_authopt_shash_traffic_key(struct shash_desc *desc,
   349						 struct sock *sk,
   350						 struct sk_buff *skb,
   351						 bool input,
   352						 bool ipv6)
   353	{
   354		struct tcphdr *th = tcp_hdr(skb);
   355		int err;
   356		__be32 sisn, disn;
   357		__be16 digestbits = htons(crypto_shash_digestsize(desc->tfm) * 8);
   358	
   359		// RFC5926 section 3.1.1.1
   360		err = crypto_shash_update(desc, "\x01TCP-AO", 7);
   361		if (err)
   362			return err;
   363	
   364		/* Addresses from packet on input and from socket on output
   365		 * This is because on output MAC is computed before prepending IP header
   366		 */
   367		if (input) {
   368			if (ipv6)
   369				err = crypto_shash_update(desc, (u8 *)&ipv6_hdr(skb)->saddr, 32);
   370			else
   371				err = crypto_shash_update(desc, (u8 *)&ip_hdr(skb)->saddr, 8);
   372			if (err)
   373				return err;
   374		} else {
   375			if (ipv6) {
 > 376				struct in6_addr *saddr;
 > 377				struct in6_addr *daddr;
   378	
   379				saddr = &sk->sk_v6_rcv_saddr;
   380				daddr = &sk->sk_v6_daddr;
   381				err = crypto_shash_update(desc, (u8 *)&sk->sk_v6_rcv_saddr, 16);
   382				if (err)
   383					return err;
   384				err = crypto_shash_update(desc, (u8 *)&sk->sk_v6_daddr, 16);
   385				if (err)
   386					return err;
   387			} else {
   388				err = crypto_shash_update(desc, (u8 *)&sk->sk_rcv_saddr, 4);
   389				if (err)
   390					return err;
   391				err = crypto_shash_update(desc, (u8 *)&sk->sk_daddr, 4);
   392				if (err)
   393					return err;
   394			}
   395		}
   396	
   397		/* TCP ports from header */
   398		err = crypto_shash_update(desc, (u8 *)&th->source, 4);
   399		if (err)
   400			return err;
   401	
   402		/* special cases for SYN and SYN/ACK */
   403		if (th->syn && !th->ack) {
   404			sisn = th->seq;
   405			disn = 0;
   406		} else if (th->syn && th->ack) {
   407			sisn = th->seq;
   408			disn = htonl(ntohl(th->ack_seq) - 1);
   409		} else {
   410			struct tcp_authopt_info *authopt_info;
   411	
   412			/* Fetching authopt_info like this means it's possible that authopt_info
   413			 * was deleted while we were hashing. If that happens we drop the packet
   414			 * which should be fine.
   415			 *
   416			 * A better solution might be to always pass info as a parameter, or
   417			 * compute traffic_key for established sockets separately.
   418			 */
   419			rcu_read_lock();
   420			authopt_info = rcu_dereference(tcp_sk(sk)->authopt_info);
   421			if (!authopt_info) {
   422				rcu_read_unlock();
   423				return -EINVAL;
   424			}
   425			/* Initial sequence numbers for ESTABLISHED connections from info */
   426			if (input) {
   427				sisn = htonl(authopt_info->dst_isn);
   428				disn = htonl(authopt_info->src_isn);
   429			} else {
   430				sisn = htonl(authopt_info->src_isn);
   431				disn = htonl(authopt_info->dst_isn);
   432			}
   433			rcu_read_unlock();
   434		}
   435	
   436		err = crypto_shash_update(desc, (u8 *)&sisn, 4);
   437		if (err)
   438			return err;
   439		err = crypto_shash_update(desc, (u8 *)&disn, 4);
   440		if (err)
   441			return err;
   442	
   443		err = crypto_shash_update(desc, (u8 *)&digestbits, 2);
   444		if (err)
   445			return err;
   446	
   447		return 0;
   448	}
   449	

---
0-DAY CI Kernel Test Service, Intel Corporation
https://lists.01.org/hyperkitty/list/kbuild-all(a)lists.01.org

[-- Attachment #2: config.gz --]
[-- Type: application/gzip, Size: 70174 bytes --]

  reply	other threads:[~2021-08-10  1:33 UTC|newest]

Thread overview: 27+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-08-09 21:35 [RFCv2 0/9] tcp: Initial support for RFC5925 auth option Leonard Crestez
2021-08-09 21:35 ` [RFCv2 1/9] tcp: authopt: Initial support and key management Leonard Crestez
2021-08-10  0:59   ` kernel test robot
2021-08-10 20:41   ` Dmitry Safonov
2021-08-11  8:29     ` Leonard Crestez
2021-08-11 13:42       ` David Ahern
2021-08-11 19:11         ` Leonard Crestez
2021-08-11 20:26           ` Dmitry Safonov
2021-08-11 20:26           ` David Ahern
2021-08-11 14:31       ` Dmitry Safonov
2021-08-11 17:15         ` David Ahern
2021-08-11 20:12           ` Dmitry Safonov
2021-08-11 20:23             ` David Ahern
2021-08-11 19:08         ` Leonard Crestez
2021-08-12 19:46       ` Leonard Crestez
2021-08-09 21:35 ` [RFCv2 2/9] docs: Add user documentation for tcp_authopt Leonard Crestez
2021-08-09 21:35 ` [RFCv2 3/9] tcp: authopt: Add crypto initialization Leonard Crestez
2021-08-09 21:35 ` [RFCv2 4/9] tcp: authopt: Compute packet signatures Leonard Crestez
2021-08-10  1:33   ` kernel test robot [this message]
2021-08-09 21:35 ` [RFCv2 5/9] tcp: authopt: Hook into tcp core Leonard Crestez
2021-08-10  2:17   ` kernel test robot
2021-08-09 21:35 ` [RFCv2 6/9] tcp: authopt: Add key selection controls Leonard Crestez
2021-08-09 21:35 ` [RFCv2 7/9] tcp: authopt: Add snmp counters Leonard Crestez
2021-08-09 21:35 ` [RFCv2 8/9] selftests: Initial TCP-AO support for nettest Leonard Crestez
2021-08-09 21:35 ` [RFCv2 9/9] selftests: Initial TCP-AO support for fcnal-test Leonard Crestez
2021-08-11 13:46   ` David Ahern
2021-08-11 19:09     ` Leonard Crestez

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=202108100948.gGJeTIvI-lkp@intel.com \
    --to=lkp@intel.com \
    --cc=kbuild-all@lists.01.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.