From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-5.1 required=3.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SIGNED_OFF_BY,SPF_HELO_NONE, SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E2BEAC432C0 for ; Mon, 25 Nov 2019 23:16:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id B336620659 for ; Mon, 25 Nov 2019 23:16:27 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="YmUONKM5" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727117AbfKYXQ0 (ORCPT ); Mon, 25 Nov 2019 18:16:26 -0500 Received: from mail-qk1-f196.google.com ([209.85.222.196]:38913 "EHLO mail-qk1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725945AbfKYXQ0 (ORCPT ); Mon, 25 Nov 2019 18:16:26 -0500 Received: by mail-qk1-f196.google.com with SMTP id z65so9686021qka.6 for ; Mon, 25 Nov 2019 15:16:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-language:content-transfer-encoding; bh=oHCBD3LvA5ZjlC1lOqQdqhA9HhBe4m3pwKrHjcO7Ba8=; b=YmUONKM57bDrism6VeQrc5vmv3rH+9B3l5pFElJF7v/WudtM7vYEIONZIv63gACOnd N+w7WDyPHgwL9pynkc3er9AYftBmM9WaU7HEQADh+3lT/wkBNnDDexMtR0cQZxchgGse jOuiQ6mYQDt1szcybS5H4SqKV6GBsoQ1JXv0Qu18mUnspwHTJyUfopPD/CG7zYj4xg97 uoPTULXJvPD0wf4gSCj3PpAsypRgODKAzP9QPKWyvBS/nssAerFclFR2Ys2jW/UE5nCl S+WUR07e/edseyJw43nCKl9oeZ9ZSiD0sgud03TwqMMhqGhHiowzBBar6Ob1fkqFgIM+ z7bA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=oHCBD3LvA5ZjlC1lOqQdqhA9HhBe4m3pwKrHjcO7Ba8=; b=tC9oax5cAe7Rrxro3CGqTSY8F4rxOPqg9Jod8VZhB3pjZWOMNHIwsjZ2nIjdMBGb25 DEqC0Xjx5KSkUe1cLnygGeF3tpIxlmg/DKEZix5voCmyhGBydo19Z/FFb0X/GMas62R4 iv/3YLXhivCbjb8iDG6WFXlkPWdVZbhSR+kEPOhJuMJ/W5fqlKhka8mubcxaNnrertdp r6HASQFFW9CD+ekOW7cRWKE63EGUE5n9Ti3PBzx3GTKYD3yuPiX0rzLTdkrXhx0X5yHd tPYPO6nwkZS8YJNnoLczWcvgTNsSKNmz3CuoyfmJSLM3M/sbftLgTfps7eI1dpxLvch5 LTiw== X-Gm-Message-State: APjAAAWm6p/7wH3X8DjuqKoiWVububJciOBZgCViw0MyGnIqT1xdMM5E tkN9pSlnp5wc0rQ06HKLKD5H9eXg X-Google-Smtp-Source: APXvYqw77GIhC/wI0KKdYtNbHjNOAjrXjiFW3c8AHnwbk7r3fFNUPz2UBIebdmS+ZgGrXM1fq1WVZw== X-Received: by 2002:a37:4852:: with SMTP id v79mr29463308qka.293.1574723785546; Mon, 25 Nov 2019 15:16:25 -0800 (PST) Received: from dahern-DO-MB.local ([2601:282:800:fd80:c06f:8df5:46f1:d3e5]) by smtp.googlemail.com with ESMTPSA id n66sm4140652qkb.72.2019.11.25.15.16.24 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 25 Nov 2019 15:16:24 -0800 (PST) Subject: Re: [iproute2-next] tipc: add new commands to set TIPC AEAD key To: Tuong Lien , jon.maloy@ericsson.com, maloy@donjonn.com, ying.xue@windriver.com, netdev@vger.kernel.org Cc: tipc-discussion@lists.sourceforge.net References: <20191121034646.16737-1-tuong.t.lien@dektech.com.au> From: David Ahern Message-ID: Date: Mon, 25 Nov 2019 16:16:23 -0700 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:68.0) Gecko/20100101 Thunderbird/68.2.2 MIME-Version: 1.0 In-Reply-To: <20191121034646.16737-1-tuong.t.lien@dektech.com.au> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On 11/20/19 8:46 PM, Tuong Lien wrote: > Two new commands are added as part of 'tipc node' command: > > $tipc node set key KEY [algname ALGNAME] [nodeid NODEID] > $tipc node flush key > > which enable user to set and remove AEAD keys in kernel TIPC (requires > the kernel option - 'TIPC_CRYPTO'). > > For the 'set key' command, the given 'nodeid' parameter decides the > mode to be applied to the key, particularly: > > - If NODEID is empty, the key is a 'cluster' key which will be used for > all message encryption/decryption from/to the node (i.e. both TX & RX). > The same key will be set in the other nodes. > > - If NODEID is own node, the key is used for message encryption (TX) > from the node. Whereas, if NODEID is a peer node, the key is for > message decryption (RX) from that peer node. This is the 'per-node-key' > mode that each nodes in the cluster has its specific (TX) key. > > Acked-by: Ying Xue > Acked-by: Jon Maloy > Signed-off-by: Tuong Lien > --- > include/uapi/linux/tipc.h | 21 ++++++ > include/uapi/linux/tipc_netlink.h | 4 ++ > tipc/misc.c | 38 +++++++++++ > tipc/misc.h | 1 + > tipc/node.c | 133 +++++++++++++++++++++++++++++++++++++- > 5 files changed, 195 insertions(+), 2 deletions(-) > applied to iproute2-next. Thanks