Linux-Bluetooth Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH BlueZ] mesh: test AEAD at startup to check kernel support
@ 2019-08-30 17:39 Brian Gix
  2019-08-30 17:55 ` Mat Martineau
  2019-08-30 18:23 ` Michał Lowas-Rzechonek
  0 siblings, 2 replies; 6+ messages in thread
From: Brian Gix @ 2019-08-30 17:39 UTC (permalink / raw)
  To: linux-bluetooth; +Cc: brian.gix, inga.stotland, marcel

One time test at startup to ensure either kernel version v4.9 or later,
*or* that required AES-CCM support has been back-ported. If support not
there, daemon will run without providing D-Bus service or attaching to
controllers (prevents systemd thrashing).
---
 mesh/crypto.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
 mesh/crypto.h |  1 +
 mesh/main.c   |  7 +++++++
 3 files changed, 59 insertions(+)

diff --git a/mesh/crypto.c b/mesh/crypto.c
index a6dc7ffe2..27d1a16cc 100644
--- a/mesh/crypto.c
+++ b/mesh/crypto.c
@@ -1130,3 +1130,54 @@ bool mesh_crypto_check_fcs(const uint8_t *packet, uint8_t packet_len,
 
 	return fcs == 0xcf;
 }
+
+/* This function performs a quick-check of ELL and Kernel AEAD encryption.
+ * Some kernel versions before v4.9 have a known AEAD bug. If the system
+ * running this test is using a v4.8 or earlier kernel, a failure here is
+ * likely unless AEAD encryption has been backported.
+ */
+static const uint8_t crypto_test_result[] = {
+	0x75, 0x03, 0x7e, 0xe2, 0x89, 0x81, 0xbe, 0x59,
+	0xbc, 0xe6, 0xdd, 0x23, 0x63, 0x5b, 0x16, 0x61,
+	0xb7, 0x23, 0x92, 0xd4, 0x86, 0xee, 0x84, 0x29,
+	0x9a, 0x2a, 0xbf, 0x96
+};
+bool mesh_crypto_check_avail()
+{
+	void *cipher;
+	bool result;
+	uint8_t i;
+	union {
+		struct {
+			uint8_t key[16];
+			uint8_t aad[16];
+			uint8_t nonce[13];
+			uint8_t data[20];
+			uint8_t mic[8];
+		} crypto;
+		uint8_t bytes[0];
+	} u;
+	uint8_t out_msg[sizeof(u.crypto.data) + sizeof(u.crypto.mic)];
+
+
+	l_debug("Testing Crypto");
+	for (i = 0; i < sizeof(u); i++) {
+		u.bytes[i] = 0x60 + i;
+	}
+
+	cipher = l_aead_cipher_new(L_AEAD_CIPHER_AES_CCM, u.crypto.key,
+				sizeof(u.crypto.key), sizeof(u.crypto.mic));
+
+	result = l_aead_cipher_encrypt(cipher,
+				u.crypto.data, sizeof(u.crypto.data),
+				u.crypto.aad, sizeof(u.crypto.aad),
+				u.crypto.nonce, sizeof(u.crypto.nonce),
+				out_msg, sizeof(out_msg));
+
+	if (result)
+		result = !memcmp(out_msg, crypto_test_result, sizeof(out_msg));
+
+	l_aead_cipher_free(cipher);
+
+	return result;
+}
diff --git a/mesh/crypto.h b/mesh/crypto.h
index 1a73bcaa3..e5ce840b4 100644
--- a/mesh/crypto.h
+++ b/mesh/crypto.h
@@ -161,3 +161,4 @@ bool mesh_crypto_check_fcs(const uint8_t *packet, uint8_t packet_len,
 							uint8_t received_fcs);
 bool mesh_crypto_aes_cmac(const uint8_t key[16], const uint8_t *msg,
 					size_t msg_len, uint8_t res[16]);
+bool mesh_crypto_check_avail(void);
diff --git a/mesh/main.c b/mesh/main.c
index 262e3da48..273651f97 100644
--- a/mesh/main.c
+++ b/mesh/main.c
@@ -34,6 +34,7 @@
 #include "lib/mgmt.h"
 
 #include "mesh/mesh.h"
+#include "mesh/crypto.h"
 #include "mesh/dbus.h"
 #include "mesh/mesh-io.h"
 
@@ -121,6 +122,12 @@ int main(int argc, char *argv[])
 
 	l_log_set_stderr();
 
+	if (!mesh_crypto_check_avail()) {
+		l_error("Mesh Crypto functions unavailable");
+		status = l_main_run_with_signal(signal_handler, NULL);
+		goto done;
+	}
+
 	for (;;) {
 		int opt;
 		const char *str;
-- 
2.21.0


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH BlueZ] mesh: test AEAD at startup to check kernel support
  2019-08-30 17:39 [PATCH BlueZ] mesh: test AEAD at startup to check kernel support Brian Gix
@ 2019-08-30 17:55 ` Mat Martineau
  2019-08-30 18:23 ` Michał Lowas-Rzechonek
  1 sibling, 0 replies; 6+ messages in thread
From: Mat Martineau @ 2019-08-30 17:55 UTC (permalink / raw)
  To: Brian Gix; +Cc: linux-bluetooth, inga.stotland, marcel


Hi Brian,

There's also l_aead_cipher_is_supported(L_AEAD_CIPHER_AES_CCM), which 
might fail more cleanly on systems with old kernels or that don't have 
AES_CCM configured. I suggest doing that check first and then proceeding 
to the bug check if AES_CCM is available.

Mat


On Fri, 30 Aug 2019, Brian Gix wrote:

> One time test at startup to ensure either kernel version v4.9 or later,
> *or* that required AES-CCM support has been back-ported. If support not
> there, daemon will run without providing D-Bus service or attaching to
> controllers (prevents systemd thrashing).
> ---
> mesh/crypto.c | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++
> mesh/crypto.h |  1 +
> mesh/main.c   |  7 +++++++
> 3 files changed, 59 insertions(+)
>
> diff --git a/mesh/crypto.c b/mesh/crypto.c
> index a6dc7ffe2..27d1a16cc 100644
> --- a/mesh/crypto.c
> +++ b/mesh/crypto.c
> @@ -1130,3 +1130,54 @@ bool mesh_crypto_check_fcs(const uint8_t *packet, uint8_t packet_len,
>
> 	return fcs == 0xcf;
> }
> +
> +/* This function performs a quick-check of ELL and Kernel AEAD encryption.
> + * Some kernel versions before v4.9 have a known AEAD bug. If the system
> + * running this test is using a v4.8 or earlier kernel, a failure here is
> + * likely unless AEAD encryption has been backported.
> + */
> +static const uint8_t crypto_test_result[] = {
> +	0x75, 0x03, 0x7e, 0xe2, 0x89, 0x81, 0xbe, 0x59,
> +	0xbc, 0xe6, 0xdd, 0x23, 0x63, 0x5b, 0x16, 0x61,
> +	0xb7, 0x23, 0x92, 0xd4, 0x86, 0xee, 0x84, 0x29,
> +	0x9a, 0x2a, 0xbf, 0x96
> +};
> +bool mesh_crypto_check_avail()
> +{
> +	void *cipher;
> +	bool result;
> +	uint8_t i;
> +	union {
> +		struct {
> +			uint8_t key[16];
> +			uint8_t aad[16];
> +			uint8_t nonce[13];
> +			uint8_t data[20];
> +			uint8_t mic[8];
> +		} crypto;
> +		uint8_t bytes[0];
> +	} u;
> +	uint8_t out_msg[sizeof(u.crypto.data) + sizeof(u.crypto.mic)];
> +
> +
> +	l_debug("Testing Crypto");
> +	for (i = 0; i < sizeof(u); i++) {
> +		u.bytes[i] = 0x60 + i;
> +	}
> +
> +	cipher = l_aead_cipher_new(L_AEAD_CIPHER_AES_CCM, u.crypto.key,
> +				sizeof(u.crypto.key), sizeof(u.crypto.mic));
> +
> +	result = l_aead_cipher_encrypt(cipher,
> +				u.crypto.data, sizeof(u.crypto.data),
> +				u.crypto.aad, sizeof(u.crypto.aad),
> +				u.crypto.nonce, sizeof(u.crypto.nonce),
> +				out_msg, sizeof(out_msg));
> +
> +	if (result)
> +		result = !memcmp(out_msg, crypto_test_result, sizeof(out_msg));
> +
> +	l_aead_cipher_free(cipher);
> +
> +	return result;
> +}
> diff --git a/mesh/crypto.h b/mesh/crypto.h
> index 1a73bcaa3..e5ce840b4 100644
> --- a/mesh/crypto.h
> +++ b/mesh/crypto.h
> @@ -161,3 +161,4 @@ bool mesh_crypto_check_fcs(const uint8_t *packet, uint8_t packet_len,
> 							uint8_t received_fcs);
> bool mesh_crypto_aes_cmac(const uint8_t key[16], const uint8_t *msg,
> 					size_t msg_len, uint8_t res[16]);
> +bool mesh_crypto_check_avail(void);
> diff --git a/mesh/main.c b/mesh/main.c
> index 262e3da48..273651f97 100644
> --- a/mesh/main.c
> +++ b/mesh/main.c
> @@ -34,6 +34,7 @@
> #include "lib/mgmt.h"
>
> #include "mesh/mesh.h"
> +#include "mesh/crypto.h"
> #include "mesh/dbus.h"
> #include "mesh/mesh-io.h"
>
> @@ -121,6 +122,12 @@ int main(int argc, char *argv[])
>
> 	l_log_set_stderr();
>
> +	if (!mesh_crypto_check_avail()) {
> +		l_error("Mesh Crypto functions unavailable");
> +		status = l_main_run_with_signal(signal_handler, NULL);
> +		goto done;
> +	}
> +
> 	for (;;) {
> 		int opt;
> 		const char *str;
> -- 
> 2.21.0
>
>

--
Mat Martineau
Intel

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH BlueZ] mesh: test AEAD at startup to check kernel support
  2019-08-30 17:39 [PATCH BlueZ] mesh: test AEAD at startup to check kernel support Brian Gix
  2019-08-30 17:55 ` Mat Martineau
@ 2019-08-30 18:23 ` Michał Lowas-Rzechonek
  2019-08-30 18:38   ` Gix, Brian
  2019-08-30 18:52   ` Marcel Holtmann
  1 sibling, 2 replies; 6+ messages in thread
From: Michał Lowas-Rzechonek @ 2019-08-30 18:23 UTC (permalink / raw)
  To: Brian Gix; +Cc: linux-bluetooth, inga.stotland, marcel

Brian,

On 08/30, Brian Gix wrote:
> One time test at startup to ensure either kernel version v4.9 or later,
> *or* that required AES-CCM support has been back-ported. If support not
> there, daemon will run without providing D-Bus service or attaching to
> controllers (prevents systemd thrashing).

By the way - I have a patch that implements all required cryptographic
operations using libcrypto, enabled by ./configure --with-openssl
(disabled by default).

I know that last time we've talked about this, the consensus was that the
vendor should patch meshd to work on older kernels, so we did exactly
that - but maybe having this available in the mainline would be
interesting?

regards
-- 
Michał Lowas-Rzechonek <michal.lowas-rzechonek@silvair.com>
Silvair http://silvair.com
Jasnogórska 44, 31-358 Krakow, POLAND

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH BlueZ] mesh: test AEAD at startup to check kernel support
  2019-08-30 18:23 ` Michał Lowas-Rzechonek
@ 2019-08-30 18:38   ` Gix, Brian
  2019-08-30 18:43     ` michal.lowas-rzechonek
  2019-08-30 18:52   ` Marcel Holtmann
  1 sibling, 1 reply; 6+ messages in thread
From: Gix, Brian @ 2019-08-30 18:38 UTC (permalink / raw)
  To: michal.lowas-rzechonek; +Cc: marcel, linux-bluetooth, Stotland, Inga

On Fri, 2019-08-30 at 20:23 +0200, Michał Lowas-Rzechonek wrote:
> Brian,
> 
> On 08/30, Brian Gix wrote:
> > One time test at startup to ensure either kernel version v4.9 or later,
> > *or* that required AES-CCM support has been back-ported. If support not
> > there, daemon will run without providing D-Bus service or attaching to
> > controllers (prevents systemd thrashing).
> 
> By the way - I have a patch that implements all required cryptographic
> operations using libcrypto, enabled by ./configure --with-openssl
> (disabled by default).
> 
> I know that last time we've talked about this, the consensus was that the
> vendor should patch meshd to work on older kernels, so we did exactly
> that - but maybe having this available in the mainline would be
> interesting?

Yeah, we have talked internally about how much "old kernel support" cruft can be removed, which is one of the
things Marcel would want before doing a "Major Version Number Release" like "BlueZ-6.0", where we could say
that v6.0 requires a minimum kernel version of v4.9 or something...  As opposed to a minor version release like
"BlueZ-5.51" which has support for most v4.X kernels.  Perhaps something like openssl could be *suggested* in a
README as one of a few possible work-arounds a vendor could use to run on an older kernel, but there is no
support for adding an openssl dependancy into the BlueZ mainline tip.



^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH BlueZ] mesh: test AEAD at startup to check kernel support
  2019-08-30 18:38   ` Gix, Brian
@ 2019-08-30 18:43     ` michal.lowas-rzechonek
  0 siblings, 0 replies; 6+ messages in thread
From: michal.lowas-rzechonek @ 2019-08-30 18:43 UTC (permalink / raw)
  To: Gix, Brian; +Cc: marcel, linux-bluetooth, Stotland, Inga

On 08/30, Gix, Brian wrote:
> > I know that last time we've talked about this, the consensus was that the
> > vendor should patch meshd to work on older kernels, so we did exactly
> > that - but maybe having this available in the mainline would be
> > interesting?
> 
> Perhaps something like openssl could be *suggested* in a README as one
> of a few possible work-arounds a vendor could use to run on an older
> kernel, but there is no support for adding an openssl dependancy into
> the BlueZ mainline tip.

Ack.

-- 
Michał Lowas-Rzechonek <michal.lowas-rzechonek@silvair.com>
Silvair http://silvair.com
Jasnogórska 44, 31-358 Krakow, POLAND

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [PATCH BlueZ] mesh: test AEAD at startup to check kernel support
  2019-08-30 18:23 ` Michał Lowas-Rzechonek
  2019-08-30 18:38   ` Gix, Brian
@ 2019-08-30 18:52   ` Marcel Holtmann
  1 sibling, 0 replies; 6+ messages in thread
From: Marcel Holtmann @ 2019-08-30 18:52 UTC (permalink / raw)
  To: Michał Lowas-Rzechonek; +Cc: Brian Gix, linux-bluetooth, inga.stotland

Hi Michal,

>> One time test at startup to ensure either kernel version v4.9 or later,
>> *or* that required AES-CCM support has been back-ported. If support not
>> there, daemon will run without providing D-Bus service or attaching to
>> controllers (prevents systemd thrashing).
> 
> By the way - I have a patch that implements all required cryptographic
> operations using libcrypto, enabled by ./configure --with-openssl
> (disabled by default).
> 
> I know that last time we've talked about this, the consensus was that the
> vendor should patch meshd to work on older kernels, so we did exactly
> that - but maybe having this available in the mainline would be
> interesting?

we are not using anything from OpenSSL. That is a rabbit hole you are not getting back out of.

Regards

Marcel


^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, back to index

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-30 17:39 [PATCH BlueZ] mesh: test AEAD at startup to check kernel support Brian Gix
2019-08-30 17:55 ` Mat Martineau
2019-08-30 18:23 ` Michał Lowas-Rzechonek
2019-08-30 18:38   ` Gix, Brian
2019-08-30 18:43     ` michal.lowas-rzechonek
2019-08-30 18:52   ` Marcel Holtmann

Linux-Bluetooth Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-bluetooth/0 linux-bluetooth/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-bluetooth linux-bluetooth/ https://lore.kernel.org/linux-bluetooth \
		linux-bluetooth@vger.kernel.org linux-bluetooth@archiver.kernel.org
	public-inbox-index linux-bluetooth


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-bluetooth


AGPL code for this site: git clone https://public-inbox.org/ public-inbox