* [PATCH net] net: tls: Save iv in tls_rec for async crypto requests
@ 2019-01-27 0:57 Dave Watson
2019-01-29 7:06 ` David Miller
0 siblings, 1 reply; 5+ messages in thread
From: Dave Watson @ 2019-01-27 0:57 UTC (permalink / raw)
To: netdev, Dave Miller
Cc: Vakul Garg, Boris Pismenny, Aviad Yehezkel, John Fastabend,
Daniel Borkmann
aead_request_set_crypt takes an iv pointer, and we change the iv
soon after setting it. Some async crypto algorithms don't save the iv,
so we need to save it in the tls_rec for async requests.
Found by hardcoding x64 aesni to use async crypto manager (to test the async
codepath), however I don't think this combination can happen in the wild.
Presumably other hardware offloads will need this fix, but there have been
no user reports.
Fixes: a42055e8d2c30 ("Add support for async encryption of records...")
Signed-off-by: Dave Watson <davejwatson@fb.com>
---
include/net/tls.h | 2 ++
net/tls/tls_sw.c | 4 +++-
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/include/net/tls.h b/include/net/tls.h
index 2a6ac8d642af..1486b60c4de8 100644
--- a/include/net/tls.h
+++ b/include/net/tls.h
@@ -120,6 +120,8 @@ struct tls_rec {
struct scatterlist sg_aead_out[2];
char aad_space[TLS_AAD_SPACE_SIZE];
+ u8 iv_data[TLS_CIPHER_AES_GCM_128_IV_SIZE +
+ TLS_CIPHER_AES_GCM_128_SALT_SIZE];
struct aead_request aead_req;
u8 aead_req_ctx[];
};
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 11cdc8f7db63..7e963560edef 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -439,6 +439,8 @@ static int tls_do_encryption(struct sock *sk,
struct scatterlist *sge = sk_msg_elem(msg_en, start);
int rc;
+ memcpy(rec->iv_data, tls_ctx->tx.iv, sizeof(rec->iv_data));
+
sge->offset += tls_ctx->tx.prepend_size;
sge->length -= tls_ctx->tx.prepend_size;
@@ -448,7 +450,7 @@ static int tls_do_encryption(struct sock *sk,
aead_request_set_ad(aead_req, TLS_AAD_SPACE_SIZE);
aead_request_set_crypt(aead_req, rec->sg_aead_in,
rec->sg_aead_out,
- data_len, tls_ctx->tx.iv);
+ data_len, rec->iv_data);
aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG,
tls_encrypt_done, sk);
--
2.17.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH net] net: tls: Save iv in tls_rec for async crypto requests
2019-01-27 0:57 [PATCH net] net: tls: Save iv in tls_rec for async crypto requests Dave Watson
@ 2019-01-29 7:06 ` David Miller
2019-01-29 17:21 ` Dave Watson
0 siblings, 1 reply; 5+ messages in thread
From: David Miller @ 2019-01-29 7:06 UTC (permalink / raw)
To: davejwatson; +Cc: netdev, vakul.garg, borisp, aviadye, john.fastabend, daniel
From: Dave Watson <davejwatson@fb.com>
Date: Sun, 27 Jan 2019 00:57:38 +0000
> aead_request_set_crypt takes an iv pointer, and we change the iv
> soon after setting it. Some async crypto algorithms don't save the iv,
> so we need to save it in the tls_rec for async requests.
>
> Found by hardcoding x64 aesni to use async crypto manager (to test the async
> codepath), however I don't think this combination can happen in the wild.
> Presumably other hardware offloads will need this fix, but there have been
> no user reports.
>
> Fixes: a42055e8d2c30 ("Add support for async encryption of records...")
> Signed-off-by: Dave Watson <davejwatson@fb.com>
Applied and queued up for -stable.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH net] net: tls: Save iv in tls_rec for async crypto requests
2019-01-29 7:06 ` David Miller
@ 2019-01-29 17:21 ` Dave Watson
2019-01-29 18:57 ` David Miller
2019-01-30 6:14 ` David Miller
0 siblings, 2 replies; 5+ messages in thread
From: Dave Watson @ 2019-01-29 17:21 UTC (permalink / raw)
To: David Miller; +Cc: netdev
On 01/28/19 11:06 PM, David Miller wrote:
> From: Dave Watson <davejwatson@fb.com>
> Date: Sun, 27 Jan 2019 00:57:38 +0000
>
> > aead_request_set_crypt takes an iv pointer, and we change the iv
> > soon after setting it. Some async crypto algorithms don't save the iv,
> > so we need to save it in the tls_rec for async requests.
> >
> > Found by hardcoding x64 aesni to use async crypto manager (to test the async
> > codepath), however I don't think this combination can happen in the wild.
> > Presumably other hardware offloads will need this fix, but there have been
> > no user reports.
> >
> > Fixes: a42055e8d2c30 ("Add support for async encryption of records...")
> > Signed-off-by: Dave Watson <davejwatson@fb.com>
>
> Applied and queued up for -stable.
I'd like to merge TLS1.3 support to net-next, which depends on this
commit. Can we get a net->net-next merge when convenient? Thanks
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2019-01-30 6:14 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-27 0:57 [PATCH net] net: tls: Save iv in tls_rec for async crypto requests Dave Watson
2019-01-29 7:06 ` David Miller
2019-01-29 17:21 ` Dave Watson
2019-01-29 18:57 ` David Miller
2019-01-30 6:14 ` David Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).