From: "Herbert Xu" <herbert@gondor.apana.org.au>
To: Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@kernel.org>,
dm-devel@redhat.com, "David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
netdev@vger.kernel.org, Tyler Hicks <code@tyhicks.com>,
ecryptfs@vger.kernel.org, Marcel Holtmann <marcel@holtmann.org>,
Johan Hedberg <johan.hedberg@gmail.com>,
Luiz Augusto von Dentz <luiz.dentz@gmail.com>,
linux-bluetooth@vger.kernel.org,
Steffen Klassert <steffen.klassert@secunet.com>,
Jon Maloy <jmaloy@redhat.com>, Ying Xue <ying.xue@windriver.com>,
Boris Pismenny <borisp@nvidia.com>,
John Fastabend <john.fastabend@gmail.com>,
David Howells <dhowells@redhat.com>,
Jarkko Sakkinen <jarkko@kernel.org>,
keyrings@vger.kernel.org
Subject: [dm-devel] [PATCH 8/17] tls: Only use data field in crypto completion function
Date: Mon, 06 Feb 2023 18:22:27 +0800 [thread overview]
Message-ID: <E1pOydn-007zi3-LG@formenos.hmeau.com> (raw)
In-Reply-To: Y+DUkqe1sagWaErA@gondor.apana.org.au
The crypto_async_request passed to the completion is not guaranteed
to be the original request object. Only the data field can be relied
upon.
Fix this by storing the socket pointer with the AEAD request.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
net/tls/tls.h | 2 ++
net/tls/tls_sw.c | 40 +++++++++++++++++++++++++++++-----------
2 files changed, 31 insertions(+), 11 deletions(-)
diff --git a/net/tls/tls.h b/net/tls/tls.h
index 0e840a0c3437..804c3880d028 100644
--- a/net/tls/tls.h
+++ b/net/tls/tls.h
@@ -70,6 +70,8 @@ struct tls_rec {
char content_type;
struct scatterlist sg_content_type;
+ struct sock *sk;
+
char aad_space[TLS_AAD_SPACE_SIZE];
u8 iv_data[MAX_IV_SIZE];
struct aead_request aead_req;
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 9ed978634125..5b7f67a7d394 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -38,6 +38,7 @@
#include <linux/bug.h>
#include <linux/sched/signal.h>
#include <linux/module.h>
+#include <linux/kernel.h>
#include <linux/splice.h>
#include <crypto/aead.h>
@@ -57,6 +58,7 @@ struct tls_decrypt_arg {
};
struct tls_decrypt_ctx {
+ struct sock *sk;
u8 iv[MAX_IV_SIZE];
u8 aad[TLS_MAX_AAD_SIZE];
u8 tail;
@@ -177,18 +179,25 @@ static int tls_padding_length(struct tls_prot_info *prot, struct sk_buff *skb,
return sub;
}
-static void tls_decrypt_done(struct crypto_async_request *req, int err)
+static void tls_decrypt_done(crypto_completion_data_t *data, int err)
{
- struct aead_request *aead_req = (struct aead_request *)req;
+ struct aead_request *aead_req = crypto_get_completion_data(data);
+ struct crypto_aead *aead = crypto_aead_reqtfm(aead_req);
struct scatterlist *sgout = aead_req->dst;
struct scatterlist *sgin = aead_req->src;
struct tls_sw_context_rx *ctx;
+ struct tls_decrypt_ctx *dctx;
struct tls_context *tls_ctx;
struct scatterlist *sg;
unsigned int pages;
struct sock *sk;
+ int aead_size;
- sk = (struct sock *)req->data;
+ aead_size = sizeof(*aead_req) + crypto_aead_reqsize(aead);
+ aead_size = ALIGN(aead_size, __alignof__(*dctx));
+ dctx = (void *)((u8 *)aead_req + aead_size);
+
+ sk = dctx->sk;
tls_ctx = tls_get_ctx(sk);
ctx = tls_sw_ctx_rx(tls_ctx);
@@ -240,7 +249,7 @@ static int tls_do_decryption(struct sock *sk,
if (darg->async) {
aead_request_set_callback(aead_req,
CRYPTO_TFM_REQ_MAY_BACKLOG,
- tls_decrypt_done, sk);
+ tls_decrypt_done, aead_req);
atomic_inc(&ctx->decrypt_pending);
} else {
aead_request_set_callback(aead_req,
@@ -336,6 +345,8 @@ static struct tls_rec *tls_get_rec(struct sock *sk)
sg_set_buf(&rec->sg_aead_out[0], rec->aad_space, prot->aad_size);
sg_unmark_end(&rec->sg_aead_out[1]);
+ rec->sk = sk;
+
return rec;
}
@@ -417,22 +428,27 @@ int tls_tx_records(struct sock *sk, int flags)
return rc;
}
-static void tls_encrypt_done(struct crypto_async_request *req, int err)
+static void tls_encrypt_done(crypto_completion_data_t *data, int err)
{
- struct aead_request *aead_req = (struct aead_request *)req;
- struct sock *sk = req->data;
- struct tls_context *tls_ctx = tls_get_ctx(sk);
- struct tls_prot_info *prot = &tls_ctx->prot_info;
- struct tls_sw_context_tx *ctx = tls_sw_ctx_tx(tls_ctx);
+ struct aead_request *aead_req = crypto_get_completion_data(data);
+ struct tls_sw_context_tx *ctx;
+ struct tls_context *tls_ctx;
+ struct tls_prot_info *prot;
struct scatterlist *sge;
struct sk_msg *msg_en;
struct tls_rec *rec;
bool ready = false;
+ struct sock *sk;
int pending;
rec = container_of(aead_req, struct tls_rec, aead_req);
msg_en = &rec->msg_encrypted;
+ sk = rec->sk;
+ tls_ctx = tls_get_ctx(sk);
+ prot = &tls_ctx->prot_info;
+ ctx = tls_sw_ctx_tx(tls_ctx);
+
sge = sk_msg_elem(msg_en, msg_en->sg.curr);
sge->offset -= prot->prepend_size;
sge->length += prot->prepend_size;
@@ -520,7 +536,7 @@ static int tls_do_encryption(struct sock *sk,
data_len, rec->iv_data);
aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG,
- tls_encrypt_done, sk);
+ tls_encrypt_done, aead_req);
/* Add the record in tx_list */
list_add_tail((struct list_head *)&rec->list, &ctx->tx_list);
@@ -1485,6 +1501,7 @@ static int tls_decrypt_sg(struct sock *sk, struct iov_iter *out_iov,
* Both structs are variable length.
*/
aead_size = sizeof(*aead_req) + crypto_aead_reqsize(ctx->aead_recv);
+ aead_size = ALIGN(aead_size, __alignof__(*dctx));
mem = kmalloc(aead_size + struct_size(dctx, sg, n_sgin + n_sgout),
sk->sk_allocation);
if (!mem) {
@@ -1495,6 +1512,7 @@ static int tls_decrypt_sg(struct sock *sk, struct iov_iter *out_iov,
/* Segment the allocated memory */
aead_req = (struct aead_request *)mem;
dctx = (struct tls_decrypt_ctx *)(mem + aead_size);
+ dctx->sk = sk;
sgin = &dctx->sg[0];
sgout = &dctx->sg[n_sgin];
--
dm-devel mailing list
dm-devel@redhat.com
https://listman.redhat.com/mailman/listinfo/dm-devel
WARNING: multiple messages have this Message-ID (diff)
From: "Herbert Xu" <herbert@gondor.apana.org.au>
To: Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@kernel.org>,
dm-devel@redhat.com, "David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
netdev@vger.kernel.org, Tyler Hicks <code@tyhicks.com>,
ecryptfs@vger.kernel.org, Marcel Holtmann <marcel@holtmann.org>,
Johan Hedberg <johan.hedberg@gmail.com>,
Luiz Augusto von Dentz <luiz.dentz@gmail.com>,
linux-bluetooth@vger.kernel.org,
Steffen Klassert <steffen.klassert@secunet.com>,
Jon Maloy <jmaloy@redhat.com>, Ying Xue <ying.xue@windriver.com>,
Boris Pismenny <borisp@nvidia.com>,
John Fastabend <john.fastabend@gmail.com>,
David Howells <dhowells@redhat.com>,
Jarkko Sakkinen <jarkko@kernel.org>,
keyrings@vger.kernel.org
Subject: [PATCH 8/17] tls: Only use data field in crypto completion function
Date: Mon, 06 Feb 2023 18:22:27 +0800 [thread overview]
Message-ID: <E1pOydn-007zi3-LG@formenos.hmeau.com> (raw)
In-Reply-To: Y+DUkqe1sagWaErA@gondor.apana.org.au
The crypto_async_request passed to the completion is not guaranteed
to be the original request object. Only the data field can be relied
upon.
Fix this by storing the socket pointer with the AEAD request.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
net/tls/tls.h | 2 ++
net/tls/tls_sw.c | 40 +++++++++++++++++++++++++++++-----------
2 files changed, 31 insertions(+), 11 deletions(-)
diff --git a/net/tls/tls.h b/net/tls/tls.h
index 0e840a0c3437..804c3880d028 100644
--- a/net/tls/tls.h
+++ b/net/tls/tls.h
@@ -70,6 +70,8 @@ struct tls_rec {
char content_type;
struct scatterlist sg_content_type;
+ struct sock *sk;
+
char aad_space[TLS_AAD_SPACE_SIZE];
u8 iv_data[MAX_IV_SIZE];
struct aead_request aead_req;
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 9ed978634125..5b7f67a7d394 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -38,6 +38,7 @@
#include <linux/bug.h>
#include <linux/sched/signal.h>
#include <linux/module.h>
+#include <linux/kernel.h>
#include <linux/splice.h>
#include <crypto/aead.h>
@@ -57,6 +58,7 @@ struct tls_decrypt_arg {
};
struct tls_decrypt_ctx {
+ struct sock *sk;
u8 iv[MAX_IV_SIZE];
u8 aad[TLS_MAX_AAD_SIZE];
u8 tail;
@@ -177,18 +179,25 @@ static int tls_padding_length(struct tls_prot_info *prot, struct sk_buff *skb,
return sub;
}
-static void tls_decrypt_done(struct crypto_async_request *req, int err)
+static void tls_decrypt_done(crypto_completion_data_t *data, int err)
{
- struct aead_request *aead_req = (struct aead_request *)req;
+ struct aead_request *aead_req = crypto_get_completion_data(data);
+ struct crypto_aead *aead = crypto_aead_reqtfm(aead_req);
struct scatterlist *sgout = aead_req->dst;
struct scatterlist *sgin = aead_req->src;
struct tls_sw_context_rx *ctx;
+ struct tls_decrypt_ctx *dctx;
struct tls_context *tls_ctx;
struct scatterlist *sg;
unsigned int pages;
struct sock *sk;
+ int aead_size;
- sk = (struct sock *)req->data;
+ aead_size = sizeof(*aead_req) + crypto_aead_reqsize(aead);
+ aead_size = ALIGN(aead_size, __alignof__(*dctx));
+ dctx = (void *)((u8 *)aead_req + aead_size);
+
+ sk = dctx->sk;
tls_ctx = tls_get_ctx(sk);
ctx = tls_sw_ctx_rx(tls_ctx);
@@ -240,7 +249,7 @@ static int tls_do_decryption(struct sock *sk,
if (darg->async) {
aead_request_set_callback(aead_req,
CRYPTO_TFM_REQ_MAY_BACKLOG,
- tls_decrypt_done, sk);
+ tls_decrypt_done, aead_req);
atomic_inc(&ctx->decrypt_pending);
} else {
aead_request_set_callback(aead_req,
@@ -336,6 +345,8 @@ static struct tls_rec *tls_get_rec(struct sock *sk)
sg_set_buf(&rec->sg_aead_out[0], rec->aad_space, prot->aad_size);
sg_unmark_end(&rec->sg_aead_out[1]);
+ rec->sk = sk;
+
return rec;
}
@@ -417,22 +428,27 @@ int tls_tx_records(struct sock *sk, int flags)
return rc;
}
-static void tls_encrypt_done(struct crypto_async_request *req, int err)
+static void tls_encrypt_done(crypto_completion_data_t *data, int err)
{
- struct aead_request *aead_req = (struct aead_request *)req;
- struct sock *sk = req->data;
- struct tls_context *tls_ctx = tls_get_ctx(sk);
- struct tls_prot_info *prot = &tls_ctx->prot_info;
- struct tls_sw_context_tx *ctx = tls_sw_ctx_tx(tls_ctx);
+ struct aead_request *aead_req = crypto_get_completion_data(data);
+ struct tls_sw_context_tx *ctx;
+ struct tls_context *tls_ctx;
+ struct tls_prot_info *prot;
struct scatterlist *sge;
struct sk_msg *msg_en;
struct tls_rec *rec;
bool ready = false;
+ struct sock *sk;
int pending;
rec = container_of(aead_req, struct tls_rec, aead_req);
msg_en = &rec->msg_encrypted;
+ sk = rec->sk;
+ tls_ctx = tls_get_ctx(sk);
+ prot = &tls_ctx->prot_info;
+ ctx = tls_sw_ctx_tx(tls_ctx);
+
sge = sk_msg_elem(msg_en, msg_en->sg.curr);
sge->offset -= prot->prepend_size;
sge->length += prot->prepend_size;
@@ -520,7 +536,7 @@ static int tls_do_encryption(struct sock *sk,
data_len, rec->iv_data);
aead_request_set_callback(aead_req, CRYPTO_TFM_REQ_MAY_BACKLOG,
- tls_encrypt_done, sk);
+ tls_encrypt_done, aead_req);
/* Add the record in tx_list */
list_add_tail((struct list_head *)&rec->list, &ctx->tx_list);
@@ -1485,6 +1501,7 @@ static int tls_decrypt_sg(struct sock *sk, struct iov_iter *out_iov,
* Both structs are variable length.
*/
aead_size = sizeof(*aead_req) + crypto_aead_reqsize(ctx->aead_recv);
+ aead_size = ALIGN(aead_size, __alignof__(*dctx));
mem = kmalloc(aead_size + struct_size(dctx, sg, n_sgin + n_sgout),
sk->sk_allocation);
if (!mem) {
@@ -1495,6 +1512,7 @@ static int tls_decrypt_sg(struct sock *sk, struct iov_iter *out_iov,
/* Segment the allocated memory */
aead_req = (struct aead_request *)mem;
dctx = (struct tls_decrypt_ctx *)(mem + aead_size);
+ dctx->sk = sk;
sgin = &dctx->sg[0];
sgout = &dctx->sg[n_sgin];
next prev parent reply other threads:[~2023-02-06 10:23 UTC|newest]
Thread overview: 81+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-06 10:21 [dm-devel] [PATCH 0/17] crypto: api - Change completion callback argument to void star Herbert Xu
2023-02-06 10:21 ` Herbert Xu
2023-02-06 10:22 ` [dm-devel] [PATCH 1/17] dm: Add scaffolding to change completion function signature Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-06 12:23 ` crypto: api - Change completion callback argument to void star bluez.test.bot
2023-02-06 17:29 ` [PATCH 1/17] dm: Add scaffolding to change completion function signature Mike Snitzer
2023-02-06 17:29 ` Mike Snitzer
2023-02-06 17:29 ` [dm-devel] " Mike Snitzer
2023-02-06 10:22 ` [dm-devel] [PATCH 2/17] net: macsec: " Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-10 0:43 ` Jarkko Sakkinen
2023-02-10 0:43 ` Jarkko Sakkinen
2023-02-10 0:43 ` [dm-devel] " Jarkko Sakkinen
2023-02-06 10:22 ` [dm-devel] [PATCH 3/17] fs: ecryptfs: Use crypto_wait_req Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-10 0:42 ` Jarkko Sakkinen
2023-02-10 0:42 ` Jarkko Sakkinen
2023-02-10 0:42 ` [dm-devel] " Jarkko Sakkinen
2023-02-06 10:22 ` [dm-devel] [PATCH 4/17] Bluetooth: " Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-06 10:22 ` [dm-devel] [PATCH 5/17] net: ipv4: Add scaffolding to change completion function signature Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-06 10:22 ` [dm-devel] [PATCH 6/17] net: ipv6: " Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-06 10:22 ` [dm-devel] [PATCH 7/17] tipc: " Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-06 10:22 ` Herbert Xu [this message]
2023-02-06 10:22 ` [PATCH 8/17] tls: Only use data field in crypto completion function Herbert Xu
2023-02-07 7:15 ` Jakub Kicinski
2023-02-07 7:15 ` Jakub Kicinski
2023-02-07 7:15 ` [dm-devel] " Jakub Kicinski
2023-02-07 8:18 ` [PATCH] tls: Pass rec instead of aead_req into tls_encrypt_done Herbert Xu
2023-02-07 8:18 ` Herbert Xu
2023-02-07 8:18 ` [dm-devel] " Herbert Xu
2023-02-07 8:41 ` bluez.test.bot
2023-02-07 18:50 ` [PATCH] " Jakub Kicinski
2023-02-07 18:50 ` Jakub Kicinski
2023-02-07 18:50 ` [dm-devel] " Jakub Kicinski
2023-02-06 10:22 ` [dm-devel] [PATCH 9/17] KEYS: DH: Use crypto_wait_req Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-06 10:22 ` [dm-devel] [PATCH 10/17] crypto: api - Use data directly in completion function Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-08 5:58 ` [v2 PATCH " Herbert Xu
2023-02-08 5:58 ` Herbert Xu
2023-02-08 5:58 ` [dm-devel] " Herbert Xu
2023-02-08 6:17 ` [v2,10/17] " bluez.test.bot
2023-02-06 10:22 ` [dm-devel] [PATCH 11/17] dm: Remove completion function scaffolding Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-06 17:29 ` Mike Snitzer
2023-02-06 17:29 ` Mike Snitzer
2023-02-06 17:29 ` [dm-devel] " Mike Snitzer
2023-02-06 10:22 ` [dm-devel] [PATCH 12/17] net: macsec: " Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-06 10:22 ` [dm-devel] [PATCH 13/17] net: ipv4: " Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-06 10:22 ` [dm-devel] [PATCH 14/17] net: ipv6: " Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-06 10:22 ` [dm-devel] [PATCH 15/17] tipc: " Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-06 10:22 ` [dm-devel] [PATCH 16/17] tls: " Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-06 10:22 ` [dm-devel] [PATCH 17/17] crypto: api - " Herbert Xu
2023-02-06 10:22 ` Herbert Xu
2023-02-10 0:56 ` Jarkko Sakkinen
2023-02-10 0:56 ` Jarkko Sakkinen
2023-02-10 0:56 ` [dm-devel] " Jarkko Sakkinen
2023-02-07 7:10 ` [PATCH 0/17] crypto: api - Change completion callback argument to void star Jakub Kicinski
2023-02-07 7:10 ` Jakub Kicinski
2023-02-07 7:10 ` [dm-devel] " Jakub Kicinski
2023-02-07 7:16 ` Jakub Kicinski
2023-02-07 7:16 ` Jakub Kicinski
2023-02-07 7:16 ` [dm-devel] " Jakub Kicinski
2023-02-07 8:03 ` Herbert Xu
2023-02-07 8:03 ` Herbert Xu
2023-02-07 8:03 ` [dm-devel] " Herbert Xu
2023-02-07 18:51 ` Jakub Kicinski
2023-02-07 18:51 ` Jakub Kicinski
2023-02-07 18:51 ` [dm-devel] " Jakub Kicinski
2023-02-08 4:02 ` Herbert Xu
2023-02-08 4:02 ` Herbert Xu
2023-02-08 4:02 ` [dm-devel] " Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=E1pOydn-007zi3-LG@formenos.hmeau.com \
--to=herbert@gondor.apana.org.au \
--cc=agk@redhat.com \
--cc=borisp@nvidia.com \
--cc=code@tyhicks.com \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=dm-devel@redhat.com \
--cc=ecryptfs@vger.kernel.org \
--cc=edumazet@google.com \
--cc=jarkko@kernel.org \
--cc=jmaloy@redhat.com \
--cc=johan.hedberg@gmail.com \
--cc=john.fastabend@gmail.com \
--cc=keyrings@vger.kernel.org \
--cc=kuba@kernel.org \
--cc=linux-bluetooth@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=luiz.dentz@gmail.com \
--cc=marcel@holtmann.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=snitzer@kernel.org \
--cc=steffen.klassert@secunet.com \
--cc=ying.xue@windriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.