Netdev Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Leonard Crestez <cdleonard@gmail.com>
To: Dmitry Safonov <0x7f454c46@gmail.com>
Cc: Eric Dumazet <edumazet@google.com>,
"David S. Miller" <davem@davemloft.net>,
Herbert Xu <herbert@gondor.apana.org.au>,
Kuniyuki Iwashima <kuniyu@amazon.co.jp>,
David Ahern <dsahern@kernel.org>,
Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
Jakub Kicinski <kuba@kernel.org>,
Yuchung Cheng <ycheng@google.com>,
Francesco Ruggeri <fruggeri@arista.com>,
Mat Martineau <mathew.j.martineau@linux.intel.com>,
Christoph Paasch <cpaasch@apple.com>,
Ivan Delalande <colona@arista.com>,
Priyaranjan Jha <priyarjha@google.com>,
Menglong Dong <dong.menglong@zte.com.cn>,
open list <linux-kernel@vger.kernel.org>,
linux-crypto@vger.kernel.org,
Network Development <netdev@vger.kernel.org>,
Dmitry Safonov <dima@arista.com>
Subject: Re: [RFCv2 1/9] tcp: authopt: Initial support and key management
Date: Thu, 12 Aug 2021 22:46:48 +0300 [thread overview]
Message-ID: <785d945e-c0d2-fee5-39d8-99dc06a074f1@gmail.com> (raw)
In-Reply-To: <1e2848fb-1538-94aa-0431-636fa314a36d@gmail.com>
On 8/11/21 11:29 AM, Leonard Crestez wrote:
> On 8/10/21 11:41 PM, Dmitry Safonov wrote:
>> On Tue, 10 Aug 2021 at 02:50, Leonard Crestez <cdleonard@gmail.com>
>>> + /* If an old value exists for same local_id it is deleted */
>>> + key_info = __tcp_authopt_key_info_lookup(sk, info,
>>> opt.local_id);
>>> + if (key_info)
>>> + tcp_authopt_key_del(sk, info, key_info);
>>> + key_info = sock_kmalloc(sk, sizeof(*key_info), GFP_KERNEL |
>>> __GFP_ZERO);
>>> + if (!key_info)
>>> + return -ENOMEM;
>>
>> 1. You don't need sock_kmalloc() together with tcp_authopt_key_del().
>> It just frees the memory and allocates it back straight away - no
>> sense in doing that.
>
> The list is scanned in multiple places in later commits using nothing
> but an rcu_read_lock, this means that keys can't be updated in-place.
>
>> 2. I think RFC says you must not allow a user to change an existing key:
>>> MKT parameters are not changed. Instead, new MKTs can be installed,
>>> and a connection
>>> can change which MKT it uses.
>>
>> IIUC, it means that one can't just change an existing MKT, but one can
>> remove and later
>> add MKT with the same (send_id, recv_id, src_addr/port, dst_addr/port).
>>
>> So, a reasonable thing to do:
>> if (key_info)
>> return -EEXIST.
>
> You're right, making the user delete keys explicitly is better.
On a second thought this might be required to mark keys as "send-only"
and "recv-only" atomically.
Separately from RFC5925 some vendors implement a "keychain" model based
on RFC8177 where each key has a distinct "accept-lifetime" and a
"send-lifetime". This could be implemented by adding flags
"expired_for_send" and "expired_for_recv" but requires the ability to
set an expiration mark without the key ever being deleted.
--
Regards,
Leonard
next prev parent reply other threads:[~2021-08-12 19:46 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-09 21:35 [RFCv2 0/9] tcp: Initial support for RFC5925 auth option Leonard Crestez
2021-08-09 21:35 ` [RFCv2 1/9] tcp: authopt: Initial support and key management Leonard Crestez
2021-08-10 20:41 ` Dmitry Safonov
2021-08-11 8:29 ` Leonard Crestez
2021-08-11 13:42 ` David Ahern
2021-08-11 19:11 ` Leonard Crestez
2021-08-11 20:26 ` Dmitry Safonov
2021-08-11 20:26 ` David Ahern
2021-08-11 14:31 ` Dmitry Safonov
2021-08-11 17:15 ` David Ahern
2021-08-11 20:12 ` Dmitry Safonov
2021-08-11 20:23 ` David Ahern
2021-08-11 19:08 ` Leonard Crestez
2021-08-12 19:46 ` Leonard Crestez [this message]
2021-08-09 21:35 ` [RFCv2 2/9] docs: Add user documentation for tcp_authopt Leonard Crestez
2021-08-09 21:35 ` [RFCv2 3/9] tcp: authopt: Add crypto initialization Leonard Crestez
2021-08-09 21:35 ` [RFCv2 4/9] tcp: authopt: Compute packet signatures Leonard Crestez
2021-08-09 21:35 ` [RFCv2 5/9] tcp: authopt: Hook into tcp core Leonard Crestez
2021-08-09 21:35 ` [RFCv2 6/9] tcp: authopt: Add key selection controls Leonard Crestez
2021-08-09 21:35 ` [RFCv2 7/9] tcp: authopt: Add snmp counters Leonard Crestez
2021-08-09 21:35 ` [RFCv2 8/9] selftests: Initial TCP-AO support for nettest Leonard Crestez
2021-08-09 21:35 ` [RFCv2 9/9] selftests: Initial TCP-AO support for fcnal-test Leonard Crestez
2021-08-11 13:46 ` David Ahern
2021-08-11 19:09 ` Leonard Crestez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=785d945e-c0d2-fee5-39d8-99dc06a074f1@gmail.com \
--to=cdleonard@gmail.com \
--cc=0x7f454c46@gmail.com \
--cc=colona@arista.com \
--cc=cpaasch@apple.com \
--cc=davem@davemloft.net \
--cc=dima@arista.com \
--cc=dong.menglong@zte.com.cn \
--cc=dsahern@kernel.org \
--cc=edumazet@google.com \
--cc=fruggeri@arista.com \
--cc=herbert@gondor.apana.org.au \
--cc=kuba@kernel.org \
--cc=kuniyu@amazon.co.jp \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mathew.j.martineau@linux.intel.com \
--cc=netdev@vger.kernel.org \
--cc=priyarjha@google.com \
--cc=ycheng@google.com \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).