Commit 5d7d28e5 authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'tipc-add-more-features-to-TIPC-encryption' 



Tuong Lien says:

====================
tipc: add more features to TIPC encryption

This series adds some new features to TIPC encryption:

- Patch 1 ("tipc: optimize key switching time and logic") optimizes the
code and logic in preparation for the following commits.

- Patch 2 ("tipc: introduce encryption master key") introduces support
of 'master key' for authentication of new nodes and key exchange. A
master key can be set/changed by user via netlink (eg. using the same
'tipc node set key' command in iproute2/tipc).

- Patch 3 ("tipc: add automatic session key exchange") allows a session
key to be securely exchanged between nodes as needed.

- Patch 4 ("tipc: add automatic rekeying for encryption key") adds
automatic 'rekeying' of session keys a specific interval. The new key
will be distributed automatically to peer nodes, so become active then.
The rekeying interval is configurable via netlink as well.

v2: update the "tipc: add automatic session key exchange" patch to fix
"implicit declaration" issue when built without "CONFIG_TIPC_CRYPTO".

v3: update the patches according to David comments by using the
"genl_info->extack" for messages in response to netlink user config
requests.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents cb589a55 23700da2

include/uapi/linux/tipc.h

+2 −0
Original line number Diff line number Diff line
@@ -254,6 +254,8 @@ static inline int tipc_aead_key_size(struct tipc_aead_key *key) 
	return sizeof(*key) + key->keylen;

}



#define TIPC_REKEYING_NOW		(~0U)



/* The macros and functions below are deprecated:

 */

include/uapi/linux/tipc_netlink.h

+2 −0
Original line number Diff line number Diff line
@@ -165,6 +165,8 @@ enum { 
	TIPC_NLA_NODE_UP,		/* flag */

	TIPC_NLA_NODE_ID,		/* data */

	TIPC_NLA_NODE_KEY,		/* data */

	TIPC_NLA_NODE_KEY_MASTER,	/* flag */

	TIPC_NLA_NODE_REKEYING,		/* u32 */



	__TIPC_NLA_NODE_MAX,

	TIPC_NLA_NODE_MAX = __TIPC_NLA_NODE_MAX - 1

net/tipc/crypto.c

+727 −254

File changed.

Preview size limit exceeded, changes collapsed.

net/tipc/crypto.h

+38 −5
Original line number Diff line number Diff line
@@ -67,6 +67,7 @@ enum { 
};



extern int sysctl_tipc_max_tfms __read_mostly;

extern int sysctl_tipc_key_exchange_enabled __read_mostly;



/**

 * TIPC encryption message format:
@@ -74,7 +75,7 @@ extern int sysctl_tipc_max_tfms __read_mostly; 
 *     3 3 2 2 2 2 2 2 2 2 2 2 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0

 *     1 0 9 8 7 6 5 4|3 2 1 0 9 8 7 6|5 4 3 2 1 0 9 8|7 6 5 4 3 2 1 0

 *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

 * w0:|Ver=7| User  |D|TX |RX |K|                 Rsvd                |

 * w0:|Ver=7| User  |D|TX |RX |K|M|N|             Rsvd                |

 *    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

 * w1:|                             Seqno                             |

 * w2:|                           (8 octets)                          |
@@ -101,6 +102,9 @@ extern int sysctl_tipc_max_tfms __read_mostly; 
 *	RX	: Currently RX active key corresponding to the destination

 *	          node's TX key (when the "D" bit is set)

 *	K	: Keep-alive bit (for RPS, LINK_PROTOCOL/STATE_MSG only)

 *	M       : Bit indicates if sender has master key

 *	N	: Bit indicates if sender has no RX keys corresponding to the

 *	          receiver's TX (when the "D" bit is set)

 *	Rsvd	: Reserved bit, field

 * Word1-2:

 *	Seqno	: The 64-bit sequence number of the encrypted message, also
@@ -117,7 +121,9 @@ struct tipc_ehdr { 
			__u8	destined:1,

				user:4,

				version:3;

			__u8	reserved_1:3,

			__u8	reserved_1:1,

				rx_nokey:1,

				master_key:1,

				keepalive:1,

				rx_key_active:2,

				tx_key:2;
@@ -128,7 +134,9 @@ struct tipc_ehdr { 
			__u8	tx_key:2,

				rx_key_active:2,

				keepalive:1,

				reserved_1:3;

				master_key:1,

				rx_nokey:1,

				reserved_1:1;

#else

#error  "Please fix <asm/byteorder.h>"

#endif
@@ -158,10 +166,35 @@ int tipc_crypto_xmit(struct net *net, struct sk_buff **skb, 
int tipc_crypto_rcv(struct net *net, struct tipc_crypto *rx,

		    struct sk_buff **skb, struct tipc_bearer *b);

int tipc_crypto_key_init(struct tipc_crypto *c, struct tipc_aead_key *ukey,

			 u8 mode);

			 u8 mode, bool master_key);

void tipc_crypto_key_flush(struct tipc_crypto *c);

int tipc_aead_key_validate(struct tipc_aead_key *ukey);

int tipc_crypto_key_distr(struct tipc_crypto *tx, u8 key,

			  struct tipc_node *dest);

void tipc_crypto_msg_rcv(struct net *net, struct sk_buff *skb);

void tipc_crypto_rekeying_sched(struct tipc_crypto *tx, bool changed,

				u32 new_intv);

int tipc_aead_key_validate(struct tipc_aead_key *ukey, struct genl_info *info);

bool tipc_ehdr_validate(struct sk_buff *skb);



static inline u32 msg_key_gen(struct tipc_msg *m)

{

	return msg_bits(m, 4, 16, 0xffff);

}



static inline void msg_set_key_gen(struct tipc_msg *m, u32 gen)

{

	msg_set_bits(m, 4, 16, 0xffff, gen);

}



static inline u32 msg_key_mode(struct tipc_msg *m)

{

	return msg_bits(m, 4, 0, 0xf);

}



static inline void msg_set_key_mode(struct tipc_msg *m, u32 mode)

{

	msg_set_bits(m, 4, 0, 0xf, mode);

}



#endif /* _TIPC_CRYPTO_H */

#endif

net/tipc/link.c

+5 −0
Original line number Diff line number Diff line
@@ -1250,6 +1250,11 @@ static bool tipc_data_input(struct tipc_link *l, struct sk_buff *skb, 
	case MSG_FRAGMENTER:

	case BCAST_PROTOCOL:

		return false;

#ifdef CONFIG_TIPC_CRYPTO

	case MSG_CRYPTO:

		tipc_crypto_msg_rcv(l->net, skb);

		return true;

#endif

	default:

		pr_warn("Dropping received illegal msg type\n");

		kfree_skb(skb);