From 94579ac3f6d0820adc83b5dc5358ead0158101e9 Mon Sep 17 00:00:00 2001 From: Huy Nguyen Date: Mon, 1 Jun 2020 16:39:37 -0500 Subject: xfrm: Fix double ESP trailer insertion in IPsec crypto offload. During IPsec performance testing, we see bad ICMP checksum. The error packet has duplicated ESP trailer due to double validate_xmit_xfrm calls. The first call is from ip_output, but the packet cannot be sent because netif_xmit_frozen_or_stopped is true and the packet gets dev_requeue_skb. The second call is from NET_TX softirq. However after the first call, the packet already has the ESP trailer. Fix by marking the skb with XFRM_XMIT bit after the packet is handled by validate_xmit_xfrm to avoid duplicate ESP trailer insertion. Fixes: f6e27114a60a ("net: Add a xfrm validate function to validate_xmit_skb") Signed-off-by: Huy Nguyen Reviewed-by: Boris Pismenny Reviewed-by: Raed Salem Reviewed-by: Saeed Mahameed Signed-off-by: Steffen Klassert --- net/xfrm/xfrm_device.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'net/xfrm') diff --git a/net/xfrm/xfrm_device.c b/net/xfrm/xfrm_device.c index f50d1f97cf8e..626096bd0d29 100644 --- a/net/xfrm/xfrm_device.c +++ b/net/xfrm/xfrm_device.c @@ -108,7 +108,7 @@ struct sk_buff *validate_xmit_xfrm(struct sk_buff *skb, netdev_features_t featur struct xfrm_offload *xo = xfrm_offload(skb); struct sec_path *sp; - if (!xo) + if (!xo || (xo->flags & XFRM_XMIT)) return skb; if (!(features & NETIF_F_HW_ESP)) @@ -129,6 +129,8 @@ struct sk_buff *validate_xmit_xfrm(struct sk_buff *skb, netdev_features_t featur return skb; } + xo->flags |= XFRM_XMIT; + if (skb_is_gso(skb)) { struct net_device *dev = skb->dev; -- cgit v1.2.3 From a4902d914e508f3691fa7ef885a76d2b7e735805 Mon Sep 17 00:00:00 2001 From: Stephen Rothwell Date: Mon, 11 May 2020 13:00:15 +1000 Subject: xfrm: merge fixup for "remove output_finish indirection from xfrm_state_afinfo" Signed-off-by: Stephen Rothwell Signed-off-by: Steffen Klassert --- net/xfrm/xfrm_output.c | 4 ---- 1 file changed, 4 deletions(-) (limited to 'net/xfrm') diff --git a/net/xfrm/xfrm_output.c b/net/xfrm/xfrm_output.c index e4c23f69f69f..a7ab19353313 100644 --- a/net/xfrm/xfrm_output.c +++ b/net/xfrm/xfrm_output.c @@ -574,16 +574,12 @@ int xfrm_output(struct sock *sk, struct sk_buff *skb) switch (x->outer_mode.family) { case AF_INET: memset(IPCB(skb), 0, sizeof(*IPCB(skb))); -#ifdef CONFIG_NETFILTER IPCB(skb)->flags |= IPSKB_XFRM_TRANSFORMED; -#endif break; case AF_INET6: memset(IP6CB(skb), 0, sizeof(*IP6CB(skb))); -#ifdef CONFIG_NETFILTER IP6CB(skb)->flags |= IP6SKB_XFRM_TRANSFORMED; -#endif break; } -- cgit v1.2.3 From 7d4e3919592593594296944ae7da1a207706e8c5 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Wed, 10 Jun 2020 09:14:35 -0700 Subject: esp, ah: consolidate the crypto algorithm selections Instead of duplicating the algorithm selections between INET_AH and INET6_AH and between INET_ESP and INET6_ESP, create new tristates XFRM_AH and XFRM_ESP that do the algorithm selections, and make these be selected by the corresponding INET* options. Suggested-by: Herbert Xu Acked-by: Herbert Xu Cc: Corentin Labbe Cc: Greg Kroah-Hartman Cc: Steffen Klassert Signed-off-by: Eric Biggers Signed-off-by: Steffen Klassert --- net/ipv4/Kconfig | 16 ++-------------- net/ipv6/Kconfig | 16 ++-------------- net/xfrm/Kconfig | 20 ++++++++++++++++++++ 3 files changed, 24 insertions(+), 28 deletions(-) (limited to 'net/xfrm') diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig index 23ba5045e3d3..39a7a21744dc 100644 --- a/net/ipv4/Kconfig +++ b/net/ipv4/Kconfig @@ -340,11 +340,7 @@ config NET_FOU_IP_TUNNELS config INET_AH tristate "IP: AH transformation" - select XFRM_ALGO - select CRYPTO - select CRYPTO_HMAC - select CRYPTO_MD5 - select CRYPTO_SHA1 + select XFRM_AH ---help--- Support for IPsec AH. @@ -352,15 +348,7 @@ config INET_AH config INET_ESP tristate "IP: ESP transformation" - select XFRM_ALGO - select CRYPTO - select CRYPTO_AUTHENC - select CRYPTO_HMAC - select CRYPTO_MD5 - select CRYPTO_CBC - select CRYPTO_SHA1 - select CRYPTO_DES - select CRYPTO_ECHAINIV + select XFRM_ESP ---help--- Support for IPsec ESP. diff --git a/net/ipv6/Kconfig b/net/ipv6/Kconfig index 4f03aece2980..70313f16319d 100644 --- a/net/ipv6/Kconfig +++ b/net/ipv6/Kconfig @@ -49,11 +49,7 @@ config IPV6_OPTIMISTIC_DAD config INET6_AH tristate "IPv6: AH transformation" - select XFRM_ALGO - select CRYPTO - select CRYPTO_HMAC - select CRYPTO_MD5 - select CRYPTO_SHA1 + select XFRM_AH ---help--- Support for IPsec AH. @@ -61,15 +57,7 @@ config INET6_AH config INET6_ESP tristate "IPv6: ESP transformation" - select XFRM_ALGO - select CRYPTO - select CRYPTO_AUTHENC - select CRYPTO_HMAC - select CRYPTO_MD5 - select CRYPTO_CBC - select CRYPTO_SHA1 - select CRYPTO_DES - select CRYPTO_ECHAINIV + select XFRM_ESP ---help--- Support for IPsec ESP. diff --git a/net/xfrm/Kconfig b/net/xfrm/Kconfig index b7fd9c838416..169c22140709 100644 --- a/net/xfrm/Kconfig +++ b/net/xfrm/Kconfig @@ -67,6 +67,26 @@ config XFRM_STATISTICS If unsure, say N. +config XFRM_AH + tristate + select XFRM_ALGO + select CRYPTO + select CRYPTO_HMAC + select CRYPTO_MD5 + select CRYPTO_SHA1 + +config XFRM_ESP + tristate + select XFRM_ALGO + select CRYPTO + select CRYPTO_AUTHENC + select CRYPTO_HMAC + select CRYPTO_MD5 + select CRYPTO_CBC + select CRYPTO_SHA1 + select CRYPTO_DES + select CRYPTO_ECHAINIV + config XFRM_IPCOMP tristate select XFRM_ALGO -- cgit v1.2.3 From 37ea0f18fb19e0646c166037043232915cd9e995 Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Wed, 10 Jun 2020 09:14:36 -0700 Subject: esp: select CRYPTO_SEQIV Commit f23efcbcc523 ("crypto: ctr - no longer needs CRYPTO_SEQIV") made CRYPTO_CTR stop selecting CRYPTO_SEQIV. This breaks IPsec for most users since GCM and several other encryption algorithms require "seqiv" -- and RFC 8221 lists AES-GCM as "MUST" be implemented. Just make XFRM_ESP select CRYPTO_SEQIV. Fixes: f23efcbcc523 ("crypto: ctr - no longer needs CRYPTO_SEQIV") Acked-by: Herbert Xu Cc: Corentin Labbe Cc: Greg Kroah-Hartman Cc: Steffen Klassert Signed-off-by: Eric Biggers Signed-off-by: Steffen Klassert --- net/xfrm/Kconfig | 1 + 1 file changed, 1 insertion(+) (limited to 'net/xfrm') diff --git a/net/xfrm/Kconfig b/net/xfrm/Kconfig index 169c22140709..b2ff8df2c836 100644 --- a/net/xfrm/Kconfig +++ b/net/xfrm/Kconfig @@ -86,6 +86,7 @@ config XFRM_ESP select CRYPTO_SHA1 select CRYPTO_DES select CRYPTO_ECHAINIV + select CRYPTO_SEQIV config XFRM_IPCOMP tristate -- cgit v1.2.3 From be01369859b8aa07346e497381bb46d377da0d8c Mon Sep 17 00:00:00 2001 From: Eric Biggers Date: Wed, 10 Jun 2020 09:14:37 -0700 Subject: esp, ah: modernize the crypto algorithm selections The crypto algorithms selected by the ESP and AH kconfig options are out-of-date with the guidance of RFC 8221, which lists the legacy algorithms MD5 and DES as "MUST NOT" be implemented, and some more modern algorithms like AES-GCM and HMAC-SHA256 as "MUST" be implemented. But the options select the legacy algorithms, not the modern ones. Therefore, modify these options to select the MUST algorithms -- and *only* the MUST algorithms. Also improve the help text. Note that other algorithms may still be explicitly enabled in the kconfig, and the choice of which to actually use is still controlled by userspace. This change only modifies the list of algorithms for which kernel support is guaranteed to be present. Suggested-by: Herbert Xu Suggested-by: Steffen Klassert Acked-by: Herbert Xu Cc: Corentin Labbe Cc: Greg Kroah-Hartman Signed-off-by: Eric Biggers Signed-off-by: Steffen Klassert --- net/ipv4/Kconfig | 18 ++++++++++++++++-- net/ipv6/Kconfig | 18 ++++++++++++++++-- net/xfrm/Kconfig | 15 +++++++++------ 3 files changed, 41 insertions(+), 10 deletions(-) (limited to 'net/xfrm') diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig index 39a7a21744dc..dc9dfaef77e5 100644 --- a/net/ipv4/Kconfig +++ b/net/ipv4/Kconfig @@ -342,7 +342,14 @@ config INET_AH tristate "IP: AH transformation" select XFRM_AH ---help--- - Support for IPsec AH. + Support for IPsec AH (Authentication Header). + + AH can be used with various authentication algorithms. Besides + enabling AH support itself, this option enables the generic + implementations of the algorithms that RFC 8221 lists as MUST be + implemented. If you need any other algorithms, you'll need to enable + them in the crypto API. You should also enable accelerated + implementations of any needed algorithms when available. If unsure, say Y. @@ -350,7 +357,14 @@ config INET_ESP tristate "IP: ESP transformation" select XFRM_ESP ---help--- - Support for IPsec ESP. + Support for IPsec ESP (Encapsulating Security Payload). + + ESP can be used with various encryption and authentication algorithms. + Besides enabling ESP support itself, this option enables the generic + implementations of the algorithms that RFC 8221 lists as MUST be + implemented. If you need any other algorithms, you'll need to enable + them in the crypto API. You should also enable accelerated + implementations of any needed algorithms when available. If unsure, say Y. diff --git a/net/ipv6/Kconfig b/net/ipv6/Kconfig index 70313f16319d..414a68b16869 100644 --- a/net/ipv6/Kconfig +++ b/net/ipv6/Kconfig @@ -51,7 +51,14 @@ config INET6_AH tristate "IPv6: AH transformation" select XFRM_AH ---help--- - Support for IPsec AH. + Support for IPsec AH (Authentication Header). + + AH can be used with various authentication algorithms. Besides + enabling AH support itself, this option enables the generic + implementations of the algorithms that RFC 8221 lists as MUST be + implemented. If you need any other algorithms, you'll need to enable + them in the crypto API. You should also enable accelerated + implementations of any needed algorithms when available. If unsure, say Y. @@ -59,7 +66,14 @@ config INET6_ESP tristate "IPv6: ESP transformation" select XFRM_ESP ---help--- - Support for IPsec ESP. + Support for IPsec ESP (Encapsulating Security Payload). + + ESP can be used with various encryption and authentication algorithms. + Besides enabling ESP support itself, this option enables the generic + implementations of the algorithms that RFC 8221 lists as MUST be + implemented. If you need any other algorithms, you'll need to enable + them in the crypto API. You should also enable accelerated + implementations of any needed algorithms when available. If unsure, say Y. diff --git a/net/xfrm/Kconfig b/net/xfrm/Kconfig index b2ff8df2c836..e77ba529229c 100644 --- a/net/xfrm/Kconfig +++ b/net/xfrm/Kconfig @@ -67,26 +67,29 @@ config XFRM_STATISTICS If unsure, say N. +# This option selects XFRM_ALGO along with the AH authentication algorithms that +# RFC 8221 lists as MUST be implemented. config XFRM_AH tristate select XFRM_ALGO select CRYPTO select CRYPTO_HMAC - select CRYPTO_MD5 - select CRYPTO_SHA1 + select CRYPTO_SHA256 +# This option selects XFRM_ALGO along with the ESP encryption and authentication +# algorithms that RFC 8221 lists as MUST be implemented. config XFRM_ESP tristate select XFRM_ALGO select CRYPTO + select CRYPTO_AES select CRYPTO_AUTHENC - select CRYPTO_HMAC - select CRYPTO_MD5 select CRYPTO_CBC - select CRYPTO_SHA1 - select CRYPTO_DES select CRYPTO_ECHAINIV + select CRYPTO_GCM + select CRYPTO_HMAC select CRYPTO_SEQIV + select CRYPTO_SHA256 config XFRM_IPCOMP tristate -- cgit v1.2.3