lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 30 Aug 2019 10:56:00 +0200
From:   Davide Caratti <dcaratti@...hat.com>
To:     Jakub Kicinski <jakub.kicinski@...ronome.com>
Cc:     borisp@...lanox.com, Eric Dumazet <eric.dumazet@...il.com>,
        aviadye@...lanox.com, davejwatson@...com, davem@...emloft.net,
        john.fastabend@...il.com,
        Matthieu Baerts <matthieu.baerts@...sares.net>,
        netdev@...r.kernel.org
Subject: Re: [PATCH net-next v2 3/3] net: tls: export protocol version,
 cipher, tx_conf/rx_conf to socket diag

On Thu, 2019-08-29 at 14:56 -0700, Jakub Kicinski wrote:
> On Thu, 29 Aug 2019 18:48:04 +0200, Davide Caratti wrote:

[...]
> > @@ -431,6 +431,25 @@ static inline bool is_tx_ready(struct tls_sw_context_tx *ctx)
> >  	return READ_ONCE(rec->tx_ready);
> >  }
> >  
> > +static inline u16 tls_user_config(struct tls_context *ctx, bool tx)
> > +{
> > +	u16 config = tx ? ctx->tx_conf : ctx->rx_conf;
> > +
> > +	switch (config) {
> > +	case TLS_BASE:
> > +		return TLS_CONF_BASE;
> > +	case TLS_SW:
> > +		return TLS_CONF_SW;
> > +#ifdef CONFIG_TLS_DEVICE
> 
> Recently the TLS_HW define was taken out of the ifdef, so the ifdef
> around this is no longer necessary.

since the value of 'ctx->tx_conf' is always assigned/compared to 'TLS_HW'
under #ifdef CONFIG_TLS_DEVICE, the diag code will never reach that label 
when CONFIG_TLS_DEVICE is unset.
On the other hand, I'm ok for avoiding the #ifdefs unless they are really 
needed _ and probably IS_ENABLED() won't improve anything here, so I will 
just remove the #ifdef in series v3.

[...]

> > @@ -835,6 +836,67 @@ static void tls_update(struct sock *sk, struct proto *p)
> >  	}
> >  }
> >  
> > +static int tls_get_info(const struct sock *sk, struct sk_buff *skb)
> > +{
> > +	struct tls_context *ctx;
> > +	u16 version, cipher_type;
> 
> Unfortunately revere christmas tree will be needed :(

that's due :) I will fix in series v3.

thanks!
-- 
davide

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ