lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20200318115548.12ce1e37@kicinski-fedora-PC1C0HJN>
Date:   Wed, 18 Mar 2020 11:55:48 -0700
From:   Jakub Kicinski <kuba@...nel.org>
To:     Rohit Maheshwari <rohitm@...lsio.com>
Cc:     herbert@...dor.apana.org.au, davem@...emloft.net,
        netdev@...r.kernel.org, borisp@...lanox.com, secdev@...lsio.com,
        Vinay Kumar Yadav <vinay.yadav@...lsio.com>
Subject: Re: [PATCH net-next] Crypto/chtls: add/delete TLS header in driver

On Wed, 18 Mar 2020 19:03:04 +0530 Rohit Maheshwari wrote:
> @@ -1022,15 +1014,20 @@ int chtls_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
>  			goto wait_for_sndbuf;
>  
>  		if (is_tls_tx(csk) && !csk->tlshws.txleft) {
> -			struct tls_hdr hdr;
> +			unsigned char record_type = TLS_RECORD_TYPE_DATA;
>  
> -			recordsz = tls_header_read(&hdr, &msg->msg_iter);
> -			size -= TLS_HEADER_LENGTH;
> -			copied += TLS_HEADER_LENGTH;
> +			if (unlikely(msg->msg_controllen)) {
> +				err = tls_proccess_cmsg(sk, msg, &record_type);

This is for the TOE TLS offload, right?

Could you open code this in your driver? This function calls
tls_handle_open_record(), which should be fine with the code as is,
but someone may make an assumption that it's no called for TOE and
break your offload.

Given it's impossible to test the offloads without HW today, I'd 
rather not mix the TOE with the other TLS types..

> +				if (err)
> +					goto out_err;
> +			}
> +
> +			recordsz = size;
>  			csk->tlshws.txleft = recordsz;
> -			csk->tlshws.type = hdr.type;
> +			csk->tlshws.type = record_type;
> +
>  			if (skb)
> -				ULP_SKB_CB(skb)->ulp.tls.type = hdr.type;
> +				ULP_SKB_CB(skb)->ulp.tls.type = record_type;
>  		}
>  
>  		if (!skb || (ULP_SKB_CB(skb)->flags & ULPCB_FLAG_NO_APPEND) ||

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ