lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Y0UrBKpN92SstSt/@unreal>
Date:   Tue, 11 Oct 2022 11:36:20 +0300
From:   Leon Romanovsky <leon@...nel.org>
To:     Yinjun Zhang <yinjun.zhang@...igine.com>
Cc:     Simon Horman <simon.horman@...igine.com>,
        David Miller <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>, netdev@...r.kernel.org,
        oss-drivers@...igine.com,
        Huanhuan Wang <huanhuan.wang@...igine.com>,
        chengtian.liu@...igine.com
Subject: Re: [PATCH net-next v2 3/3] nfp: implement xfrm callbacks and expose
 ipsec offload feature to upper layer

On Mon, Oct 10, 2022 at 03:14:34PM +0800, Yinjun Zhang wrote:
> On Thu, Sep 29, 2022 at 11:26:24AM +0300, Leon Romanovsky wrote:
> > On Tue, Sep 27, 2022 at 12:27:07PM +0200, Simon Horman wrote:
> > 
> > > +	mutex_lock(&ipd->lock);
> > > +
> > > +	if (ipd->sa_free_cnt == 0) {
> > > +		nn_err(nn, "No space for xfrm offload\n");
> > > +		err = -ENOSPC;
> > 
> > Why don't you return EOPNOTSUPP?
> > 
> 
> Here means no available sa. I think ENOSPC is more appropriate than
> EOPNOTSUPP, and it looks like xfrm will fall back to software mode
> when driver returns EOPNOTSUPP.

Yes, and it is exactly what is expected. If device for some reason
doesn't support crypto offload, SW path should be taken instead.

> 
> > > +static void xfrm_invalidate(struct nfp_net *nn, unsigned int saidx, int is_del)
> > > +{
> > > +	struct nfp_net_ipsec_data *ipd = nn->ipsec_data;
> > > +	struct nfp_net_ipsec_sa_data *sa_data;
> > > +	struct nfp_ipsec_cfg_mssg msg;
> > > +	int err;
> > > +
> > > +	sa_data = &ipd->sa_entries[saidx];
> > > +	if (!sa_data->invalidated) {
> > > +		err = nfp_ipsec_cfg_cmd_issue(nn, NFP_IPSEC_CFG_MSSG_INV_SA, saidx, &msg);
> > > +		if (err)
> > > +			nn_warn(nn, "Failed to invalidate SA in hardware\n");
> > > +		sa_data->invalidated = 1;
> > > +	} else if (is_del) {
> > > +		nn_warn(nn, "Unexpected invalidate state for offloaded saidx %d\n", saidx);
> > 
> > You definitely need to clean all these not-possible flows.
> > 
> 
> Do you mean clean those sa entries? We clean them by invalidating them.
> You can see `xfrm_invalidate` is called in `nfp_net_xfrm_del_state`.

No, I means that you can't call to invalidate with "Unexpected ..." state.
You should ensure that free/invalidate/e.t.c logic operates on valid SAs
only.

Thanks

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ