[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240416204004.3942393-3-vadfed@meta.com>
Date: Tue, 16 Apr 2024 13:40:02 -0700
From: Vadim Fedorenko <vadfed@...a.com>
To: Vadim Fedorenko <vadim.fedorenko@...ux.dev>,
Jakub Kicinski
<kuba@...nel.org>,
Martin KaFai Lau <martin.lau@...ux.dev>,
Andrii Nakryiko
<andrii@...nel.org>,
Alexei Starovoitov <ast@...nel.org>, Mykola Lysenko
<mykolal@...com>,
Herbert Xu <herbert@...dor.apana.org.au>
CC: Vadim Fedorenko <vadfed@...a.com>, <netdev@...r.kernel.org>,
<linux-crypto@...r.kernel.org>, <bpf@...r.kernel.org>
Subject: [PATCH bpf-next v9 2/4] bpf: crypto: add skcipher to bpf crypto
Implement skcipher crypto in BPF crypto framework.
Signed-off-by: Vadim Fedorenko <vadfed@...a.com>
Acked-by: Herbert Xu <herbert@...dor.apana.org.au>
---
v8 -> v9:
- add Herbert's Ack
v7 -> v8:
- Move bpf_crypto_skcipher.c to crypto and make it part of
skcipher module. This way looks more natural and makes bpf crypto
proper modular. MAINTAINERS files is adjusted to make bpf part
belong to BPF maintainers.
v6 - v7:
- style issues
v6:
- introduce new file
---
MAINTAINERS | 8 ++++
crypto/Makefile | 3 ++
crypto/bpf_crypto_skcipher.c | 82 ++++++++++++++++++++++++++++++++++++
3 files changed, 93 insertions(+)
create mode 100644 crypto/bpf_crypto_skcipher.c
diff --git a/MAINTAINERS b/MAINTAINERS
index 6a233e1a3cf2..c9f887fbb477 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -3822,6 +3822,14 @@ F: kernel/bpf/tnum.c
F: kernel/bpf/trampoline.c
F: kernel/bpf/verifier.c
+BPF [CRYPTO]
+M: Vadim Fedorenko <vadim.fedorenko@...ux.dev>
+L: bpf@...r.kernel.org
+S: Maintained
+F: crypto/bpf_crypto_skcipher.c
+F: include/linux/bpf_crypto.h
+F: kernel/bpf/crypto.c
+
BPF [DOCUMENTATION] (Related to Standardization)
R: David Vernet <void@...ifault.com>
L: bpf@...r.kernel.org
diff --git a/crypto/Makefile b/crypto/Makefile
index 408f0a1f9ab9..538124f8bf8a 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -20,6 +20,9 @@ crypto_skcipher-y += lskcipher.o
crypto_skcipher-y += skcipher.o
obj-$(CONFIG_CRYPTO_SKCIPHER2) += crypto_skcipher.o
+ifeq ($(CONFIG_BPF_SYSCALL),y)
+obj-$(CONFIG_CRYPTO_SKCIPHER2) += bpf_crypto_skcipher.o
+endif
obj-$(CONFIG_CRYPTO_SEQIV) += seqiv.o
obj-$(CONFIG_CRYPTO_ECHAINIV) += echainiv.o
diff --git a/crypto/bpf_crypto_skcipher.c b/crypto/bpf_crypto_skcipher.c
new file mode 100644
index 000000000000..b5e657415770
--- /dev/null
+++ b/crypto/bpf_crypto_skcipher.c
@@ -0,0 +1,82 @@
+// SPDX-License-Identifier: GPL-2.0-only
+/* Copyright (c) 2024 Meta, Inc */
+#include <linux/types.h>
+#include <linux/module.h>
+#include <linux/bpf_crypto.h>
+#include <crypto/skcipher.h>
+
+static void *bpf_crypto_lskcipher_alloc_tfm(const char *algo)
+{
+ return crypto_alloc_lskcipher(algo, 0, 0);
+}
+
+static void bpf_crypto_lskcipher_free_tfm(void *tfm)
+{
+ crypto_free_lskcipher(tfm);
+}
+
+static int bpf_crypto_lskcipher_has_algo(const char *algo)
+{
+ return crypto_has_skcipher(algo, CRYPTO_ALG_TYPE_LSKCIPHER, CRYPTO_ALG_TYPE_MASK);
+}
+
+static int bpf_crypto_lskcipher_setkey(void *tfm, const u8 *key, unsigned int keylen)
+{
+ return crypto_lskcipher_setkey(tfm, key, keylen);
+}
+
+static u32 bpf_crypto_lskcipher_get_flags(void *tfm)
+{
+ return crypto_lskcipher_get_flags(tfm);
+}
+
+static unsigned int bpf_crypto_lskcipher_ivsize(void *tfm)
+{
+ return crypto_lskcipher_ivsize(tfm);
+}
+
+static unsigned int bpf_crypto_lskcipher_statesize(void *tfm)
+{
+ return crypto_lskcipher_statesize(tfm);
+}
+
+static int bpf_crypto_lskcipher_encrypt(void *tfm, const u8 *src, u8 *dst,
+ unsigned int len, u8 *siv)
+{
+ return crypto_lskcipher_encrypt(tfm, src, dst, len, siv);
+}
+
+static int bpf_crypto_lskcipher_decrypt(void *tfm, const u8 *src, u8 *dst,
+ unsigned int len, u8 *siv)
+{
+ return crypto_lskcipher_decrypt(tfm, src, dst, len, siv);
+}
+
+static const struct bpf_crypto_type bpf_crypto_lskcipher_type = {
+ .alloc_tfm = bpf_crypto_lskcipher_alloc_tfm,
+ .free_tfm = bpf_crypto_lskcipher_free_tfm,
+ .has_algo = bpf_crypto_lskcipher_has_algo,
+ .setkey = bpf_crypto_lskcipher_setkey,
+ .encrypt = bpf_crypto_lskcipher_encrypt,
+ .decrypt = bpf_crypto_lskcipher_decrypt,
+ .ivsize = bpf_crypto_lskcipher_ivsize,
+ .statesize = bpf_crypto_lskcipher_statesize,
+ .get_flags = bpf_crypto_lskcipher_get_flags,
+ .owner = THIS_MODULE,
+ .name = "skcipher",
+};
+
+static int __init bpf_crypto_skcipher_init(void)
+{
+ return bpf_crypto_register_type(&bpf_crypto_lskcipher_type);
+}
+
+static void __exit bpf_crypto_skcipher_exit(void)
+{
+ int err = bpf_crypto_unregister_type(&bpf_crypto_lskcipher_type);
+ WARN_ON_ONCE(err);
+}
+
+module_init(bpf_crypto_skcipher_init);
+module_exit(bpf_crypto_skcipher_exit);
+MODULE_LICENSE("GPL");
--
2.43.0
Powered by blists - more mailing lists