lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <685d5213a7682_2dcd9a29452@willemb.c.googlers.com.notmuch>
Date: Thu, 26 Jun 2025 09:58:43 -0400
From: Willem de Bruijn <willemdebruijn.kernel@...il.com>
To: Jakub Kicinski <kuba@...nel.org>, 
 Daniel Zahka <daniel.zahka@...il.com>
Cc: Willem de Bruijn <willemdebruijn.kernel@...il.com>, 
 Donald Hunter <donald.hunter@...il.com>, 
 "David S. Miller" <davem@...emloft.net>, 
 Eric Dumazet <edumazet@...gle.com>, 
 Paolo Abeni <pabeni@...hat.com>, 
 Simon Horman <horms@...nel.org>, 
 Jonathan Corbet <corbet@....net>, 
 Andrew Lunn <andrew+netdev@...n.ch>, 
 Saeed Mahameed <saeedm@...dia.com>, 
 Leon Romanovsky <leon@...nel.org>, 
 Tariq Toukan <tariqt@...dia.com>, 
 Boris Pismenny <borisp@...dia.com>, 
 Kuniyuki Iwashima <kuniyu@...gle.com>, 
 Willem de Bruijn <willemb@...gle.com>, 
 David Ahern <dsahern@...nel.org>, 
 Neal Cardwell <ncardwell@...gle.com>, 
 Patrisious Haddad <phaddad@...dia.com>, 
 Raed Salem <raeds@...dia.com>, 
 Jianbo Liu <jianbol@...dia.com>, 
 Dragos Tatulea <dtatulea@...dia.com>, 
 Rahul Rameshbabu <rrameshbabu@...dia.com>, 
 Stanislav Fomichev <sdf@...ichev.me>, 
 Toke Høiland-Jørgensen <toke@...hat.com>, 
 Alexander Lobakin <aleksander.lobakin@...el.com>, 
 Jacob Keller <jacob.e.keller@...el.com>, 
 netdev@...r.kernel.org
Subject: Re: [PATCH v2 01/17] psp: add documentation

Jakub Kicinski wrote:
> On Thu, 26 Jun 2025 07:55:34 -0400 Daniel Zahka wrote:
> > >> +after ``psp-versions-ena`` has been disabled. User may also disable
> > >> +``psp-versions-ena`` while there are active associations, which will
> > >> +break all PSP Rx processing.
> > >> +
> > >> +Drivers are expected to ensure that device key is usable upon init
> > >> +(working keys can be allocated), and that no duplicate keys may be generated
> > >> +(reuse of SPI without key rotation). Drivers may achieve this by rotating
> > >> +keys twice before registering the PSP device.  
> > > Since the device returns a { session_key, spi } pair, risk of reuse
> > > is purely in firmware.
> 
> I don't think this is a requirement put forward in the spec?
> Specifically if a device wants to allow partitioning of the SPI
> space it may let the host pick the SPI. To me the device allocating 
> the SPIs seemed more like a convenience thing that a security feature
> to prevent reuse.

That's fair. AFAIK it is not a requirement.

Allowing the host to request a key for a specific SPI will open up the
risk of requesting the same key multiple times.

The simpler device implementation of only incrementing an internal SPI
counter from 1 until ((1<<31) - 1) and then triggering a rotation
trivially avoids that risk.

But indeed this may complicate partitioning between hosts (or even PFs
and VFs) compared to explicit allocation of an SPI space partition to
each.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ