lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <6877e092c394d_796ff294dc@willemb.c.googlers.com.notmuch>
Date: Wed, 16 Jul 2025 13:25:38 -0400
From: Willem de Bruijn <willemdebruijn.kernel@...il.com>
To: Daniel Zahka <daniel.zahka@...il.com>, 
 Donald Hunter <donald.hunter@...il.com>, 
 Jakub Kicinski <kuba@...nel.org>, 
 "David S. Miller" <davem@...emloft.net>, 
 Eric Dumazet <edumazet@...gle.com>, 
 Paolo Abeni <pabeni@...hat.com>, 
 Simon Horman <horms@...nel.org>, 
 Jonathan Corbet <corbet@....net>, 
 Andrew Lunn <andrew+netdev@...n.ch>
Cc: Saeed Mahameed <saeedm@...dia.com>, 
 Leon Romanovsky <leon@...nel.org>, 
 Tariq Toukan <tariqt@...dia.com>, 
 Boris Pismenny <borisp@...dia.com>, 
 Kuniyuki Iwashima <kuniyu@...gle.com>, 
 Willem de Bruijn <willemb@...gle.com>, 
 David Ahern <dsahern@...nel.org>, 
 Neal Cardwell <ncardwell@...gle.com>, 
 Patrisious Haddad <phaddad@...dia.com>, 
 Raed Salem <raeds@...dia.com>, 
 Jianbo Liu <jianbol@...dia.com>, 
 Dragos Tatulea <dtatulea@...dia.com>, 
 Rahul Rameshbabu <rrameshbabu@...dia.com>, 
 Stanislav Fomichev <sdf@...ichev.me>, 
 Toke Høiland-Jørgensen <toke@...hat.com>, 
 Alexander Lobakin <aleksander.lobakin@...el.com>, 
 Jacob Keller <jacob.e.keller@...el.com>, 
 netdev@...r.kernel.org
Subject: Re: [PATCH net-next v4 04/19] tcp: add datapath logic for PSP with
 inline key exchange

Daniel Zahka wrote:
> From: Jakub Kicinski <kuba@...nel.org>
> 
> Add validation points and state propagation to support PSP key
> exchange inline, on TCP connections. The expectation is that
> application will use some well established mechanism like TLS
> handshake to establish a secure channel over the connection and
> if both endpoints are PSP-capable - exchange and install PSP keys.
> Because the connection can existing in PSP-unsecured and PSP-secured
> state we need to make sure that there are no race conditions or
> retransmission leaks.
> 
> On Tx - mark packets with the skb->decrypted bit when PSP key
> is at the enqueue time. Drivers should only encrypt packets with
> this bit set. This prevents retransmissions getting encrypted when
> original transmission was not. Similarly to TLS, we'll use
> sk->sk_validate_xmit_skb to make sure PSP skbs can't "escape"
> via a PSP-unaware device without being encrypted.
> 
> On Rx - validation is done under socket lock. This moves the validation
> point later than xfrm, for example. Please see the documentation patch
> for more details on the flow of securing a connection, but for
> the purpose of this patch what's important is that we want to
> enforce the invariant that once connection is secured any skb
> in the receive queue has been encrypted with PSP.
> 
> Add trivialities like GRO and coalescing checks.
> 
> This change only adds the validation points, for ease of review.
> Subsequent change will add the ability to install keys, and flesh
> the enforcement logic out
> 
> Signed-off-by: Jakub Kicinski <kuba@...nel.org>
> Co-developed-by: Daniel Zahka <daniel.zahka@...il.com>
> Signed-off-by: Daniel Zahka <daniel.zahka@...il.com>

Reviewed-by: Willem de Bruijn <willemb@...gle.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ