| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250905132325.GF553991@horms.kernel.org>
Date: Fri, 5 Sep 2025 14:23:25 +0100
From: Simon Horman <horms@...nel.org>
To: alistair23@...il.com
Cc: chuck.lever@...cle.com, hare@...nel.org,
kernel-tls-handshake@...ts.linux.dev, netdev@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-doc@...r.kernel.org,
linux-nvme@...ts.infradead.org, linux-nfs@...r.kernel.org,
kbusch@...nel.org, axboe@...nel.dk, hch@....de, sagi@...mberg.me,
kch@...dia.com, Alistair Francis <alistair.francis@....com>
Subject: Re: [PATCH v2 5/7] net/handshake: Support KeyUpdate message types
On Fri, Sep 05, 2025 at 12:46:57PM +1000, alistair23@...il.com wrote:
> From: Alistair Francis <alistair.francis@....com>
>
> When reporting the msg-type to userspace let's also support reporting
> KeyUpdate events. This supports reporting a client/server event and if
> the other side requested a KeyUpdateRequest.
>
> Link: https://datatracker.ietf.org/doc/html/rfc8446#section-4.6.3
> Signed-off-by: Alistair Francis <alistair.francis@....com>
...
> diff --git a/Documentation/netlink/specs/handshake.yaml b/Documentation/netlink/specs/handshake.yaml
> index a273bc74d26f..1a3312fad410 100644
> --- a/Documentation/netlink/specs/handshake.yaml
> +++ b/Documentation/netlink/specs/handshake.yaml
> @@ -21,12 +21,17 @@ definitions:
> type: enum
> name: msg-type
> value-start: 0
> - entries: [unspec, clienthello, serverhello]
> + entries: [unspec, clienthello, serverhello, clientkeyupdate, clientkeyupdaterequest, serverkeyupdate, serverkeyupdaterequest]
> -
This line seems excessively long.
The preference is for lines no longer than 80 characters wide.
Flagged by yamllint.
...
> diff --git a/net/handshake/tlshd.c b/net/handshake/tlshd.c
...
> @@ -348,7 +361,8 @@ EXPORT_SYMBOL(tls_client_hello_x509);
> * %-ESRCH: No user agent is available
> * %-ENOMEM: Memory allocation failed
> */
Please also add keyupdate to the Kernel doc for this function.
Flagged by ./scripts/kernel-doc --none
> -int tls_client_hello_psk(const struct tls_handshake_args *args, gfp_t flags)
> +int tls_client_hello_psk(const struct tls_handshake_args *args, gfp_t flags,
> + handshake_key_update_type keyupdate)
> {
> struct tls_handshake_req *treq;
> struct handshake_req *req;
...
> @@ -410,7 +428,8 @@ EXPORT_SYMBOL(tls_server_hello_x509);
> * %-ESRCH: No user agent is available
> * %-ENOMEM: Memory allocation failed
> */
Ditto.
> -int tls_server_hello_psk(const struct tls_handshake_args *args, gfp_t flags)
> +int tls_server_hello_psk(const struct tls_handshake_args *args, gfp_t flags,
> + handshake_key_update_type keyupdate)
> {
> struct tls_handshake_req *treq;
> struct handshake_req *req;
...
Powered by blists - more mailing lists