| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CANn89iKSf=2AVyB8MCbjmw2zdTGqBqyPUMaqPY7E_aMWzsZOcg@mail.gmail.com> Date: Wed, 17 Sep 2025 20:42:50 -0700 From: Eric Dumazet <edumazet@...gle.com> To: Daniel Zahka <daniel.zahka@...il.com> Cc: Donald Hunter <donald.hunter@...il.com>, Jakub Kicinski <kuba@...nel.org>, "David S. Miller" <davem@...emloft.net>, Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>, Jonathan Corbet <corbet@....net>, Andrew Lunn <andrew+netdev@...n.ch>, Saeed Mahameed <saeedm@...dia.com>, Leon Romanovsky <leon@...nel.org>, Tariq Toukan <tariqt@...dia.com>, Boris Pismenny <borisp@...dia.com>, Kuniyuki Iwashima <kuniyu@...gle.com>, Willem de Bruijn <willemb@...gle.com>, David Ahern <dsahern@...nel.org>, Neal Cardwell <ncardwell@...gle.com>, Patrisious Haddad <phaddad@...dia.com>, Raed Salem <raeds@...dia.com>, Jianbo Liu <jianbol@...dia.com>, Dragos Tatulea <dtatulea@...dia.com>, Rahul Rameshbabu <rrameshbabu@...dia.com>, Stanislav Fomichev <sdf@...ichev.me>, Toke Høiland-Jørgensen <toke@...hat.com>, Alexander Lobakin <aleksander.lobakin@...el.com>, Kiran Kella <kiran.kella@...adcom.com>, Jacob Keller <jacob.e.keller@...el.com>, netdev@...r.kernel.org Subject: Re: [PATCH net-next v13 04/19] tcp: add datapath logic for PSP with inline key exchange On Tue, Sep 16, 2025 at 5:10 PM Daniel Zahka <daniel.zahka@...il.com> wrote: > > From: Jakub Kicinski <kuba@...nel.org> > > Add validation points and state propagation to support PSP key > exchange inline, on TCP connections. The expectation is that > application will use some well established mechanism like TLS > handshake to establish a secure channel over the connection and > if both endpoints are PSP-capable - exchange and install PSP keys. > Because the connection can existing in PSP-unsecured and PSP-secured > state we need to make sure that there are no race conditions or > retransmission leaks. > > On Tx - mark packets with the skb->decrypted bit when PSP key > is at the enqueue time. Drivers should only encrypt packets with > this bit set. This prevents retransmissions getting encrypted when > original transmission was not. Similarly to TLS, we'll use > sk->sk_validate_xmit_skb to make sure PSP skbs can't "escape" > via a PSP-unaware device without being encrypted. > > On Rx - validation is done under socket lock. This moves the validation > point later than xfrm, for example. Please see the documentation patch > for more details on the flow of securing a connection, but for > the purpose of this patch what's important is that we want to > enforce the invariant that once connection is secured any skb > in the receive queue has been encrypted with PSP. > > Add GRO and coalescing checks to prevent PSP authenticated data from > being combined with cleartext data, or data with non-matching PSP > state. On Rx, check skb's with psp_skb_coalesce_diff() at points > before psp_sk_rx_policy_check(). After skb's are policy checked and on > the socket receive queue, skb_cmp_decrypted() is sufficient for > checking for coalescable PSP state. On Tx, tcp_write_collapse_fence() > should be called when transitioning a socket into PSP Tx state to > prevent data sent as cleartext from being coalesced with PSP > encapsulated data. > > This change only adds the validation points, for ease of review. > Subsequent change will add the ability to install keys, and flesh > the enforcement logic out > > Reviewed-by: Willem de Bruijn <willemb@...gle.com> > Signed-off-by: Jakub Kicinski <kuba@...nel.org> > Co-developed-by: Daniel Zahka <daniel.zahka@...il.com> > Signed-off-by: Daniel Zahka <daniel.zahka@...il.com> Reviewed-by: Eric Dumazet <edumazet@...gle.com>
Powered by blists - more mailing lists