Lines Matching +full:data +full:- +full:active
1 // SPDX-License-Identifier: GPL-2.0
30 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
94 * struct tipc_key - TIPC keys' status indicator
97 * +-----+-----+-----+-----+-----+-----+-----+-----+
98 * key: | (reserved)|passive idx| active idx|pending idx|
99 * +-----+-----+-----+-----+-----+-----+-----+-----+
103 #define KEY_MASK ((1 << KEY_BITS) - 1)
108 active:2,
114 active:2,
125 * struct tipc_tfm - TIPC TFM structure to form a list of TFMs
135 * struct tipc_aead - TIPC AEAD key structure
136 * @tfm_entry: per-cpu pointer to one entry in TFM list
170 * struct tipc_crypto_stats - TIPC Crypto statistics
178 * struct tipc_crypto - TIPC TX/RX crypto structure
182 * @peer_rx_active: replicated peer RX active key index
193 * @sndnxt: the per-peer sndnxt (TX)
238 /* struct tipc_crypto_tx_ctx - TX context for callbacks */
245 /* struct tipc_crypto_rx_ctx - RX context for callbacks */
270 static void tipc_aead_encrypt_done(void *data, int err);
273 static void tipc_aead_decrypt_done(void *data, int err);
310 #define is_tx(crypto) (!(crypto)->node)
330 * tipc_aead_key_validate - Validate a AEAD user key
331 * @ukey: pointer to user key data
339 if (unlikely(!crypto_has_alg(ukey->alg_name, 0, 0))) {
341 return -ENODEV;
345 if (strcmp(ukey->alg_name, "gcm(aes)")) {
347 return -ENOTSUPP;
351 keylen = ukey->keylen - TIPC_AES_GCM_SALT_SIZE;
356 return -EKEYREJECTED;
363 * tipc_aead_key_generate - Generate new session key
371 return crypto_stdrng_get_bytes(skey->key, skey->keylen);
380 if (unlikely(!tmp || !refcount_inc_not_zero(&tmp->refcnt)))
389 if (aead && refcount_dec_and_test(&aead->refcnt))
390 call_rcu(&aead->rcu, tipc_aead_free);
394 * tipc_aead_free - Release AEAD key incl. all the TFMs in the list
402 if (aead->cloned) {
403 tipc_aead_put(aead->cloned);
405 head = *get_cpu_ptr(aead->tfm_entry);
406 put_cpu_ptr(aead->tfm_entry);
407 list_for_each_entry_safe(tfm_entry, tmp, &head->list, list) {
408 crypto_free_aead(tfm_entry->tfm);
409 list_del(&tfm_entry->list);
413 crypto_free_aead(head->tfm);
414 list_del(&head->list);
417 free_percpu(aead->tfm_entry);
418 kfree_sensitive(aead->key);
430 users = atomic_read(&tmp->users);
443 atomic_add_unless(&tmp->users, 1, lim);
454 atomic_add_unless(&tmp->users, -1, lim);
467 cur = atomic_read(&tmp->users);
470 } while (atomic_cmpxchg(&tmp->users, cur, val) != cur);
476 * tipc_aead_tfm_next - Move TFM entry to the next one in list and return it
484 tfm_entry = get_cpu_ptr(aead->tfm_entry);
486 tfm = (*tfm_entry)->tfm;
493 * tipc_aead_init - Initiate TIPC AEAD
495 * @ukey: pointer to user key data
499 * key data if valid. The number of the allocated TFMs can be set via the sysfs
501 * Also, all the other AEAD data are also initialized.
515 return -EEXIST;
520 return -ENOMEM;
522 /* The key consists of two parts: [AES-KEY][SALT] */
523 keylen = ukey->keylen - TIPC_AES_GCM_SALT_SIZE;
525 /* Allocate per-cpu TFM entry pointer */
526 tmp->tfm_entry = alloc_percpu(struct tipc_tfm *);
527 if (!tmp->tfm_entry) {
529 return -ENOMEM;
532 /* Make a list of TFMs with the user key data */
534 tfm = crypto_alloc_aead(ukey->alg_name, 0, 0);
543 err = -ENOTSUPP;
548 err |= crypto_aead_setkey(tfm, ukey->key, keylen);
557 err = -ENOMEM;
560 INIT_LIST_HEAD(&tfm_entry->list);
561 tfm_entry->tfm = tfm;
567 *per_cpu_ptr(tmp->tfm_entry, cpu) = head;
570 list_add_tail(&tfm_entry->list, &head->list);
577 free_percpu(tmp->tfm_entry);
583 bin2hex(tmp->hint, ukey->key + keylen - TIPC_AEAD_HINT_LEN,
586 /* Initialize the other data */
587 tmp->mode = mode;
588 tmp->cloned = NULL;
589 tmp->authsize = TIPC_AES_GCM_TAG_SIZE;
590 tmp->key = kmemdup(ukey, tipc_aead_key_size(ukey), GFP_KERNEL);
591 if (!tmp->key) {
592 tipc_aead_free(&tmp->rcu);
593 return -ENOMEM;
595 memcpy(&tmp->salt, ukey->key + keylen, TIPC_AES_GCM_SALT_SIZE);
596 atomic_set(&tmp->users, 0);
597 atomic64_set(&tmp->seqno, 0);
598 refcount_set(&tmp->refcnt, 1);
605 * tipc_aead_clone - Clone a TIPC AEAD key
609 * Make a "copy" of the source AEAD key data to the dest, the TFMs list is
614 * Note: this must be done in cluster-key mode only!
623 return -ENOKEY;
625 if (src->mode != CLUSTER_KEY)
626 return -EINVAL;
629 return -EEXIST;
633 return -ENOMEM;
635 aead->tfm_entry = alloc_percpu_gfp(struct tipc_tfm *, GFP_ATOMIC);
636 if (unlikely(!aead->tfm_entry)) {
638 return -ENOMEM;
642 *per_cpu_ptr(aead->tfm_entry, cpu) =
643 *per_cpu_ptr(src->tfm_entry, cpu);
646 memcpy(aead->hint, src->hint, sizeof(src->hint));
647 aead->mode = src->mode;
648 aead->salt = src->salt;
649 aead->authsize = src->authsize;
650 atomic_set(&aead->users, 0);
651 atomic64_set(&aead->seqno, 0);
652 refcount_set(&aead->refcnt, 1);
654 WARN_ON(!refcount_inc_not_zero(&src->refcnt));
655 aead->cloned = src;
662 * tipc_aead_mem_alloc - Allocate memory for AEAD request operations
665 * @iv: returned pointer to IV data
666 * @req: returned pointer to AEAD request data
670 * Allocate memory to store the crypto context data, AEAD request, IV and SG
690 len += crypto_aead_alignmask(tfm) & ~(crypto_tfm_ctx_alignment() - 1);
711 * tipc_aead_encrypt - Encrypt a message
720 * * -EINPROGRESS/-EBUSY : if a callback will be performed
739 /* Make sure message len at least 4-byte aligned */
740 len = ALIGN(skb->len, 4);
741 tailen = len - skb->len + aead->authsize;
766 return -ENOMEM;
767 TIPC_SKB_CB(skb)->crypto_ctx = ctx;
771 rc = skb_to_sgvec(skb, sg, 0, skb->len);
778 * In case we're in cluster-key mode, SALT is varied by xor-ing with
782 ehdr = (struct tipc_ehdr *)skb->data;
783 salt = aead->salt;
784 if (aead->mode == CLUSTER_KEY)
785 salt ^= __be32_to_cpu(ehdr->addr);
789 memcpy(iv + 4, (u8 *)&ehdr->seqno, 8);
795 aead_request_set_crypt(req, sg, sg, len - ehsz, iv);
797 /* Set callback function & data */
801 tx_ctx->aead = aead;
802 tx_ctx->bearer = b;
803 memcpy(&tx_ctx->dst, dst, sizeof(*dst));
807 rc = -ENODEV;
812 if (!maybe_get_net(aead->crypto->net)) {
814 rc = -ENODEV;
820 if (rc == -EINPROGRESS || rc == -EBUSY)
824 put_net(aead->crypto->net);
828 TIPC_SKB_CB(skb)->crypto_ctx = NULL;
832 static void tipc_aead_encrypt_done(void *data, int err)
834 struct sk_buff *skb = data;
835 struct tipc_crypto_tx_ctx *tx_ctx = TIPC_SKB_CB(skb)->crypto_ctx;
836 struct tipc_bearer *b = tx_ctx->bearer;
837 struct tipc_aead *aead = tx_ctx->aead;
838 struct tipc_crypto *tx = aead->crypto;
839 struct net *net = tx->net;
843 this_cpu_inc(tx->stats->stat[STAT_ASYNC_OK]);
845 if (likely(test_bit(0, &b->up)))
846 b->media->send_msg(net, skb, b, &tx_ctx->dst);
851 case -EINPROGRESS:
854 this_cpu_inc(tx->stats->stat[STAT_ASYNC_NOK]);
866 * tipc_aead_decrypt - Decrypt an encrypted message
874 * * -EINPROGRESS/-EBUSY : if a callback will be performed
892 return -ENOKEY;
904 return -ENOMEM;
905 TIPC_SKB_CB(skb)->crypto_ctx = ctx;
909 rc = skb_to_sgvec(skb, sg, 0, skb->len);
916 ehdr = (struct tipc_ehdr *)skb->data;
917 salt = aead->salt;
918 if (aead->mode == CLUSTER_KEY)
919 salt ^= __be32_to_cpu(ehdr->addr);
920 else if (ehdr->destined)
923 memcpy(iv + 4, (u8 *)&ehdr->seqno, 8);
929 aead_request_set_crypt(req, sg, sg, skb->len - ehsz, iv);
931 /* Set callback function & data */
935 rx_ctx->aead = aead;
936 rx_ctx->bearer = b;
940 rc = -ENODEV;
946 if (rc == -EINPROGRESS || rc == -EBUSY)
953 TIPC_SKB_CB(skb)->crypto_ctx = NULL;
957 static void tipc_aead_decrypt_done(void *data, int err)
959 struct sk_buff *skb = data;
960 struct tipc_crypto_rx_ctx *rx_ctx = TIPC_SKB_CB(skb)->crypto_ctx;
961 struct tipc_bearer *b = rx_ctx->bearer;
962 struct tipc_aead *aead = rx_ctx->aead;
963 struct tipc_crypto_stats __percpu *stats = aead->crypto->stats;
964 struct net *net = aead->crypto->net;
968 this_cpu_inc(stats->stat[STAT_ASYNC_OK]);
970 case -EINPROGRESS:
973 this_cpu_inc(stats->stat[STAT_ASYNC_NOK]);
980 if (likely(test_bit(0, &b->up)))
991 return (ehdr->user != LINK_CONFIG) ? EHDR_SIZE : EHDR_CFG_SIZE;
995 * tipc_ehdr_validate - Validate an encryption message
1008 ehdr = (struct tipc_ehdr *)skb->data;
1009 if (unlikely(ehdr->version != TIPC_EVERSION))
1014 if (unlikely(skb->len <= ehsz + TIPC_AES_GCM_TAG_SIZE))
1021 * tipc_ehdr_build - Build TIPC encryption message header
1047 * cluster key mode, otherwise it's better for a per-peer seqno!
1049 if (!__rx || aead->mode == CLUSTER_KEY)
1050 seqno = atomic64_inc_return(&aead->seqno);
1052 seqno = atomic64_inc_return(&__rx->sndnxt);
1058 /* Word 1-2 */
1059 ehdr->seqno = cpu_to_be64(seqno);
1061 /* Words 0, 3- */
1062 ehdr->version = TIPC_EVERSION;
1063 ehdr->user = 0;
1064 ehdr->keepalive = 0;
1065 ehdr->tx_key = tx_key;
1066 ehdr->destined = (__rx) ? 1 : 0;
1067 ehdr->rx_key_active = (__rx) ? __rx->key.active : 0;
1068 ehdr->rx_nokey = (__rx) ? __rx->nokey : 0;
1069 ehdr->master_key = aead->crypto->key_master;
1070 ehdr->reserved_1 = 0;
1071 ehdr->reserved_2 = 0;
1075 ehdr->user = LINK_CONFIG;
1076 memcpy(ehdr->id, tipc_own_id(net), NODE_ID_LEN);
1080 ehdr->user = LINK_PROTOCOL;
1081 ehdr->keepalive = msg_is_keepalive(hdr);
1083 ehdr->addr = hdr->hdr[3];
1095 struct tipc_key old = c->key;
1098 c->key.keys = ((new_passive & KEY_MASK) << (KEY_BITS * 2)) |
1102 pr_debug("%s: key changing %s ::%pS\n", c->name,
1103 tipc_key_change_dump(old, c->key, buf),
1108 * tipc_crypto_key_init - Initiate a new user / AEAD key
1132 tipc_aead_free(&aead->rcu);
1139 * tipc_crypto_key_attach - Attach a new AEAD key to TIPC crypto
1145 * Return: new key id in case of success, otherwise: -EBUSY
1152 int rc = -EBUSY;
1155 spin_lock_bh(&c->lock);
1156 key = c->key;
1161 if (key.active && key.passive)
1164 if (tipc_aead_users(c->aead[key.pending]) > 0)
1171 if (key.active && pos != key_next(key.active)) {
1175 } else if (!key.active && !key.passive) {
1181 key.pending = key_next(key.active ?: key.passive);
1186 aead->crypto = c;
1187 aead->gen = (is_tx(c)) ? ++c->key_gen : c->key_gen;
1188 tipc_aead_rcu_replace(c->aead[new_key], aead, &c->lock);
1189 if (likely(c->key.keys != key.keys))
1190 tipc_crypto_key_set_state(c, key.passive, key.active,
1192 c->working = 1;
1193 c->nokey = 0;
1194 c->key_master |= master_key;
1198 spin_unlock_bh(&c->lock);
1207 spin_lock_bh(&c->lock);
1211 tx = tipc_net(rx->net)->crypto_tx;
1212 if (cancel_delayed_work(&rx->work)) {
1213 kfree_sensitive(rx->skey);
1214 rx->skey = NULL;
1215 atomic_xchg(&rx->key_distr, 0);
1216 tipc_node_put(rx->node);
1219 k = atomic_xchg(&rx->peer_rx_active, 0);
1221 tipc_aead_users_dec(tx->aead[k], 0);
1223 tx->timer1 = jiffies;
1227 c->flags = 0;
1230 tipc_crypto_key_detach(c->aead[k], &c->lock);
1231 atomic64_set(&c->sndnxt, 0);
1232 spin_unlock_bh(&c->lock);
1236 * tipc_crypto_key_try_align - Align RX keys if possible
1242 * That means, there must be no active key but a pending key at unaligned slot.
1256 spin_lock(&rx->lock);
1257 key = rx->key;
1262 if (key.active)
1266 if (tipc_aead_users(rx->aead[key.pending]) > 0)
1270 tmp1 = tipc_aead_rcu_ptr(rx->aead[key.pending], &rx->lock);
1271 if (!refcount_dec_if_one(&tmp1->refcnt))
1273 rcu_assign_pointer(rx->aead[key.pending], NULL);
1277 tmp2 = rcu_replace_pointer(rx->aead[key.passive], tmp2, lockdep_is_held(&rx->lock));
1278 x = (key.passive - key.pending + new_pending) % KEY_MAX;
1282 /* Re-allocate the key(s) */
1284 rcu_assign_pointer(rx->aead[new_pending], tmp1);
1286 rcu_assign_pointer(rx->aead[new_passive], tmp2);
1287 refcount_set(&tmp1->refcnt, 1);
1289 pr_info_ratelimited("%s: key[%d] -> key[%d]\n", rx->name, key.pending,
1293 spin_unlock(&rx->lock);
1298 * tipc_crypto_key_pick_tx - Pick one TX key for message decryption
1317 struct tipc_key key = tx->key;
1320 /* Initialize data if not yet */
1321 if (!skb_cb->tx_clone_deferred) {
1322 skb_cb->tx_clone_deferred = 1;
1323 memset(&skb_cb->tx_clone_ctx, 0, sizeof(skb_cb->tx_clone_ctx));
1326 skb_cb->tx_clone_ctx.rx = rx;
1327 if (++skb_cb->tx_clone_ctx.recurs > 2)
1331 spin_lock(&tx->lock);
1333 aead = tipc_aead_rcu_ptr(tx->aead[KEY_MASTER], &tx->lock);
1338 ((i == 1) ? key.active : key.passive);
1341 aead = tipc_aead_rcu_ptr(tx->aead[k], &tx->lock);
1344 if (aead->mode != CLUSTER_KEY ||
1345 aead == skb_cb->tx_clone_ctx.last) {
1350 skb_cb->tx_clone_ctx.last = aead;
1351 WARN_ON(skb->next);
1352 skb->next = skb_clone(skb, GFP_ATOMIC);
1353 if (unlikely(!skb->next))
1360 WARN_ON(!refcount_inc_not_zero(&aead->refcnt));
1361 spin_unlock(&tx->lock);
1367 * tipc_crypto_key_synch: Synch own key data according to peer key status
1371 * This function updates the peer node related data as the peer RX active key
1379 * The "per-peer" sndnxt is also reset when the peer key has switched.
1384 struct tipc_crypto *tx = tipc_net(rx->net)->crypto_tx;
1386 u32 self = tipc_own_addr(rx->net);
1393 rx->key_master = ehdr->master_key;
1394 if (!rx->key_master)
1395 tx->legacy_user = 1;
1398 if (!ehdr->destined || msg_short(hdr) || msg_destnode(hdr) != self)
1402 if (ehdr->rx_nokey) {
1404 tx->timer2 = jiffies;
1406 if (tx->key.keys &&
1407 !atomic_cmpxchg(&rx->key_distr, 0, KEY_DISTR_SCHED)) {
1411 if (queue_delayed_work(tx->wq, &rx->work, delay))
1412 tipc_node_get(rx->node);
1416 atomic_xchg(&rx->key_distr, 0);
1419 /* Case 2: Peer RX active key has changed, let's update own TX users */
1420 cur = atomic_read(&rx->peer_rx_active);
1421 new = ehdr->rx_key_active;
1422 if (tx->key.keys &&
1424 atomic_cmpxchg(&rx->peer_rx_active, cur, new) == cur) {
1426 tipc_aead_users_inc(tx->aead[new], INT_MAX);
1428 tipc_aead_users_dec(tx->aead[cur], 0);
1430 atomic64_set(&rx->sndnxt, 0);
1432 tx->timer1 = jiffies;
1434 pr_debug("%s: key users changed %d-- %d++, peer %s\n",
1435 tx->name, cur, new, rx->name);
1441 struct tipc_crypto *tx = tipc_net(net)->crypto_tx;
1444 spin_lock_bh(&tx->lock);
1445 key = tx->key;
1446 WARN_ON(!key.active || tx_key != key.active);
1448 /* Free the active key */
1450 tipc_crypto_key_detach(tx->aead[key.active], &tx->lock);
1451 spin_unlock_bh(&tx->lock);
1453 pr_warn("%s: key is revoked\n", tx->name);
1454 return -EKEYREVOKED;
1463 return -EEXIST;
1468 return -ENOMEM;
1472 c->wq = alloc_ordered_workqueue("tipc_crypto", 0);
1473 if (!c->wq) {
1475 return -ENOMEM;
1480 c->stats = alloc_percpu_gfp(struct tipc_crypto_stats, GFP_ATOMIC);
1481 if (!c->stats) {
1482 if (c->wq)
1483 destroy_workqueue(c->wq);
1485 return -ENOMEM;
1488 c->flags = 0;
1489 c->net = net;
1490 c->node = node;
1491 get_random_bytes(&c->key_gen, 2);
1493 atomic_set(&c->key_distr, 0);
1494 atomic_set(&c->peer_rx_active, 0);
1495 atomic64_set(&c->sndnxt, 0);
1496 c->timer1 = jiffies;
1497 c->timer2 = jiffies;
1498 c->rekeying_intv = TIPC_REKEYING_INTV_DEF;
1499 spin_lock_init(&c->lock);
1500 scnprintf(c->name, 48, "%s(%s)", (is_rx(c)) ? "RX" : "TX",
1501 (is_rx(c)) ? tipc_node_get_id_str(c->node) :
1502 tipc_own_id_string(c->net));
1505 INIT_DELAYED_WORK(&c->work, tipc_crypto_work_rx);
1507 INIT_DELAYED_WORK(&c->work, tipc_crypto_work_tx);
1523 c->rekeying_intv = 0;
1524 cancel_delayed_work_sync(&c->work);
1525 destroy_workqueue(c->wq);
1531 tipc_aead_put(rcu_dereference(c->aead[k]));
1533 pr_debug("%s: has been stopped\n", c->name);
1536 free_percpu(c->stats);
1544 struct tipc_net *tn = tipc_net(rx->net);
1545 struct tipc_crypto *tx = tn->crypto_tx;
1549 /* TX pending: taking all users & stable -> active */
1550 spin_lock(&tx->lock);
1551 key = tx->key;
1552 if (key.active && tipc_aead_users(tx->aead[key.active]) > 0)
1554 if (!key.pending || tipc_aead_users(tx->aead[key.pending]) <= 0)
1556 if (time_before(jiffies, tx->timer1 + TIPC_TX_LASTING_TIME))
1560 if (key.active)
1561 tipc_crypto_key_detach(tx->aead[key.active], &tx->lock);
1562 this_cpu_inc(tx->stats->stat[STAT_SWITCHES]);
1563 pr_info("%s: key[%d] is activated\n", tx->name, key.pending);
1566 spin_unlock(&tx->lock);
1568 /* RX pending: having user -> active */
1569 spin_lock(&rx->lock);
1570 key = rx->key;
1571 if (!key.pending || tipc_aead_users(rx->aead[key.pending]) <= 0)
1574 if (key.active)
1575 key.passive = key.active;
1576 key.active = key.pending;
1577 rx->timer2 = jiffies;
1578 tipc_crypto_key_set_state(rx, key.passive, key.active, 0);
1579 this_cpu_inc(rx->stats->stat[STAT_SWITCHES]);
1580 pr_info("%s: key[%d] is activated\n", rx->name, key.pending);
1584 /* RX pending: not working -> remove */
1585 if (!key.pending || tipc_aead_users(rx->aead[key.pending]) > -10)
1588 tipc_crypto_key_set_state(rx, key.passive, key.active, 0);
1589 tipc_crypto_key_detach(rx->aead[key.pending], &rx->lock);
1590 pr_debug("%s: key[%d] is removed\n", rx->name, key.pending);
1594 /* RX active: timed out or no user -> pending */
1595 if (!key.active)
1597 if (time_before(jiffies, rx->timer1 + TIPC_RX_ACTIVE_LIM) &&
1598 tipc_aead_users(rx->aead[key.active]) > 0)
1602 key.passive = key.active;
1604 key.pending = key.active;
1605 rx->timer2 = jiffies;
1607 tipc_aead_users_set(rx->aead[key.pending], 0);
1608 pr_debug("%s: key[%d] is deactivated\n", rx->name, key.active);
1612 /* RX passive: outdated or not working -> free */
1615 if (time_before(jiffies, rx->timer2 + TIPC_RX_PASSIVE_LIM) &&
1616 tipc_aead_users(rx->aead[key.passive]) > -10)
1619 tipc_crypto_key_set_state(rx, 0, key.active, key.pending);
1620 tipc_crypto_key_detach(rx->aead[key.passive], &rx->lock);
1621 pr_debug("%s: key[%d] is freed\n", rx->name, key.passive);
1624 spin_unlock(&rx->lock);
1629 if (time_after(jiffies, tx->timer2 + TIPC_TX_GRACE_PERIOD))
1630 tx->legacy_user = 0;
1638 tipc_crypto_do_cmd(rx->net, cmd);
1650 TIPC_SKB_CB(skb)->xmit_type = type;
1653 b->media->send_msg(net, skb, b, dst);
1658 * tipc_crypto_xmit - Build & encrypt TIPC message for xmit
1666 * encrypt the original TIPC message by using the pending, master or active
1674 * * -EINPROGRESS/-EBUSY : the encryption is ongoing, a callback will be made
1675 * * -ENOKEK : the encryption has failed due to no key
1676 * * -EKEYREVOKED : the encryption has failed due to key revoked
1677 * * -ENOMEM : the encryption has failed due to no memory
1685 struct tipc_crypto *tx = tipc_net(net)->crypto_tx;
1686 struct tipc_crypto_stats __percpu *stats = tx->stats;
1688 struct tipc_key key = tx->key;
1692 int rc = -ENOKEY;
1696 if (!tx->working)
1699 /* Pending key if peer has active on it or probing time */
1702 if (!tx->key_master && !key.active)
1704 if (__rx && atomic_read(&__rx->peer_rx_active) == tx_key)
1706 if (TIPC_SKB_CB(*skb)->xmit_type == SKB_PROBING) {
1707 pr_debug("%s: probing for key[%d]\n", tx->name,
1717 if (tx->key_master) {
1719 if (!key.active)
1721 if (TIPC_SKB_CB(*skb)->xmit_type == SKB_GRACING) {
1722 pr_debug("%s: gracing for msg (%d %d)\n", tx->name,
1729 time_before(jiffies, tx->timer2 + TIPC_TX_GRACE_PERIOD)) {
1730 if (__rx && __rx->key_master &&
1731 !atomic_read(&__rx->peer_rx_active))
1734 if (likely(!tx->legacy_user))
1742 /* Else, use the active key if any */
1743 if (likely(key.active)) {
1744 tx_key = key.active;
1751 aead = tipc_aead_get(tx->aead[tx_key]);
1761 this_cpu_inc(stats->stat[STAT_OK]);
1763 case -EINPROGRESS:
1764 case -EBUSY:
1765 this_cpu_inc(stats->stat[STAT_ASYNC]);
1769 this_cpu_inc(stats->stat[STAT_NOK]);
1770 if (rc == -ENOKEY)
1771 this_cpu_inc(stats->stat[STAT_NOKEYS]);
1772 else if (rc == -EKEYREVOKED)
1773 this_cpu_inc(stats->stat[STAT_BADKEYS]);
1784 * tipc_crypto_rcv - Decrypt an encrypted TIPC message from peer
1794 * Note: RX key(s) can be re-aligned, or in case of no key suitable, TX
1795 * cluster key(s) can be taken for decryption (- recursive).
1799 * * -EINPROGRESS/-EBUSY : the decryption is ongoing, a callback will be made
1800 * * -ENOKEY : the decryption has failed due to no key
1801 * * -EBADMSG : the decryption has failed due to bad message
1802 * * -ENOMEM : the decryption has failed due to no memory
1808 struct tipc_crypto *tx = tipc_net(net)->crypto_tx;
1812 int rc = -ENOKEY;
1815 tx_key = ((struct tipc_ehdr *)(*skb)->data)->tx_key;
1824 key = rx->key;
1825 if (tx_key == key.active || tx_key == key.pending ||
1843 aead = tipc_aead_get(rx->aead[tx_key]);
1848 stats = ((rx) ?: tx)->stats;
1851 this_cpu_inc(stats->stat[STAT_OK]);
1853 case -EINPROGRESS:
1854 case -EBUSY:
1855 this_cpu_inc(stats->stat[STAT_ASYNC]);
1859 this_cpu_inc(stats->stat[STAT_NOK]);
1860 if (rc == -ENOKEY) {
1864 /* Mark rx->nokey only if we dont have a
1869 rx->nokey = !(rx->skey ||
1870 rcu_access_pointer(rx->aead[n]));
1872 rx->name, rx->nokey,
1873 tx_key, rx->key.keys);
1874 tipc_node_put(rx->node);
1876 this_cpu_inc(stats->stat[STAT_NOKEYS]);
1878 } else if (rc == -EBADMSG) {
1879 this_cpu_inc(stats->stat[STAT_BADMSGS]);
1893 struct tipc_crypto *rx = aead->crypto;
1899 if (unlikely(is_tx(aead->crypto))) {
1900 rx = skb_cb->tx_clone_ctx.rx;
1901 pr_debug("TX->RX(%s): err %d, aead %p, skb->next %p, flags %x\n",
1902 (rx) ? tipc_node_get_id_str(rx->node) : "-", err, aead,
1903 (*skb)->next, skb_cb->flags);
1904 pr_debug("skb_cb [recurs %d, last %p], tx->aead [%p %p %p]\n",
1905 skb_cb->tx_clone_ctx.recurs, skb_cb->tx_clone_ctx.last,
1906 aead->crypto->aead[1], aead->crypto->aead[2],
1907 aead->crypto->aead[3]);
1909 if (err == -EBADMSG && (*skb)->next)
1910 tipc_rcv(net, (*skb)->next, b);
1914 if (likely((*skb)->next)) {
1915 kfree_skb((*skb)->next);
1916 (*skb)->next = NULL;
1918 ehdr = (struct tipc_ehdr *)(*skb)->data;
1920 WARN_ON(ehdr->user != LINK_CONFIG);
1921 n = tipc_node_create(net, 0, ehdr->id, 0xffffu, 0,
1929 if (ehdr->tx_key == KEY_MASTER)
1933 WARN_ON(!refcount_inc_not_zero(&tmp->refcnt));
1934 if (tipc_crypto_key_attach(rx, tmp, ehdr->tx_key, false) < 0) {
1935 tipc_aead_free(&tmp->rcu);
1951 rx->timer1 = jiffies;
1955 ehdr = (struct tipc_ehdr *)(*skb)->data;
1958 if (rx->key.passive && ehdr->tx_key == rx->key.passive)
1959 rx->timer2 = jiffies;
1963 if (pskb_trim(*skb, (*skb)->len - aead->authsize))
1975 /* Re-fetch skb cb as skb might be changed in tipc_msg_validate */
1979 skb_cb->decrypted = 1;
1982 if (likely(!skb_cb->tx_clone_deferred))
1984 skb_cb->tx_clone_deferred = 0;
1985 memset(&skb_cb->tx_clone_ctx, 0, sizeof(skb_cb->tx_clone_ctx));
1995 tipc_node_put(rx->node);
2001 struct tipc_crypto *tx = tn->crypto_tx, *rx;
2025 for (p = tn->node_list.next; p != &tn->node_list; p = p->next) {
2027 pr_info("RX(%7.7s)\n%s", tipc_node_get_id_str(rx->node),
2034 j += scnprintf(buf + j, 200 - j, "|%11s ", hstats[i]);
2037 memset(buf, '-', 115);
2044 stat = per_cpu_ptr(tx->stats, cpu)->stat[i];
2045 j += scnprintf(buf + j, 200 - j, "|%11d ", stat);
2052 for (p = tn->node_list.next; p != &tn->node_list; p = p->next) {
2055 tipc_node_get_id_str(rx->node));
2058 stat = per_cpu_ptr(rx->stats, cpu)->stat[i];
2059 j += scnprintf(buf + j, 200 - j, "|%11d ",
2073 struct tipc_key key = c->key;
2083 c->timer2 + TIPC_TX_GRACE_PERIOD))
2090 else if (k == key.active)
2095 s = "-";
2097 i += scnprintf(buf + i, 200 - i, "\tKey%d: %s", k, s);
2100 aead = rcu_dereference(c->aead[k]);
2102 i += scnprintf(buf + i, 200 - i,
2104 aead->hint,
2105 (aead->mode == CLUSTER_KEY) ? "c" : "p",
2106 atomic_read(&aead->users),
2107 refcount_read(&aead->refcnt));
2109 i += scnprintf(buf + i, 200 - i, "\n");
2113 i += scnprintf(buf + i, 200 - i, "\tPeer RX active: %d\n",
2114 atomic_read(&c->peer_rx_active));
2126 /* Output format: "[%s %s %s] -> [%s %s %s]", max len = 32 */
2128 i += scnprintf(buf + i, 32 - i, "[");
2130 if (k == key->passive)
2132 else if (k == key->active)
2134 else if (k == key->pending)
2137 s = "-";
2138 i += scnprintf(buf + i, 32 - i,
2142 i += scnprintf(buf + i, 32 - i, "] -> ");
2146 i += scnprintf(buf + i, 32 - i, "]");
2151 * tipc_crypto_msg_rcv - Common 'MSG_CRYPTO' processing point
2177 tipc_node_put(rx->node);
2184 * tipc_crypto_key_distr - Distribute a TX key
2196 int rc = -ENOKEY;
2203 aead = tipc_aead_get(tx->aead[key]);
2205 rc = tipc_crypto_key_xmit(tx->net, aead->key,
2206 aead->gen, aead->mode,
2217 * tipc_crypto_key_xmit - Send a session key
2225 * as its data section, then xmit-ed through the uc/bc link.
2236 u8 *data;
2242 return -ENOMEM;
2251 data = msg_data(hdr);
2252 *((__be32 *)(data + TIPC_AEAD_ALG_NAME)) = htonl(skey->keylen);
2253 memcpy(data, skey->alg_name, TIPC_AEAD_ALG_NAME);
2254 memcpy(data + TIPC_AEAD_ALG_NAME + sizeof(__be32), skey->key,
2255 skey->keylen);
2268 * tipc_crypto_key_rcv - Receive a session key
2270 * @hdr: the TIPC v2 message incl. the receiving session key in its data
2280 struct tipc_crypto *tx = tipc_net(rx->net)->crypto_tx;
2284 u8 *data = msg_data(hdr);
2289 pr_debug("%s: message data size is too small\n", rx->name);
2293 keylen = ntohl(*((__be32 *)(data + TIPC_AEAD_ALG_NAME)));
2298 pr_debug("%s: invalid MSG_CRYPTO key size\n", rx->name);
2302 spin_lock(&rx->lock);
2303 if (unlikely(rx->skey || (key_gen == rx->key_gen && rx->key.keys))) {
2304 pr_err("%s: key existed <%p>, gen %d vs %d\n", rx->name,
2305 rx->skey, key_gen, rx->key_gen);
2312 pr_err("%s: unable to allocate memory for skey\n", rx->name);
2316 /* Copy key from msg data */
2317 skey->keylen = keylen;
2318 memcpy(skey->alg_name, data, TIPC_AEAD_ALG_NAME);
2319 memcpy(skey->key, data + TIPC_AEAD_ALG_NAME + sizeof(__be32),
2320 skey->keylen);
2322 rx->key_gen = key_gen;
2323 rx->skey_mode = msg_key_mode(hdr);
2324 rx->skey = skey;
2325 rx->nokey = 0;
2329 spin_unlock(&rx->lock);
2333 if (likely(skey && queue_delayed_work(tx->wq, &rx->work, 0)))
2340 * tipc_crypto_work_rx - Scheduled RX works handler
2350 struct tipc_crypto *tx = tipc_net(rx->net)->crypto_tx;
2357 if (atomic_cmpxchg(&rx->key_distr,
2361 key = tx->key.pending ?: tx->key.active;
2362 rc = tipc_crypto_key_distr(tx, key, rx->node);
2365 tx->name, key, tipc_node_get_id_str(rx->node),
2371 atomic_cmpxchg(&rx->key_distr, KEY_DISTR_COMPL, 0);
2375 if (rx->skey) {
2376 rc = tipc_crypto_key_init(rx, rx->skey, rx->skey_mode, false);
2379 rx->name, rc);
2381 case -EBUSY:
2382 case -ENOMEM:
2388 kfree_sensitive(rx->skey);
2389 rx->skey = NULL;
2394 if (resched && queue_delayed_work(tx->wq, &rx->work, delay))
2397 tipc_node_put(rx->node);
2401 * tipc_crypto_rekeying_sched - (Re)schedule rekeying w/o new interval
2416 tx->rekeying_intv = new_intv;
2417 cancel_delayed_work_sync(&tx->work);
2420 if (tx->rekeying_intv || now) {
2421 delay = (now) ? 0 : tx->rekeying_intv * 60 * 1000;
2422 queue_delayed_work(tx->wq, &tx->work, msecs_to_jiffies(delay));
2427 * tipc_crypto_work_tx - Scheduled TX works handler
2432 * TX crypto and finally distributing it to peers. It also re-schedules the
2440 struct tipc_key key = tx->key;
2442 int rc = -ENOMEM;
2449 aead = rcu_dereference(tx->aead[key.active ?: KEY_MASTER]);
2457 skey = kmemdup(aead->key, tipc_aead_key_size(aead->key), GFP_ATOMIC);
2470 pr_warn_ratelimited("%s: rekeying returns %d\n", tx->name, rc);
2473 /* Re-schedule rekeying if any */