tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
Steffen Klassert says:
====================
pull request (net-next): ipsec-next 2020-12-12
Just one patch this time:
1) Redact the SA keys with kernel lockdown confidentiality.
If enabled, no secret keys are sent to uuserspace.
From Antony Antony.
* 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next:
xfrm: redact SA secret with lockdown confidentiality
====================
Link: https://lore.kernel.org/r/20201212085737.2101294-1-steffen.klassert@secunet.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+69
-7
+1
include/linux/security.h
+1
include/linux/security.h
+67
-7
net/xfrm/xfrm_user.c
+67
-7
net/xfrm/xfrm_user.c
···
848
848
return 0;
849
849
}
850
850
851
+
static bool xfrm_redact(void)
852
+
{
853
+
return IS_ENABLED(CONFIG_SECURITY) &&
854
+
security_locked_down(LOCKDOWN_XFRM_SECRET);
855
+
}
856
+
851
857
static int copy_to_user_auth(struct xfrm_algo_auth *auth, struct sk_buff *skb)
852
858
{
853
859
struct xfrm_algo *algo;
860
+
struct xfrm_algo_auth *ap;
854
861
struct nlattr *nla;
862
+
bool redact_secret = xfrm_redact();
855
863
856
864
nla = nla_reserve(skb, XFRMA_ALG_AUTH,
857
865
sizeof(*algo) + (auth->alg_key_len + 7) / 8);
858
866
if (!nla)
859
867
return -EMSGSIZE;
860
-
861
868
algo = nla_data(nla);
862
869
strncpy(algo->alg_name, auth->alg_name, sizeof(algo->alg_name));
863
-
memcpy(algo->alg_key, auth->alg_key, (auth->alg_key_len + 7) / 8);
870
+
871
+
if (redact_secret && auth->alg_key_len)
872
+
memset(algo->alg_key, 0, (auth->alg_key_len + 7) / 8);
873
+
else
874
+
memcpy(algo->alg_key, auth->alg_key,
875
+
(auth->alg_key_len + 7) / 8);
864
876
algo->alg_key_len = auth->alg_key_len;
877
+
878
+
nla = nla_reserve(skb, XFRMA_ALG_AUTH_TRUNC, xfrm_alg_auth_len(auth));
879
+
if (!nla)
880
+
return -EMSGSIZE;
881
+
ap = nla_data(nla);
882
+
memcpy(ap, auth, sizeof(struct xfrm_algo_auth));
883
+
if (redact_secret && auth->alg_key_len)
884
+
memset(ap->alg_key, 0, (auth->alg_key_len + 7) / 8);
885
+
else
886
+
memcpy(ap->alg_key, auth->alg_key,
887
+
(auth->alg_key_len + 7) / 8);
888
+
return 0;
889
+
}
890
+
891
+
static int copy_to_user_aead(struct xfrm_algo_aead *aead, struct sk_buff *skb)
892
+
{
893
+
struct nlattr *nla = nla_reserve(skb, XFRMA_ALG_AEAD, aead_len(aead));
894
+
struct xfrm_algo_aead *ap;
895
+
bool redact_secret = xfrm_redact();
896
+
897
+
if (!nla)
898
+
return -EMSGSIZE;
899
+
900
+
ap = nla_data(nla);
901
+
memcpy(ap, aead, sizeof(*aead));
902
+
903
+
if (redact_secret && aead->alg_key_len)
904
+
memset(ap->alg_key, 0, (aead->alg_key_len + 7) / 8);
905
+
else
906
+
memcpy(ap->alg_key, aead->alg_key,
907
+
(aead->alg_key_len + 7) / 8);
908
+
return 0;
909
+
}
910
+
911
+
static int copy_to_user_ealg(struct xfrm_algo *ealg, struct sk_buff *skb)
912
+
{
913
+
struct xfrm_algo *ap;
914
+
bool redact_secret = xfrm_redact();
915
+
struct nlattr *nla = nla_reserve(skb, XFRMA_ALG_CRYPT,
916
+
xfrm_alg_len(ealg));
917
+
if (!nla)
918
+
return -EMSGSIZE;
919
+
920
+
ap = nla_data(nla);
921
+
memcpy(ap, ealg, sizeof(*ealg));
922
+
923
+
if (redact_secret && ealg->alg_key_len)
924
+
memset(ap->alg_key, 0, (ealg->alg_key_len + 7) / 8);
925
+
else
926
+
memcpy(ap->alg_key, ealg->alg_key,
927
+
(ealg->alg_key_len + 7) / 8);
865
928
866
929
return 0;
867
930
}
···
969
906
goto out;
970
907
}
971
908
if (x->aead) {
972
-
ret = nla_put(skb, XFRMA_ALG_AEAD, aead_len(x->aead), x->aead);
909
+
ret = copy_to_user_aead(x->aead, skb);
973
910
if (ret)
974
911
goto out;
975
912
}
976
913
if (x->aalg) {
977
914
ret = copy_to_user_auth(x->aalg, skb);
978
-
if (!ret)
979
-
ret = nla_put(skb, XFRMA_ALG_AUTH_TRUNC,
980
-
xfrm_alg_auth_len(x->aalg), x->aalg);
981
915
if (ret)
982
916
goto out;
983
917
}
984
918
if (x->ealg) {
985
-
ret = nla_put(skb, XFRMA_ALG_CRYPT, xfrm_alg_len(x->ealg), x->ealg);
919
+
ret = copy_to_user_ealg(x->ealg, skb);
986
920
if (ret)
987
921
goto out;
988
922
}