bpf: crypto: add skcipher to bpf crypto

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Implement skcipher crypto in BPF crypto framework.

Signed-off-by: Vadim Fedorenko <vadfed@meta.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Link: https://lore.kernel.org/r/20240422225024.2847039-3-vadfed@meta.com
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>

authored by

Vadim Fedorenko and committed by

Martin KaFai Lau 2 years ago fda4f712 3e1c6f35

+93

3 changed files

expand all

MAINTAINERS

crypto

Makefile

bpf_crypto_skcipher.c

MAINTAINERS

··· 3822 3822 F: kernel/bpf/trampoline.c 3823 3823 F: kernel/bpf/verifier.c 3824 3824 3825 + BPF [CRYPTO] 3826 + M: Vadim Fedorenko <vadim.fedorenko@linux.dev> 3827 + L: bpf@vger.kernel.org 3828 + S: Maintained 3829 + F: crypto/bpf_crypto_skcipher.c 3830 + F: include/linux/bpf_crypto.h 3831 + F: kernel/bpf/crypto.c 3832 + 3825 3833 BPF [DOCUMENTATION] (Related to Standardization) 3826 3834 R: David Vernet <void@manifault.com> 3827 3835 L: bpf@vger.kernel.org

crypto/Makefile

··· 20 20 crypto_skcipher-y += skcipher.o 21 21 22 22 obj-$(CONFIG_CRYPTO_SKCIPHER2) += crypto_skcipher.o 23 + ifeq ($(CONFIG_BPF_SYSCALL),y) 24 + obj-$(CONFIG_CRYPTO_SKCIPHER2) += bpf_crypto_skcipher.o 25 + endif 23 26 24 27 obj-$(CONFIG_CRYPTO_SEQIV) += seqiv.o 25 28 obj-$(CONFIG_CRYPTO_ECHAINIV) += echainiv.o

+82

crypto/bpf_crypto_skcipher.c

··· 1 + // SPDX-License-Identifier: GPL-2.0-only 2 + /* Copyright (c) 2024 Meta, Inc */ 3 + #include <linux/types.h> 4 + #include <linux/module.h> 5 + #include <linux/bpf_crypto.h> 6 + #include <crypto/skcipher.h> 7 + 8 + static void *bpf_crypto_lskcipher_alloc_tfm(const char *algo) 9 + { 10 + return crypto_alloc_lskcipher(algo, 0, 0); 11 + } 12 + 13 + static void bpf_crypto_lskcipher_free_tfm(void *tfm) 14 + { 15 + crypto_free_lskcipher(tfm); 16 + } 17 + 18 + static int bpf_crypto_lskcipher_has_algo(const char *algo) 19 + { 20 + return crypto_has_skcipher(algo, CRYPTO_ALG_TYPE_LSKCIPHER, CRYPTO_ALG_TYPE_MASK); 21 + } 22 + 23 + static int bpf_crypto_lskcipher_setkey(void *tfm, const u8 *key, unsigned int keylen) 24 + { 25 + return crypto_lskcipher_setkey(tfm, key, keylen); 26 + } 27 + 28 + static u32 bpf_crypto_lskcipher_get_flags(void *tfm) 29 + { 30 + return crypto_lskcipher_get_flags(tfm); 31 + } 32 + 33 + static unsigned int bpf_crypto_lskcipher_ivsize(void *tfm) 34 + { 35 + return crypto_lskcipher_ivsize(tfm); 36 + } 37 + 38 + static unsigned int bpf_crypto_lskcipher_statesize(void *tfm) 39 + { 40 + return crypto_lskcipher_statesize(tfm); 41 + } 42 + 43 + static int bpf_crypto_lskcipher_encrypt(void *tfm, const u8 *src, u8 *dst, 44 + unsigned int len, u8 *siv) 45 + { 46 + return crypto_lskcipher_encrypt(tfm, src, dst, len, siv); 47 + } 48 + 49 + static int bpf_crypto_lskcipher_decrypt(void *tfm, const u8 *src, u8 *dst, 50 + unsigned int len, u8 *siv) 51 + { 52 + return crypto_lskcipher_decrypt(tfm, src, dst, len, siv); 53 + } 54 + 55 + static const struct bpf_crypto_type bpf_crypto_lskcipher_type = { 56 + .alloc_tfm = bpf_crypto_lskcipher_alloc_tfm, 57 + .free_tfm = bpf_crypto_lskcipher_free_tfm, 58 + .has_algo = bpf_crypto_lskcipher_has_algo, 59 + .setkey = bpf_crypto_lskcipher_setkey, 60 + .encrypt = bpf_crypto_lskcipher_encrypt, 61 + .decrypt = bpf_crypto_lskcipher_decrypt, 62 + .ivsize = bpf_crypto_lskcipher_ivsize, 63 + .statesize = bpf_crypto_lskcipher_statesize, 64 + .get_flags = bpf_crypto_lskcipher_get_flags, 65 + .owner = THIS_MODULE, 66 + .name = "skcipher", 67 + }; 68 + 69 + static int __init bpf_crypto_skcipher_init(void) 70 + { 71 + return bpf_crypto_register_type(&bpf_crypto_lskcipher_type); 72 + } 73 + 74 + static void __exit bpf_crypto_skcipher_exit(void) 75 + { 76 + int err = bpf_crypto_unregister_type(&bpf_crypto_lskcipher_type); 77 + WARN_ON_ONCE(err); 78 + } 79 + 80 + module_init(bpf_crypto_skcipher_init); 81 + module_exit(bpf_crypto_skcipher_exit); 82 + MODULE_LICENSE("GPL");