From: "Brian Gix" <bgix@codeaurora.org>
To: "'Vinicius Costa Gomes'" <vinicius.gomes@openbossa.org>
Cc: <linux-bluetooth@vger.kernel.org>
Subject: RE: [RFC v2 5/9] Bluetooth: Add support for using the crypto subsystem
Date: Tue, 7 Dec 2010 11:34:26 -0800 [thread overview]
Message-ID: <003a01cb9645$c3100d30$49302790$@org> (raw)
In-Reply-To: <20101207192317.GC4797@eris>
Hi Vinicius,
> -----Original Message-----
> From: linux-bluetooth-owner@vger.kernel.org [mailto:linux-bluetooth-
> owner@vger.kernel.org] On Behalf Of Vinicius Costa Gomes
> Sent: 07 December, 2010 11:23 AM
> To: Brian Gix
> Cc: linux-bluetooth@vger.kernel.org
> Subject: Re: [RFC v2 5/9] Bluetooth: Add support for using the crypto
> subsystem
>
> Hi Brian,
>
> On 10:35 Tue 07 Dec, Brian Gix wrote:
> >
> > Hi Vinicius,
> >
> > > -----Original Message-----
> > > From: linux-bluetooth-owner@vger.kernel.org [mailto:linux-
> bluetooth-
> > > owner@vger.kernel.org] On Behalf Of Vinicius Costa Gomes
> > > Sent: 06 December, 2010 1:44 PM
> > > To: linux-bluetooth@vger.kernel.org
> > > Cc: Vinicius Costa Gomes
> > > Subject: [RFC v2 5/9] Bluetooth: Add support for using the crypto
> > > subsystem
> > >
> > > This will allow using the crypto subsystem for encrypting data. As
> SMP
> > > (Security Manager Protocol) is implemented almost entirely on the
> host
> > > side and the crypto module already implements the needed methods
> > > (AES-128), it makes sense to use it.
> >
> > I do understand the desire to reuse the crypto module, but I would
> like
> > to point out that every baseband that supports any level of LE-SM, is
> > required to have implemented the HCI commands for LE-SM centric
> encryption
> > and random number generation.
>
> Yes, we are aware of that.
>
> >
> > Also, since these are processor intensive calculations, which must
> take
> > place in real-time on the baseband for encrypted links, I would argue
> > that it makes more sense to use the likely optimized functionality
> > present in the basebands.
>
> I am sure that the baseband is optimized for those operations, but one
> thing that needs to be considered is the time that the information
> takes to get
> to and from the baseband. For example, in the case of a USB controller,
> we need
> to build an HCI command, insert the command in the queue, and wait for
> it to be
> delivered (and received) via the USB bus to the baseband. Using the
> crypto
> subsystem we may even be able to use functionality built inside the
> processor.
>
> >
> > That is not to say that it cannot be done on the host, just that it
> > is likely less efficient, for no gain in portability or
> functionality.
>
> There is a gain in simplicity ;-)
Well that's fine. Again, I have no objection.
>
> >
> >
> > > Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
> > > ---
> > > include/net/bluetooth/hci_core.h | 2 ++
> > > net/bluetooth/hci_core.c | 10 ++++++++++
> > > 2 files changed, 12 insertions(+), 0 deletions(-)
> > >
> > > diff --git a/include/net/bluetooth/hci_core.h
> > > b/include/net/bluetooth/hci_core.h
> > > index 0687e2f..d0a9f5d 100644
> > > --- a/include/net/bluetooth/hci_core.h
> > > +++ b/include/net/bluetooth/hci_core.h
> > > @@ -135,6 +135,8 @@ struct hci_dev {
> > > __u32 req_status;
> > > __u32 req_result;
> > >
> > > + struct crypto_blkcipher *tfm;
> > > +
> > > struct inquiry_cache inq_cache;
> > > struct hci_conn_hash conn_hash;
> > > struct list_head blacklist;
> > > diff --git a/net/bluetooth/hci_core.c b/net/bluetooth/hci_core.c
> > > index 12c6735..b96c3dd 100644
> > > --- a/net/bluetooth/hci_core.c
> > > +++ b/net/bluetooth/hci_core.c
> > > @@ -41,6 +41,7 @@
> > > #include <linux/interrupt.h>
> > > #include <linux/notifier.h>
> > > #include <linux/rfkill.h>
> > > +#include <linux/crypto.h>
> > > #include <net/sock.h>
> > >
> > > #include <asm/system.h>
> > > @@ -961,6 +962,13 @@ int hci_register_dev(struct hci_dev *hdev)
> > > if (!hdev->workqueue)
> > > goto nomem;
> > >
> > > + hdev->tfm = crypto_alloc_blkcipher("ecb(aes)", 0,
> > > CRYPTO_ALG_ASYNC);
> > > + if (IS_ERR(hdev->tfm)) {
> > > + BT_ERR("Failed to load transform for ecb(aes): %ld",
> > > + PTR_ERR(hdev->tfm));
> > > + goto nomem;
> > > + }
> > > +
> > > hci_register_sysfs(hdev);
> > >
> > > hdev->rfkill = rfkill_alloc(hdev->name, &hdev->dev,
> > > @@ -1001,6 +1009,8 @@ int hci_unregister_dev(struct hci_dev *hdev)
> > > for (i = 0; i < NUM_REASSEMBLY; i++)
> > > kfree_skb(hdev->reassembly[i]);
> > >
> > > + crypto_free_blkcipher(hdev->tfm);
> > > +
> > > hci_notify(hdev, HCI_DEV_UNREG);
> > >
> > > if (hdev->rfkill) {
> > > --
> > > 1.7.3.2
> > >
> > > --
> > > To unsubscribe from this list: send the line "unsubscribe linux-
> > > bluetooth" in
> > > the body of a message to majordomo@vger.kernel.org
> > > More majordomo info at http://vger.kernel.org/majordomo-info.html
> >
>
> Cheers,
> --
> Vinicius
> --
> To unsubscribe from this list: send the line "unsubscribe linux-
> bluetooth" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2010-12-07 19:34 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-06 21:43 [RFC v2 0/9] SMP Implementation Vinicius Costa Gomes
2010-12-06 21:43 ` [RFC v2 1/9] Bluetooth: Add SMP command structures Vinicius Costa Gomes
2010-12-06 21:43 ` [RFC v2 2/9] Bluetooth: Implement the first SMP commands Vinicius Costa Gomes
2010-12-07 16:03 ` Gustavo F. Padovan
2010-12-07 22:05 ` Vinicius Costa Gomes
2010-12-07 16:10 ` Gustavo F. Padovan
2010-12-07 22:06 ` Vinicius Costa Gomes
2010-12-06 21:43 ` [RFC v2 3/9] Bluetooth: Start SMP procedure Vinicius Costa Gomes
2010-12-07 16:11 ` Gustavo F. Padovan
2010-12-07 22:08 ` Vinicius Costa Gomes
2010-12-06 21:43 ` [RFC v2 4/9] Bluetooth: simple SMP pairing negotiation Vinicius Costa Gomes
2010-12-07 16:39 ` Gustavo F. Padovan
2010-12-07 18:26 ` Brian Gix
2010-12-07 22:27 ` Vinicius Costa Gomes
2010-12-06 21:43 ` [RFC v2 5/9] Bluetooth: Add support for using the crypto subsystem Vinicius Costa Gomes
2010-12-07 17:27 ` Gustavo F. Padovan
2010-12-07 17:51 ` Vinicius Costa Gomes
2010-12-07 18:05 ` Gustavo F. Padovan
2010-12-07 18:35 ` Brian Gix
2010-12-07 19:06 ` Anderson Lizardo
2010-12-07 19:21 ` Brian Gix
2010-12-07 19:23 ` Vinicius Costa Gomes
2010-12-07 19:34 ` Brian Gix [this message]
2010-12-06 21:43 ` [RFC v2 6/9] Bluetooth: LE SMP Cryptoolbox functions Vinicius Costa Gomes
2010-12-06 21:43 ` [RFC v2 7/9] Bluetooth: Add support for SMP confirmation checks Vinicius Costa Gomes
2010-12-07 17:41 ` Gustavo F. Padovan
2010-12-08 5:48 ` Koustuv Ghosh
2010-12-08 6:33 ` Brian Gix
2010-12-08 6:19 ` Koustuv Ghosh
2010-12-06 21:43 ` [RFC v2 8/9] Bluetooth: Add support for LE Start Encryption Vinicius Costa Gomes
2010-12-07 17:38 ` Gustavo F. Padovan
2010-12-07 18:58 ` Brian Gix
2010-12-06 21:43 ` [RFC v2 9/9] Bluetooth: Add support for resuming socket when SMP is finished Vinicius Costa Gomes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='003a01cb9645$c3100d30$49302790$@org' \
--to=bgix@codeaurora.org \
--cc=linux-bluetooth@vger.kernel.org \
--cc=vinicius.gomes@openbossa.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).