[PATCH bpf-next v8 2/3] bpf: crypto: add skcipher to bpf crypto

linux-crypto.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Vadim Fedorenko <vadfed@meta.com>
To: Vadim Fedorenko <vadim.fedorenko@linux.dev>,
	Jakub Kicinski <kuba@kernel.org>,
	Martin KaFai Lau <martin.lau@linux.dev>,
	Andrii Nakryiko <andrii@kernel.org>,
	Alexei Starovoitov <ast@kernel.org>,
	Mykola Lysenko <mykolal@fb.com>,
	Herbert Xu <herbert@gondor.apana.org.au>
Cc: Vadim Fedorenko <vadfed@meta.com>, <netdev@vger.kernel.org>,
	<linux-crypto@vger.kernel.org>, <bpf@vger.kernel.org>,
	Victor Stewart <v@nametag.social>
Subject: [PATCH bpf-next v8 2/3] bpf: crypto: add skcipher to bpf crypto
Date: Mon, 15 Jan 2024 14:08:02 -0800	[thread overview]
Message-ID: <20240115220803.1973440-2-vadfed@meta.com> (raw)
In-Reply-To: <20240115220803.1973440-1-vadfed@meta.com>

Implement skcipher crypto in BPF crypto framework.

Signed-off-by: Vadim Fedorenko <vadfed@meta.com>
---
v7 -> v8:
- Move bpf_crypto_skcipher.c to crypto and make it part of
  skcipher module. This way looks more natural and makes bpf crypto
  proper modular. MAINTAINERS files is adjusted to make bpf part
  belong to BPF maintainers.
v6 - v7:
- style issues
v6:
- introduce new file
---
 MAINTAINERS                  |  8 ++++
 crypto/Makefile              |  3 ++
 crypto/bpf_crypto_skcipher.c | 82 ++++++++++++++++++++++++++++++++++++
 3 files changed, 93 insertions(+)
 create mode 100644 crypto/bpf_crypto_skcipher.c

diff --git a/MAINTAINERS b/MAINTAINERS
index c36618d4659e..ae788357c56d 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -3753,6 +3753,14 @@ F:	kernel/bpf/tnum.c
 F:	kernel/bpf/trampoline.c
 F:	kernel/bpf/verifier.c
 
+BPF [CRYPTO]
+M:	Vadim Fedorenko <vadim.fedorenko@linux.dev>
+L:	bpf@vger.kernel.org
+S:	Maintained
+F:	crypto/bpf_crypto_skcipher.c
+F:	include/linux/bpf_crypto.h
+F:	kernel/bpf/crypto.c
+
 BPF [DOCUMENTATION] (Related to Standardization)
 R:	David Vernet <void@manifault.com>
 L:	bpf@vger.kernel.org
diff --git a/crypto/Makefile b/crypto/Makefile
index 408f0a1f9ab9..538124f8bf8a 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -20,6 +20,9 @@ crypto_skcipher-y += lskcipher.o
 crypto_skcipher-y += skcipher.o
 
 obj-$(CONFIG_CRYPTO_SKCIPHER2) += crypto_skcipher.o
+ifeq ($(CONFIG_BPF_SYSCALL),y)
+obj-$(CONFIG_CRYPTO_SKCIPHER2) += bpf_crypto_skcipher.o
+endif
 
 obj-$(CONFIG_CRYPTO_SEQIV) += seqiv.o
 obj-$(CONFIG_CRYPTO_ECHAINIV) += echainiv.o
diff --git a/crypto/bpf_crypto_skcipher.c b/crypto/bpf_crypto_skcipher.c
new file mode 100644
index 000000000000..e0b32cf7f002
--- /dev/null
+++ b/crypto/bpf_crypto_skcipher.c
@@ -0,0 +1,82 @@
+// SPDX-License-Identifier: GPL-2.0-only
+/* Copyright (c) 2023 Meta, Inc */
+#include <linux/types.h>
+#include <linux/module.h>
+#include <linux/bpf_crypto.h>
+#include <crypto/skcipher.h>
+
+static void *bpf_crypto_lskcipher_alloc_tfm(const char *algo)
+{
+	return crypto_alloc_lskcipher(algo, 0, 0);
+}
+
+static void bpf_crypto_lskcipher_free_tfm(void *tfm)
+{
+	crypto_free_lskcipher(tfm);
+}
+
+static int bpf_crypto_lskcipher_has_algo(const char *algo)
+{
+	return crypto_has_skcipher(algo, CRYPTO_ALG_TYPE_LSKCIPHER, CRYPTO_ALG_TYPE_MASK);
+}
+
+static int bpf_crypto_lskcipher_setkey(void *tfm, const u8 *key, unsigned int keylen)
+{
+	return crypto_lskcipher_setkey(tfm, key, keylen);
+}
+
+static u32 bpf_crypto_lskcipher_get_flags(void *tfm)
+{
+	return crypto_lskcipher_get_flags(tfm);
+}
+
+static unsigned int bpf_crypto_lskcipher_ivsize(void *tfm)
+{
+	return crypto_lskcipher_ivsize(tfm);
+}
+
+static unsigned int bpf_crypto_lskcipher_statesize(void *tfm)
+{
+	return crypto_lskcipher_statesize(tfm);
+}
+
+static int bpf_crypto_lskcipher_encrypt(void *tfm, const u8 *src, u8 *dst,
+					unsigned int len, u8 *siv)
+{
+	return crypto_lskcipher_encrypt(tfm, src, dst, len, siv);
+}
+
+static int bpf_crypto_lskcipher_decrypt(void *tfm, const u8 *src, u8 *dst,
+					unsigned int len, u8 *siv)
+{
+	return crypto_lskcipher_decrypt(tfm, src, dst, len, siv);
+}
+
+static const struct bpf_crypto_type bpf_crypto_lskcipher_type = {
+	.alloc_tfm	= bpf_crypto_lskcipher_alloc_tfm,
+	.free_tfm	= bpf_crypto_lskcipher_free_tfm,
+	.has_algo	= bpf_crypto_lskcipher_has_algo,
+	.setkey		= bpf_crypto_lskcipher_setkey,
+	.encrypt	= bpf_crypto_lskcipher_encrypt,
+	.decrypt	= bpf_crypto_lskcipher_decrypt,
+	.ivsize		= bpf_crypto_lskcipher_ivsize,
+	.statesize	= bpf_crypto_lskcipher_statesize,
+	.get_flags	= bpf_crypto_lskcipher_get_flags,
+	.owner		= THIS_MODULE,
+	.name		= "skcipher",
+};
+
+static int __init bpf_crypto_skcipher_init(void)
+{
+	return bpf_crypto_register_type(&bpf_crypto_lskcipher_type);
+}
+
+static void __exit bpf_crypto_skcipher_exit(void)
+{
+	int err = bpf_crypto_unregister_type(&bpf_crypto_lskcipher_type);
+	WARN_ON_ONCE(err);
+}
+
+module_init(bpf_crypto_skcipher_init);
+module_exit(bpf_crypto_skcipher_exit);
+MODULE_LICENSE("GPL");
-- 
2.39.3

next prev parent reply	other threads:[~2024-01-15 22:08 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-01-15 22:08 [PATCH bpf-next v8 1/3] bpf: make common crypto API for TC/XDP programs Vadim Fedorenko
2024-01-15 22:08 ` Vadim Fedorenko [this message]
2024-01-25  1:14   ` [PATCH bpf-next v8 2/3] bpf: crypto: add skcipher to bpf crypto Martin KaFai Lau
2024-01-25  9:24     ` Herbert Xu
2024-01-15 22:08 ` [PATCH bpf-next v8 3/3] selftests: bpf: crypto skcipher algo selftests Vadim Fedorenko
2024-01-25  1:26   ` Martin KaFai Lau
2024-02-21  8:43   ` Jakub Sitnicki
2024-02-21  9:19     ` Jakub Sitnicki
2024-01-23 17:51 ` [PATCH bpf-next v8 1/3] bpf: make common crypto API for TC/XDP programs Vadim Fedorenko
2024-01-24  0:12   ` Martin KaFai Lau
2024-01-25  1:10 ` Martin KaFai Lau
2024-01-25 11:19   ` Vadim Fedorenko
2024-01-25 22:34     ` Martin KaFai Lau
2024-01-26 10:30       ` Vadim Fedorenko
2024-01-26 17:38         ` Vadim Fedorenko

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:c36618d4659 dfblob:ae788357c56 dfblob:408f0a1f9ab
dfblob:538124f8bf8 dfblob:e0b32cf7f00 )
 OR (
bs:"[PATCH bpf-next v8 2/3] bpf: crypto: add skcipher to bpf crypto" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240115220803.1973440-2-vadfed@meta.com \
    --to=vadfed@meta.com \
    --cc=andrii@kernel.org \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=herbert@gondor.apana.org.au \
    --cc=kuba@kernel.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=martin.lau@linux.dev \
    --cc=mykolal@fb.com \
    --cc=netdev@vger.kernel.org \
    --cc=v@nametag.social \
    --cc=vadim.fedorenko@linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).