Re: [PATCH bpf-next v2 2/5] bpf: Add SHA hash kfunc for cryptographic hashing

Linux Kernel Selftest development
 help / color / mirror / Atom feed

From: Mykyta Yatsenko <mykyta.yatsenko5@gmail.com>
To: Daniel Hodges <git@danielhodges.dev>,
	ast@kernel.org, daniel@iogearbox.net, andrii@kernel.org,
	vadim.fedorenko@linux.dev
Cc: martin.lau@linux.dev, eddyz87@gmail.com, song@kernel.org,
	yonghong.song@linux.dev, john.fastabend@gmail.com,
	kpsingh@kernel.org, sdf@fomichev.me, haoluo@google.com,
	jolsa@kernel.org, herbert@gondor.apana.org.au,
	davem@davemloft.net, shuah@kernel.org, bpf@vger.kernel.org,
	linux-crypto@vger.kernel.org, linux-kselftest@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH bpf-next v2 2/5] bpf: Add SHA hash kfunc for cryptographic hashing
Date: Fri, 5 Dec 2025 18:50:48 +0000	[thread overview]
Message-ID: <276ec0e0-2576-4595-a713-02a9223b6aa3@gmail.com> (raw)
In-Reply-To: <20251205173923.31740-3-git@danielhodges.dev>

On 12/5/25 17:39, Daniel Hodges wrote:
> Extend bpf_crypto_type structure with hash operations:
>   - hash(): Performs hashing operation
>   - digestsize(): Returns hash output size
>
> Update bpf_crypto_ctx_create() to support keyless operations:
>   - Hash algorithms don't require keys, unlike ciphers
>   - Only validates key presence if type->setkey is defined
>   - Conditionally sets IV/state length for cipher operations only
>
> Add bpf_crypto_hash() kfunc that works with any hash algorithm
> registered in the kernel's crypto API through the BPF crypto type
> system. This enables BPF programs to compute cryptographic hashes for
> use cases such as content verification, integrity checking, and data
> authentication.
>
> Signed-off-by: Daniel Hodges <git@danielhodges.dev>
> ---
>   include/linux/bpf_crypto.h |  2 +
>   kernel/bpf/crypto.c        | 76 ++++++++++++++++++++++++++++++++++----
>   2 files changed, 70 insertions(+), 8 deletions(-)
>
> diff --git a/include/linux/bpf_crypto.h b/include/linux/bpf_crypto.h
> index a41e71d4e2d9..c84371cc4e47 100644
> --- a/include/linux/bpf_crypto.h
> +++ b/include/linux/bpf_crypto.h
> @@ -11,8 +11,10 @@ struct bpf_crypto_type {
>   	int (*setauthsize)(void *tfm, unsigned int authsize);
>   	int (*encrypt)(void *tfm, const u8 *src, u8 *dst, unsigned int len, u8 *iv);
>   	int (*decrypt)(void *tfm, const u8 *src, u8 *dst, unsigned int len, u8 *iv);
> +	int (*hash)(void *tfm, const u8 *data, u8 *out, unsigned int len);
>   	unsigned int (*ivsize)(void *tfm);
>   	unsigned int (*statesize)(void *tfm);
> +	unsigned int (*digestsize)(void *tfm);
>   	u32 (*get_flags)(void *tfm);
>   	struct module *owner;
>   	char name[14];
> diff --git a/kernel/bpf/crypto.c b/kernel/bpf/crypto.c
> index 83c4d9943084..95625c7ffb1a 100644
> --- a/kernel/bpf/crypto.c
> +++ b/kernel/bpf/crypto.c
> @@ -171,7 +171,12 @@ bpf_crypto_ctx_create(const struct bpf_crypto_params *params, u32 params__sz,
>   		goto err_module_put;
>   	}
>   
> -	if (!params->key_len || params->key_len > sizeof(params->key)) {
> +	/* Hash operations don't require a key, but cipher operations do */
> +	if (params->key_len > sizeof(params->key)) {
> +		*err = -EINVAL;
> +		goto err_module_put;
> +	}
> +	if (!params->key_len && type->setkey) {
>   		*err = -EINVAL;
>   		goto err_module_put;
>   	}
> @@ -195,16 +200,19 @@ bpf_crypto_ctx_create(const struct bpf_crypto_params *params, u32 params__sz,
>   			goto err_free_tfm;
>   	}
>   
> -	*err = type->setkey(ctx->tfm, params->key, params->key_len);
> -	if (*err)
> -		goto err_free_tfm;
> +	if (params->key_len) {
> +		*err = type->setkey(ctx->tfm, params->key, params->key_len);
> +		if (*err)
> +			goto err_free_tfm;
>   
> -	if (type->get_flags(ctx->tfm) & CRYPTO_TFM_NEED_KEY) {
> -		*err = -EINVAL;
> -		goto err_free_tfm;
> +		if (type->get_flags(ctx->tfm) & CRYPTO_TFM_NEED_KEY) {
> +			*err = -EINVAL;
> +			goto err_free_tfm;
> +		}
>   	}
>   
> -	ctx->siv_len = type->ivsize(ctx->tfm) + type->statesize(ctx->tfm);
> +	if (type->ivsize && type->statesize)
> +		ctx->siv_len = type->ivsize(ctx->tfm) + type->statesize(ctx->tfm);
>   
>   	refcount_set(&ctx->usage, 1);
>   
> @@ -343,6 +351,54 @@ __bpf_kfunc int bpf_crypto_encrypt(struct bpf_crypto_ctx *ctx,
>   	return bpf_crypto_crypt(ctx, src_kern, dst_kern, siv_kern, false);
>   }
>   
> +#if IS_ENABLED(CONFIG_CRYPTO_HASH2)
> +/**
> + * bpf_crypto_hash() - Compute hash using configured context
> + * @ctx:	The crypto context being used. The ctx must be a trusted pointer.
> + * @data:	bpf_dynptr to the input data to hash. Must be a trusted pointer.
> + * @out:	bpf_dynptr to the output buffer. Must be a trusted pointer.
> + *
> + * Computes hash of the input data using the crypto context. The output buffer
> + * must be at least as large as the digest size of the hash algorithm.
> + */
> +__bpf_kfunc int bpf_crypto_hash(struct bpf_crypto_ctx *ctx,
> +				const struct bpf_dynptr *data,
> +				const struct bpf_dynptr *out)
> +{
> +	const struct bpf_dynptr_kern *data_kern = (struct bpf_dynptr_kern *)data;
> +	const struct bpf_dynptr_kern *out_kern = (struct bpf_dynptr_kern *)out;
> +	u32 data_len, out_len;
> +	const u8 *data_ptr;
> +	u8 *out_ptr;
> +
> +	if (!ctx->type->hash)
> +		return -EOPNOTSUPP;
> +
> +	data_len = __bpf_dynptr_size(data_kern);
> +	out_len = __bpf_dynptr_size(out_kern);
__bpf_dynptr_size() returns u64, as well as __bpf_dynptr_data_rw()
takes u64 as length parameter, it may be worth using that type for
data_len and out_len.
> +
> +	if (data_len == 0)
> +		return -EINVAL;
> +
> +	if (!ctx->type->digestsize)
> +		return -EOPNOTSUPP;
> +
> +	unsigned int digestsize = ctx->type->digestsize(ctx->tfm);
> +	if (out_len < digestsize)
> +		return -EINVAL;
> +
> +	data_ptr = __bpf_dynptr_data(data_kern, data_len);
> +	if (!data_ptr)
> +		return -EINVAL;
> +
> +	out_ptr = __bpf_dynptr_data_rw(out_kern, out_len);
> +	if (!out_ptr)
> +		return -EINVAL;
> +
> +	return ctx->type->hash(ctx->tfm, data_ptr, out_ptr, data_len);
> +}
> +#endif /* CONFIG_CRYPTO_HASH2 */
> +
>   __bpf_kfunc_end_defs();
>   
>   BTF_KFUNCS_START(crypt_init_kfunc_btf_ids)
> @@ -359,6 +415,9 @@ static const struct btf_kfunc_id_set crypt_init_kfunc_set = {
>   BTF_KFUNCS_START(crypt_kfunc_btf_ids)
>   BTF_ID_FLAGS(func, bpf_crypto_decrypt, KF_RCU)
>   BTF_ID_FLAGS(func, bpf_crypto_encrypt, KF_RCU)
> +#if IS_ENABLED(CONFIG_CRYPTO_HASH2)
> +BTF_ID_FLAGS(func, bpf_crypto_hash, KF_RCU)
> +#endif
>   BTF_KFUNCS_END(crypt_kfunc_btf_ids)
>   
>   static const struct btf_kfunc_id_set crypt_kfunc_set = {
> @@ -383,6 +442,7 @@ static int __init crypto_kfunc_init(void)
>   	ret = register_btf_kfunc_id_set(BPF_PROG_TYPE_SCHED_CLS, &crypt_kfunc_set);
>   	ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_SCHED_ACT, &crypt_kfunc_set);
>   	ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_XDP, &crypt_kfunc_set);
> +	ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_SYSCALL, &crypt_kfunc_set);
>   	ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_SYSCALL,
>   					       &crypt_init_kfunc_set);
>   	return  ret ?: register_btf_id_dtor_kfuncs(bpf_crypto_dtors,

next prev parent reply	other threads:[~2025-12-05 18:50 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-12-05 17:39 [PATCH bpf-next v2 0/5] Add cryptographic hash and signature verification kfuncs to BPF Daniel Hodges
2025-12-05 17:39 ` [PATCH bpf-next v2 1/5] crypto: Add BPF hash algorithm type registration module Daniel Hodges
2025-12-05 18:05   ` bot+bpf-ci
2025-12-06  1:00   ` Song Liu
2025-12-08  1:29     ` Daniel Hodges
2025-12-05 17:39 ` [PATCH bpf-next v2 2/5] bpf: Add SHA hash kfunc for cryptographic hashing Daniel Hodges
2025-12-05 18:50   ` Mykyta Yatsenko [this message]
2025-12-08  1:28     ` Daniel Hodges
2025-12-05 17:39 ` [PATCH bpf-next v2 3/5] selftests/bpf: Add tests for bpf_crypto_hash kfunc Daniel Hodges
2025-12-06  1:14   ` Song Liu
2025-12-05 17:39 ` [PATCH bpf-next v2 4/5] bpf: Add ECDSA signature verification kfuncs Daniel Hodges
2025-12-05 17:39 ` [PATCH bpf-next v2 5/5] selftests/bpf: Add tests for " Daniel Hodges
2025-12-06  1:16   ` Song Liu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=276ec0e0-2576-4595-a713-02a9223b6aa3@gmail.com \
    --to=mykyta.yatsenko5@gmail.com \
    --cc=andrii@kernel.org \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=davem@davemloft.net \
    --cc=eddyz87@gmail.com \
    --cc=git@danielhodges.dev \
    --cc=haoluo@google.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=john.fastabend@gmail.com \
    --cc=jolsa@kernel.org \
    --cc=kpsingh@kernel.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-kselftest@vger.kernel.org \
    --cc=martin.lau@linux.dev \
    --cc=sdf@fomichev.me \
    --cc=shuah@kernel.org \
    --cc=song@kernel.org \
    --cc=vadim.fedorenko@linux.dev \
    --cc=yonghong.song@linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox