From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-yb1-f172.google.com (mail-yb1-f172.google.com [209.85.219.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 370C3285C8F for ; Mon, 25 Aug 2025 20:01:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.172 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756152094; cv=none; b=UKWAbXfGfBk1ZBpcYyCFJNxXsitNvE14Y/0lk+Vp/Rvujb/iQQAWtFP95wy1r8WjnW0wtGWGMtwan6FJTn33s/23X31Rch09elT/sPKvxUF1J7JFQz+Vjd26upPbxrKQdyF7y2QH+A47R7rfLoa0zqD85SrOQvitCiVtbqVqltI= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1756152094; c=relaxed/simple; bh=rPRgzNL4bPU/i06ENpnBmYg7okrE/jti2fQ3NNQNN/k=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=lLmKCHkdbm4RPjXMAsF+fS96rTrfM9axbkNnK8bJoSi1gQbRrcFMXSi6JDxNew0jYXwa5ZykEU4kPLlS6Mx6RLJc4871/HbQaKwCzw+gScd5KMHowP6hEsIXb55Qult5a1D0wbDyk9Fi34TAaxEld+gZ4fWdTlWKlTWiF4J9tjs= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=LT0OHVSm; arc=none smtp.client-ip=209.85.219.172 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="LT0OHVSm" Received: by mail-yb1-f172.google.com with SMTP id 3f1490d57ef6-e952f877d67so1965248276.3 for ; Mon, 25 Aug 2025 13:01:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756152088; x=1756756888; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=B/qzcyKs6Sijhx5eKCyG5tFaY81xPaszktH0lekGR70=; b=LT0OHVSmad4HCL1F1x66ebPD8DuEeiIv5L1csRfIzrfCdjQYSLKrICInUBeYOQmcqO 2gc6oSbTABAycWQ4sQ9lzLJz0G3uqUQKz5ysMrwhq+ILGsS2Y7VhaFkAmbZOZIz7Rknx l5k7bNxpyjl2axjDz5rnXrWjrXUT2dcY0U/Tg+S5PBUv+VBXB1/G8peGyp7GOUVa/1v7 8+tKcklP740QYA1wwHqcJJF99s+v48kqPb/tc1JcnM5EGHJYXAlynYEQ/TLx6JbtQN8P 8NAPh5pq9CjYT8f8Wgv5d8YqwfJ9890ZcSOrtFPFy+S3n+tWGOVbWOkd695iz5LqjDc4 bw0A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756152088; x=1756756888; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=B/qzcyKs6Sijhx5eKCyG5tFaY81xPaszktH0lekGR70=; b=kXzN8cBl5l4RKcCWKRswWXxXbQnLiOzF1FrMQPk2p1A1WOn/5f8fHWu3u41dGx/gmH C+d9QeoweCOeZNnoOYxlKSJuzYW10RW4otx5jgS6ZjKk+/HxJctBU1xqlAFLv1vAGzBt t0D5fKuZz7EqmLzdmfdyO2KFilPv+UV8iyWyjSZvRDyghsBOzoc1dBcq9z2+ty07Zzv1 rUNa5CbcgI0iJNwXPvgkQUywH90InR6+o95p+x4dgbfhOT6wiWVVirMo6lnzzWaKhZZu 2+v0vEB0SqlD0lGnhrMIZ/292bXN1+IIGYj/iya2jl6oJJK3aNRLA4R733+kcJDVNy/o 6e3A== X-Forwarded-Encrypted: i=1; AJvYcCW2v7G+6tbO+Yv41uKtWxqeIBv0MJ7UvpiLUGGHCDSetSpLarx5tBGLfGX4j+VaH2YqBzm+Vpc=@vger.kernel.org X-Gm-Message-State: AOJu0YxK0PFTzXTevRFK0bVb3HXXShWlygCt6kfSIog/lQSWfKBlbwGi WoGxG18zjaPObGf2iZBAOTkpe0Mwjv331UCxE7vPxCfHS5YDDlzNwYdB X-Gm-Gg: ASbGncuNB5YW0t3QYb2aAuPSONl5sdm7FsRoTwTcYll7SdREO1x3y3n1OKZ2ie/MJJH SEEarydZ5rU5zSNZRiyA6mQ+ob9ZWFhGxZ/7/eI6ZixJ8YJ1W0yhEGzAuX1CetejlR/nB+gsgoT aotZ2PDJ7u0tkKOQzh8Pu6DPX2mKY4w4K3FSlKeAc2NHLgEMxGWzGjI77zf4RYFbzfvH/C+xvZr Pjp0CKCJrK2CdiZIF10dapEt4s8i7WHs4s/g4KtDPFuJPXyIfHAWZ2t0y2J7w+muK/MjsqinmGZ Evvo5c5xiX3cxVxZ0avnHz8/c5taqxpRYIHiledfPBTA/CjjTizexCc7yoV0QQk1o65z33DbSlE 1mTJ+sKXSNGcp81sDNlIoUJZTh05Nl7o= X-Google-Smtp-Source: AGHT+IH0x+204sZOxkgkC7l+kY60o1cz8jHTBBWajab3lB2pg9HVDJk4e/6HniXgf+YgngKBzkHWeQ== X-Received: by 2002:a05:6902:3102:b0:e91:7b14:4d7d with SMTP id 3f1490d57ef6-e951c27ddd1mr13019252276.15.1756152087682; Mon, 25 Aug 2025 13:01:27 -0700 (PDT) Received: from localhost ([2a03:2880:25ff:47::]) by smtp.gmail.com with ESMTPSA id 3f1490d57ef6-e96dcf11652sm83562276.3.2025.08.25.13.01.26 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 25 Aug 2025 13:01:27 -0700 (PDT) From: Daniel Zahka To: Donald Hunter , Jakub Kicinski , "David S. Miller" , Eric Dumazet , Paolo Abeni , Simon Horman , Jonathan Corbet , Andrew Lunn Cc: Saeed Mahameed , Leon Romanovsky , Tariq Toukan , Boris Pismenny , Kuniyuki Iwashima , Willem de Bruijn , David Ahern , Neal Cardwell , Patrisious Haddad , Raed Salem , Jianbo Liu , Dragos Tatulea , Rahul Rameshbabu , Stanislav Fomichev , =?UTF-8?q?Toke=20H=C3=B8iland-J=C3=B8rgensen?= , Alexander Lobakin , Kiran Kella , Jacob Keller , netdev@vger.kernel.org Subject: [PATCH net-next v8 10/19] psp: track generations of device key Date: Mon, 25 Aug 2025 13:00:58 -0700 Message-ID: <20250825200112.1750547-11-daniel.zahka@gmail.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20250825200112.1750547-1-daniel.zahka@gmail.com> References: <20250825200112.1750547-1-daniel.zahka@gmail.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: 8bit From: Jakub Kicinski There is a (somewhat theoretical in absence of multi-host support) possibility that another entity will rotate the key and we won't know. This may lead to accepting packets with matching SPI but which used different crypto keys than we expected. The PSP Architecture specification mentions that an implementation should track device key generation when device keys are managed by the NIC. Some PSP implementations may opt to include this key generation state in decryption metadata each time a device key is used to decrypt a packet. If that is the case, that key generation counter can also be used when policy checking a decrypted skb against a psp_assoc. This is an optional feature that is not explicitly part of the PSP spec, but can provide additional security in the case where an attacker may have the ability to force key rotations faster than rekeying can occur. Since we're tracking "key generations" more explicitly now, maintain different lists for associations from different generations. This way we can catch stale associations (the user space should listen to rotation notifications and change the keys). Drivers can "opt out" of generation tracking by setting the generation value to 0. Reviewed-by: Willem de Bruijn Signed-off-by: Jakub Kicinski Signed-off-by: Daniel Zahka --- Notes: v1: - https://lore.kernel.org/netdev/20240510030435.120935-9-kuba@kernel.org/ include/net/psp/types.h | 10 ++++++++++ net/psp/psp.h | 1 + net/psp/psp_main.c | 6 +++++- net/psp/psp_nl.c | 10 ++++++++++ net/psp/psp_sock.c | 16 ++++++++++++++++ 5 files changed, 42 insertions(+), 1 deletion(-) diff --git a/include/net/psp/types.h b/include/net/psp/types.h index f93ad0e6c04f..ec218747ced0 100644 --- a/include/net/psp/types.h +++ b/include/net/psp/types.h @@ -50,8 +50,12 @@ struct psp_dev_config { * @lock: instance lock, protects all fields * @refcnt: reference count for the instance * @id: instance id + * @generation: current generation of the device key * @config: current device configuration * @active_assocs: list of registered associations + * @prev_assocs: associations which use old (but still usable) + * device key + * @stale_assocs: associations which use a rotated out key * * @rcu: RCU head for freeing the structure */ @@ -67,13 +71,19 @@ struct psp_dev { u32 id; + u8 generation; + struct psp_dev_config config; struct list_head active_assocs; + struct list_head prev_assocs; + struct list_head stale_assocs; struct rcu_head rcu; }; +#define PSP_GEN_VALID_MASK 0x7f + /** * struct psp_dev_caps - PSP device capabilities */ diff --git a/net/psp/psp.h b/net/psp/psp.h index defd3e3fd5e7..0f34e1a23fdd 100644 --- a/net/psp/psp.h +++ b/net/psp/psp.h @@ -27,6 +27,7 @@ int psp_sock_assoc_set_rx(struct sock *sk, struct psp_assoc *pas, int psp_sock_assoc_set_tx(struct sock *sk, struct psp_dev *psd, u32 version, struct psp_key_parsed *key, struct netlink_ext_ack *extack); +void psp_assocs_key_rotated(struct psp_dev *psd); static inline void psp_dev_get(struct psp_dev *psd) { diff --git a/net/psp/psp_main.c b/net/psp/psp_main.c index a1ae3c8920c3..98ad8c85b58e 100644 --- a/net/psp/psp_main.c +++ b/net/psp/psp_main.c @@ -72,6 +72,8 @@ psp_dev_create(struct net_device *netdev, mutex_init(&psd->lock); INIT_LIST_HEAD(&psd->active_assocs); + INIT_LIST_HEAD(&psd->prev_assocs); + INIT_LIST_HEAD(&psd->stale_assocs); refcount_set(&psd->refcnt, 1); mutex_lock(&psp_devs_lock); @@ -125,7 +127,9 @@ void psp_dev_unregister(struct psp_dev *psd) xa_store(&psp_devs, psd->id, NULL, GFP_KERNEL); mutex_unlock(&psp_devs_lock); - list_for_each_entry_safe(pas, next, &psd->active_assocs, assocs_list) + list_splice_init(&psd->active_assocs, &psd->prev_assocs); + list_splice_init(&psd->prev_assocs, &psd->stale_assocs); + list_for_each_entry_safe(pas, next, &psd->stale_assocs, assocs_list) psp_dev_tx_key_del(psd, pas); rcu_assign_pointer(psd->main_netdev->psp_dev, NULL); diff --git a/net/psp/psp_nl.c b/net/psp/psp_nl.c index 1b1d08fce637..8aaca62744c3 100644 --- a/net/psp/psp_nl.c +++ b/net/psp/psp_nl.c @@ -230,6 +230,7 @@ int psp_nl_key_rotate_doit(struct sk_buff *skb, struct genl_info *info) struct psp_dev *psd = info->user_ptr[0]; struct genl_info ntf_info; struct sk_buff *ntf, *rsp; + u8 prev_gen; int err; rsp = psp_nl_reply_new(info); @@ -249,10 +250,19 @@ int psp_nl_key_rotate_doit(struct sk_buff *skb, struct genl_info *info) goto err_free_ntf; } + /* suggest the next gen number, driver can override */ + prev_gen = psd->generation; + psd->generation = (prev_gen + 1) & PSP_GEN_VALID_MASK; + err = psd->ops->key_rotate(psd, info->extack); if (err) goto err_free_ntf; + WARN_ON_ONCE((psd->generation && psd->generation == prev_gen) || + psd->generation & ~PSP_GEN_VALID_MASK); + + psp_assocs_key_rotated(psd); + nlmsg_end(ntf, (struct nlmsghdr *)ntf->data); genlmsg_multicast_netns(&psp_nl_family, dev_net(psd->main_netdev), ntf, 0, PSP_NLGRP_USE, GFP_KERNEL); diff --git a/net/psp/psp_sock.c b/net/psp/psp_sock.c index 66abf160e16c..d74c86437e9b 100644 --- a/net/psp/psp_sock.c +++ b/net/psp/psp_sock.c @@ -60,6 +60,7 @@ struct psp_assoc *psp_assoc_create(struct psp_dev *psd) pas->psd = psd; pas->dev_id = psd->id; + pas->generation = psd->generation; psp_dev_get(psd); refcount_set(&pas->refcnt, 1); @@ -248,6 +249,21 @@ int psp_sock_assoc_set_tx(struct sock *sk, struct psp_dev *psd, return err; } +void psp_assocs_key_rotated(struct psp_dev *psd) +{ + struct psp_assoc *pas, *next; + + /* Mark the stale associations as invalid, they will no longer + * be able to Rx any traffic. + */ + list_for_each_entry_safe(pas, next, &psd->prev_assocs, assocs_list) + pas->generation |= ~PSP_GEN_VALID_MASK; + list_splice_init(&psd->prev_assocs, &psd->stale_assocs); + list_splice_init(&psd->active_assocs, &psd->prev_assocs); + + /* TODO: we should inform the sockets that got shut down */ +} + void psp_twsk_init(struct inet_timewait_sock *tw, const struct sock *sk) { struct psp_assoc *pas = psp_sk_assoc(sk); -- 2.47.3