projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tipc: add automatic session key exchange
[linux-2.6-block.git] / net / tipc / crypto.c
CommitLineData
fc1b6d6d
TL		 1// SPDX-License-Identifier: GPL-2.0
2/**
3 * net/tipc/crypto.c: TIPC crypto for key handling & packet en/decryption
4 *
5 * Copyright (c) 2019, Ericsson AB
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions are met:
10 *
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the names of the copyright holders nor the names of its
17 * contributors may be used to endorse or promote products derived from
18 * this software without specific prior written permission.
19 *
20 * Alternatively, this software may be distributed under the terms of the
21 * GNU General Public License ("GPL") version 2 as published by the Free
22 * Software Foundation.
23 *
24 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
25 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
26 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
27 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
28 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
29 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
30 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
31 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
32 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
33 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
34 * POSSIBILITY OF SUCH DAMAGE.
35 */
36
37#include <crypto/aead.h>
38#include <crypto/aes.h>
39#include "crypto.h"
1ef6f7c9
TL		 40#include "msg.h"
41#include "bcast.h"
fc1b6d6d 42
daef1ee3 43#define TIPC_TX_GRACE_PERIOD msecs_to_jiffies(5000) /* 5s */
f779bf79 44#define TIPC_TX_LASTING_TIME msecs_to_jiffies(10000) /* 10s */
fc1b6d6d 45#define TIPC_RX_ACTIVE_LIM msecs_to_jiffies(3000) /* 3s */
f779bf79
TL		 46#define TIPC_RX_PASSIVE_LIM msecs_to_jiffies(15000) /* 15s */
47
fc1b6d6d
TL		 48#define TIPC_MAX_TFMS_DEF 10
49#define TIPC_MAX_TFMS_LIM 1000
50
51/**
52 * TIPC Key ids
53 */
54enum {
daef1ee3
TL		 55 KEY_MASTER = 0,
56 KEY_MIN = KEY_MASTER,
57 KEY_1 = 1,
fc1b6d6d
TL		 58 KEY_2,
59 KEY_3,
60 KEY_MAX = KEY_3,
61};
62
63/**
64 * TIPC Crypto statistics
65 */
66enum {
67 STAT_OK,
68 STAT_NOK,
69 STAT_ASYNC,
70 STAT_ASYNC_OK,
71 STAT_ASYNC_NOK,
72 STAT_BADKEYS, /* tx only */
73 STAT_BADMSGS = STAT_BADKEYS, /* rx only */
74 STAT_NOKEYS,
75 STAT_SWITCHES,
76
77 MAX_STATS,
78};
79
80/* TIPC crypto statistics' header */
81static const char *hstats[MAX_STATS] = {"ok", "nok", "async", "async_ok",
82 "async_nok", "badmsgs", "nokeys",
83 "switches"};
84
85/* Max TFMs number per key */
86int sysctl_tipc_max_tfms __read_mostly = TIPC_MAX_TFMS_DEF;
1ef6f7c9
TL		 87/* Key exchange switch, default: on */
88int sysctl_tipc_key_exchange_enabled __read_mostly = 1;
fc1b6d6d
TL		 89
90/**
91 * struct tipc_key - TIPC keys' status indicator
92 *
93 * 7 6 5 4 3 2 1 0
94 * +-----+-----+-----+-----+-----+-----+-----+-----+
95 * key: | (reserved)|passive idx| active idx|pending idx|
96 * +-----+-----+-----+-----+-----+-----+-----+-----+
97 */
98struct tipc_key {
99#define KEY_BITS (2)
100#define KEY_MASK ((1 << KEY_BITS) - 1)
101 union {
102 struct {
103#if defined(__LITTLE_ENDIAN_BITFIELD)
104 u8 pending:2,
105 active:2,
106 passive:2, /* rx only */
107 reserved:2;
108#elif defined(__BIG_ENDIAN_BITFIELD)
109 u8 reserved:2,
110 passive:2, /* rx only */
111 active:2,
112 pending:2;
113#else
114#error "Please fix <asm/byteorder.h>"
115#endif
116 } __packed;
117 u8 keys;
118 };
119};
120
121/**
122 * struct tipc_tfm - TIPC TFM structure to form a list of TFMs
123 */
124struct tipc_tfm {
125 struct crypto_aead *tfm;
126 struct list_head list;
127};
128
129/**
130 * struct tipc_aead - TIPC AEAD key structure
131 * @tfm_entry: per-cpu pointer to one entry in TFM list
132 * @crypto: TIPC crypto owns this key
133 * @cloned: reference to the source key in case cloning
134 * @users: the number of the key users (TX/RX)
135 * @salt: the key's SALT value
136 * @authsize: authentication tag size (max = 16)
137 * @mode: crypto mode is applied to the key
138 * @hint[]: a hint for user key
139 * @rcu: struct rcu_head
1ef6f7c9
TL		 140 * @key: the aead key
141 * @gen: the key's generation
fc1b6d6d
TL		 142 * @seqno: the key seqno (cluster scope)
143 * @refcnt: the key reference counter
144 */
145struct tipc_aead {
146#define TIPC_AEAD_HINT_LEN (5)
147 struct tipc_tfm * __percpu *tfm_entry;
148 struct tipc_crypto *crypto;
149 struct tipc_aead *cloned;
150 atomic_t users;
151 u32 salt;
152 u8 authsize;
153 u8 mode;
f779bf79 154 char hint[2 * TIPC_AEAD_HINT_LEN + 1];
fc1b6d6d 155 struct rcu_head rcu;
1ef6f7c9
TL		 156 struct tipc_aead_key *key;
157 u16 gen;
fc1b6d6d
TL		 158
159 atomic64_t seqno ____cacheline_aligned;
160 refcount_t refcnt ____cacheline_aligned;
161
162} ____cacheline_aligned;
163
164/**
165 * struct tipc_crypto_stats - TIPC Crypto statistics
166 */
167struct tipc_crypto_stats {
168 unsigned int stat[MAX_STATS];
169};
170
171/**
172 * struct tipc_crypto - TIPC TX/RX crypto structure
173 * @net: struct net
174 * @node: TIPC node (RX)
175 * @aead: array of pointers to AEAD keys for encryption/decryption
176 * @peer_rx_active: replicated peer RX active key index
1ef6f7c9 177 * @key_gen: TX/RX key generation
fc1b6d6d 178 * @key: the key states
1ef6f7c9
TL		 179 * @skey_mode: session key's mode
180 * @skey: received session key
181 * @wq: common workqueue on TX crypto
182 * @work: delayed work sched for TX/RX
183 * @key_distr: key distributing state
fc1b6d6d 184 * @stats: the crypto statistics
f779bf79 185 * @name: the crypto name
fc1b6d6d
TL		 186 * @sndnxt: the per-peer sndnxt (TX)
187 * @timer1: general timer 1 (jiffies)
f779bf79 188 * @timer2: general timer 2 (jiffies)
daef1ee3
TL		 189 * @working: the crypto is working or not
190 * @key_master: flag indicates if master key exists
191 * @legacy_user: flag indicates if a peer joins w/o master key (for bwd comp.)
1ef6f7c9 192 * @nokey: no key indication
fc1b6d6d
TL		 193 * @lock: tipc_key lock
194 */
195struct tipc_crypto {
196 struct net *net;
197 struct tipc_node *node;
daef1ee3 198 struct tipc_aead __rcu *aead[KEY_MAX + 1];
fc1b6d6d 199 atomic_t peer_rx_active;
1ef6f7c9 200 u16 key_gen;
fc1b6d6d 201 struct tipc_key key;
1ef6f7c9
TL		 202 u8 skey_mode;
203 struct tipc_aead_key *skey;
204 struct workqueue_struct *wq;
205 struct delayed_work work;
206#define KEY_DISTR_SCHED 1
207#define KEY_DISTR_COMPL 2
208 atomic_t key_distr;
209
fc1b6d6d 210 struct tipc_crypto_stats __percpu *stats;
f779bf79 211 char name[48];
fc1b6d6d
TL		 212
213 atomic64_t sndnxt ____cacheline_aligned;
214 unsigned long timer1;
215 unsigned long timer2;
daef1ee3
TL		 216 union {
217 struct {
218 u8 working:1;
219 u8 key_master:1;
220 u8 legacy_user:1;
1ef6f7c9 221 u8 nokey: 1;
daef1ee3
TL		 222 };
223 u8 flags;
224 };
fc1b6d6d
TL		 225 spinlock_t lock; /* crypto lock */
226
227} ____cacheline_aligned;
228
229/* struct tipc_crypto_tx_ctx - TX context for callbacks */
230struct tipc_crypto_tx_ctx {
231 struct tipc_aead *aead;
232 struct tipc_bearer *bearer;
233 struct tipc_media_addr dst;
234};
235
236/* struct tipc_crypto_rx_ctx - RX context for callbacks */
237struct tipc_crypto_rx_ctx {
238 struct tipc_aead *aead;
239 struct tipc_bearer *bearer;
240};
241
242static struct tipc_aead *tipc_aead_get(struct tipc_aead __rcu *aead);
243static inline void tipc_aead_put(struct tipc_aead *aead);
244static void tipc_aead_free(struct rcu_head *rp);
245static int tipc_aead_users(struct tipc_aead __rcu *aead);
246static void tipc_aead_users_inc(struct tipc_aead __rcu *aead, int lim);
247static void tipc_aead_users_dec(struct tipc_aead __rcu *aead, int lim);
248static void tipc_aead_users_set(struct tipc_aead __rcu *aead, int val);
249static struct crypto_aead *tipc_aead_tfm_next(struct tipc_aead *aead);
250static int tipc_aead_init(struct tipc_aead **aead, struct tipc_aead_key *ukey,
251 u8 mode);
252static int tipc_aead_clone(struct tipc_aead **dst, struct tipc_aead *src);
253static void *tipc_aead_mem_alloc(struct crypto_aead *tfm,
254 unsigned int crypto_ctx_size,
255 u8 **iv, struct aead_request **req,
256 struct scatterlist **sg, int nsg);
257static int tipc_aead_encrypt(struct tipc_aead *aead, struct sk_buff *skb,
258 struct tipc_bearer *b,
259 struct tipc_media_addr *dst,
260 struct tipc_node *__dnode);
261static void tipc_aead_encrypt_done(struct crypto_async_request *base, int err);
262static int tipc_aead_decrypt(struct net *net, struct tipc_aead *aead,
263 struct sk_buff *skb, struct tipc_bearer *b);
264static void tipc_aead_decrypt_done(struct crypto_async_request *base, int err);
265static inline int tipc_ehdr_size(struct tipc_ehdr *ehdr);
266static int tipc_ehdr_build(struct net *net, struct tipc_aead *aead,
267 u8 tx_key, struct sk_buff *skb,
268 struct tipc_crypto *__rx);
269static inline void tipc_crypto_key_set_state(struct tipc_crypto *c,
270 u8 new_passive,
271 u8 new_active,
272 u8 new_pending);
273static int tipc_crypto_key_attach(struct tipc_crypto *c,
daef1ee3
TL		 274 struct tipc_aead *aead, u8 pos,
275 bool master_key);
fc1b6d6d
TL		 276static bool tipc_crypto_key_try_align(struct tipc_crypto *rx, u8 new_pending);
277static struct tipc_aead *tipc_crypto_key_pick_tx(struct tipc_crypto *tx,
278 struct tipc_crypto *rx,
daef1ee3
TL		 279 struct sk_buff *skb,
280 u8 tx_key);
f779bf79 281static void tipc_crypto_key_synch(struct tipc_crypto *rx, struct sk_buff *skb);
fc1b6d6d 282static int tipc_crypto_key_revoke(struct net *net, u8 tx_key);
daef1ee3
TL		 283static inline void tipc_crypto_clone_msg(struct net *net, struct sk_buff *_skb,
284 struct tipc_bearer *b,
285 struct tipc_media_addr *dst,
286 struct tipc_node *__dnode, u8 type);
fc1b6d6d
TL		 287static void tipc_crypto_rcv_complete(struct net *net, struct tipc_aead *aead,
288 struct tipc_bearer *b,
289 struct sk_buff **skb, int err);
290static void tipc_crypto_do_cmd(struct net *net, int cmd);
291static char *tipc_crypto_key_dump(struct tipc_crypto *c, char *buf);
fc1b6d6d
TL		 292static char *tipc_key_change_dump(struct tipc_key old, struct tipc_key new,
293 char *buf);
1ef6f7c9
TL		 294static int tipc_crypto_key_xmit(struct net *net, struct tipc_aead_key *skey,
295 u16 gen, u8 mode, u32 dnode);
296static bool tipc_crypto_key_rcv(struct tipc_crypto *rx, struct tipc_msg *hdr);
297static void tipc_crypto_work_rx(struct work_struct *work);
298
f779bf79
TL		 299#define is_tx(crypto) (!(crypto)->node)
300#define is_rx(crypto) (!is_tx(crypto))
fc1b6d6d
TL		 301
302#define key_next(cur) ((cur) % KEY_MAX + 1)
303
304#define tipc_aead_rcu_ptr(rcu_ptr, lock) \
305 rcu_dereference_protected((rcu_ptr), lockdep_is_held(lock))
306
fc1b6d6d
TL		 307#define tipc_aead_rcu_replace(rcu_ptr, ptr, lock) \
308do { \
309 typeof(rcu_ptr) __tmp = rcu_dereference_protected((rcu_ptr), \
310 lockdep_is_held(lock)); \
311 rcu_assign_pointer((rcu_ptr), (ptr)); \
312 tipc_aead_put(__tmp); \
313} while (0)
314
315#define tipc_crypto_key_detach(rcu_ptr, lock) \
316 tipc_aead_rcu_replace((rcu_ptr), NULL, lock)
317
318/**
319 * tipc_aead_key_validate - Validate a AEAD user key
320 */
f779bf79 321int tipc_aead_key_validate(struct tipc_aead_key *ukey, struct genl_info *info)
fc1b6d6d
TL		 322{
323 int keylen;
324
325 /* Check if algorithm exists */
326 if (unlikely(!crypto_has_alg(ukey->alg_name, 0, 0))) {
f779bf79 327 GENL_SET_ERR_MSG(info, "unable to load the algorithm (module existed?)");
fc1b6d6d
TL		 328 return -ENODEV;
329 }
330
331 /* Currently, we only support the "gcm(aes)" cipher algorithm */
f779bf79
TL		 332 if (strcmp(ukey->alg_name, "gcm(aes)")) {
333 GENL_SET_ERR_MSG(info, "not supported yet the algorithm");
fc1b6d6d 334 return -ENOTSUPP;
f779bf79 335 }
fc1b6d6d
TL		 336
337 /* Check if key size is correct */
338 keylen = ukey->keylen - TIPC_AES_GCM_SALT_SIZE;
339 if (unlikely(keylen != TIPC_AES_GCM_KEY_SIZE_128 &&
340 keylen != TIPC_AES_GCM_KEY_SIZE_192 &&
f779bf79
TL		 341 keylen != TIPC_AES_GCM_KEY_SIZE_256)) {
342 GENL_SET_ERR_MSG(info, "incorrect key length (20, 28 or 36 octets?)");
343 return -EKEYREJECTED;
344 }
fc1b6d6d
TL		 345
346 return 0;
347}
348
349static struct tipc_aead *tipc_aead_get(struct tipc_aead __rcu *aead)
350{
351 struct tipc_aead *tmp;
352
353 rcu_read_lock();
354 tmp = rcu_dereference(aead);
355 if (unlikely(!tmp || !refcount_inc_not_zero(&tmp->refcnt)))
356 tmp = NULL;
357 rcu_read_unlock();
358
359 return tmp;
360}
361
362static inline void tipc_aead_put(struct tipc_aead *aead)
363{
364 if (aead && refcount_dec_and_test(&aead->refcnt))
365 call_rcu(&aead->rcu, tipc_aead_free);
366}
367
368/**
369 * tipc_aead_free - Release AEAD key incl. all the TFMs in the list
370 * @rp: rcu head pointer
371 */
372static void tipc_aead_free(struct rcu_head *rp)
373{
374 struct tipc_aead *aead = container_of(rp, struct tipc_aead, rcu);
375 struct tipc_tfm *tfm_entry, *head, *tmp;
376
377 if (aead->cloned) {
378 tipc_aead_put(aead->cloned);
379 } else {
bb8872a1
TL		 380 head = *get_cpu_ptr(aead->tfm_entry);
381 put_cpu_ptr(aead->tfm_entry);
fc1b6d6d
TL		 382 list_for_each_entry_safe(tfm_entry, tmp, &head->list, list) {
383 crypto_free_aead(tfm_entry->tfm);
384 list_del(&tfm_entry->list);
385 kfree(tfm_entry);
386 }
387 /* Free the head */
388 crypto_free_aead(head->tfm);
389 list_del(&head->list);
390 kfree(head);
391 }
392 free_percpu(aead->tfm_entry);
1ef6f7c9 393 kzfree(aead->key);
fc1b6d6d
TL		 394 kfree(aead);
395}
396
397static int tipc_aead_users(struct tipc_aead __rcu *aead)
398{
399 struct tipc_aead *tmp;
400 int users = 0;
401
402 rcu_read_lock();
403 tmp = rcu_dereference(aead);
404 if (tmp)
405 users = atomic_read(&tmp->users);
406 rcu_read_unlock();
407
408 return users;
409}
410
411static void tipc_aead_users_inc(struct tipc_aead __rcu *aead, int lim)
412{
413 struct tipc_aead *tmp;
414
415 rcu_read_lock();
416 tmp = rcu_dereference(aead);
417 if (tmp)
418 atomic_add_unless(&tmp->users, 1, lim);
419 rcu_read_unlock();
420}
421
422static void tipc_aead_users_dec(struct tipc_aead __rcu *aead, int lim)
423{
424 struct tipc_aead *tmp;
425
426 rcu_read_lock();
427 tmp = rcu_dereference(aead);
428 if (tmp)
429 atomic_add_unless(&rcu_dereference(aead)->users, -1, lim);
430 rcu_read_unlock();
431}
432
433static void tipc_aead_users_set(struct tipc_aead __rcu *aead, int val)
434{
435 struct tipc_aead *tmp;
436 int cur;
437
438 rcu_read_lock();
439 tmp = rcu_dereference(aead);
440 if (tmp) {
441 do {
442 cur = atomic_read(&tmp->users);
443 if (cur == val)
444 break;
445 } while (atomic_cmpxchg(&tmp->users, cur, val) != cur);
446 }
447 rcu_read_unlock();
448}
449
450/**
451 * tipc_aead_tfm_next - Move TFM entry to the next one in list and return it
452 */
453static struct crypto_aead *tipc_aead_tfm_next(struct tipc_aead *aead)
454{
bb8872a1
TL		 455 struct tipc_tfm **tfm_entry;
456 struct crypto_aead *tfm;
fc1b6d6d 457
bb8872a1 458 tfm_entry = get_cpu_ptr(aead->tfm_entry);
fc1b6d6d 459 *tfm_entry = list_next_entry(*tfm_entry, list);
bb8872a1
TL		 460 tfm = (*tfm_entry)->tfm;
461 put_cpu_ptr(tfm_entry);
462
463 return tfm;
fc1b6d6d
TL		 464}
465
466/**
467 * tipc_aead_init - Initiate TIPC AEAD
468 * @aead: returned new TIPC AEAD key handle pointer
469 * @ukey: pointer to user key data
470 * @mode: the key mode
471 *
472 * Allocate a (list of) new cipher transformation (TFM) with the specific user
473 * key data if valid. The number of the allocated TFMs can be set via the sysfs
474 * "net/tipc/max_tfms" first.
475 * Also, all the other AEAD data are also initialized.
476 *
477 * Return: 0 if the initiation is successful, otherwise: < 0
478 */
479static int tipc_aead_init(struct tipc_aead **aead, struct tipc_aead_key *ukey,
480 u8 mode)
481{
482 struct tipc_tfm *tfm_entry, *head;
483 struct crypto_aead *tfm;
484 struct tipc_aead *tmp;
485 int keylen, err, cpu;
486 int tfm_cnt = 0;
487
488 if (unlikely(*aead))
489 return -EEXIST;
490
491 /* Allocate a new AEAD */
492 tmp = kzalloc(sizeof(*tmp), GFP_ATOMIC);
493 if (unlikely(!tmp))
494 return -ENOMEM;
495
496 /* The key consists of two parts: [AES-KEY][SALT] */
497 keylen = ukey->keylen - TIPC_AES_GCM_SALT_SIZE;
498
499 /* Allocate per-cpu TFM entry pointer */
500 tmp->tfm_entry = alloc_percpu(struct tipc_tfm *);
501 if (!tmp->tfm_entry) {
453431a5 502 kfree_sensitive(tmp);
fc1b6d6d
TL		 503 return -ENOMEM;
504 }
505
506 /* Make a list of TFMs with the user key data */
507 do {
508 tfm = crypto_alloc_aead(ukey->alg_name, 0, 0);
509 if (IS_ERR(tfm)) {
510 err = PTR_ERR(tfm);
511 break;
512 }
513
514 if (unlikely(!tfm_cnt &&
515 crypto_aead_ivsize(tfm) != TIPC_AES_GCM_IV_SIZE)) {
516 crypto_free_aead(tfm);
517 err = -ENOTSUPP;
518 break;
519 }
520
c33fdc34 521 err = crypto_aead_setauthsize(tfm, TIPC_AES_GCM_TAG_SIZE);
fc1b6d6d
TL		 522 err |= crypto_aead_setkey(tfm, ukey->key, keylen);
523 if (unlikely(err)) {
524 crypto_free_aead(tfm);
525 break;
526 }
527
528 tfm_entry = kmalloc(sizeof(*tfm_entry), GFP_KERNEL);
529 if (unlikely(!tfm_entry)) {
530 crypto_free_aead(tfm);
531 err = -ENOMEM;
532 break;
533 }
534 INIT_LIST_HEAD(&tfm_entry->list);
535 tfm_entry->tfm = tfm;
536
537 /* First entry? */
538 if (!tfm_cnt) {
539 head = tfm_entry;
540 for_each_possible_cpu(cpu) {
541 *per_cpu_ptr(tmp->tfm_entry, cpu) = head;
542 }
543 } else {
544 list_add_tail(&tfm_entry->list, &head->list);
545 }
546
547 } while (++tfm_cnt < sysctl_tipc_max_tfms);
548
549 /* Not any TFM is allocated? */
550 if (!tfm_cnt) {
551 free_percpu(tmp->tfm_entry);
453431a5 552 kfree_sensitive(tmp);
fc1b6d6d
TL		 553 return err;
554 }
555
f779bf79
TL		 556 /* Form a hex string of some last bytes as the key's hint */
557 bin2hex(tmp->hint, ukey->key + keylen - TIPC_AEAD_HINT_LEN,
558 TIPC_AEAD_HINT_LEN);
fc1b6d6d
TL		 559
560 /* Initialize the other data */
561 tmp->mode = mode;
562 tmp->cloned = NULL;
563 tmp->authsize = TIPC_AES_GCM_TAG_SIZE;
1ef6f7c9 564 tmp->key = kmemdup(ukey, tipc_aead_key_size(ukey), GFP_KERNEL);
fc1b6d6d
TL		 565 memcpy(&tmp->salt, ukey->key + keylen, TIPC_AES_GCM_SALT_SIZE);
566 atomic_set(&tmp->users, 0);
567 atomic64_set(&tmp->seqno, 0);
568 refcount_set(&tmp->refcnt, 1);
569
570 *aead = tmp;
571 return 0;
572}
573
574/**
575 * tipc_aead_clone - Clone a TIPC AEAD key
576 * @dst: dest key for the cloning
577 * @src: source key to clone from
578 *
579 * Make a "copy" of the source AEAD key data to the dest, the TFMs list is
580 * common for the keys.
581 * A reference to the source is hold in the "cloned" pointer for the later
582 * freeing purposes.
583 *
584 * Note: this must be done in cluster-key mode only!
585 * Return: 0 in case of success, otherwise < 0
586 */
587static int tipc_aead_clone(struct tipc_aead **dst, struct tipc_aead *src)
588{
589 struct tipc_aead *aead;
590 int cpu;
591
592 if (!src)
593 return -ENOKEY;
594
595 if (src->mode != CLUSTER_KEY)
596 return -EINVAL;
597
598 if (unlikely(*dst))
599 return -EEXIST;
600
601 aead = kzalloc(sizeof(*aead), GFP_ATOMIC);
602 if (unlikely(!aead))
603 return -ENOMEM;
604
605 aead->tfm_entry = alloc_percpu_gfp(struct tipc_tfm *, GFP_ATOMIC);
606 if (unlikely(!aead->tfm_entry)) {
453431a5 607 kfree_sensitive(aead);
fc1b6d6d
TL		 608 return -ENOMEM;
609 }
610
611 for_each_possible_cpu(cpu) {
612 *per_cpu_ptr(aead->tfm_entry, cpu) =
613 *per_cpu_ptr(src->tfm_entry, cpu);
614 }
615
616 memcpy(aead->hint, src->hint, sizeof(src->hint));
617 aead->mode = src->mode;
618 aead->salt = src->salt;
619 aead->authsize = src->authsize;
620 atomic_set(&aead->users, 0);
621 atomic64_set(&aead->seqno, 0);
622 refcount_set(&aead->refcnt, 1);
623
624 WARN_ON(!refcount_inc_not_zero(&src->refcnt));
625 aead->cloned = src;
626
627 *dst = aead;
628 return 0;
629}
630
631/**
632 * tipc_aead_mem_alloc - Allocate memory for AEAD request operations
633 * @tfm: cipher handle to be registered with the request
634 * @crypto_ctx_size: size of crypto context for callback
635 * @iv: returned pointer to IV data
636 * @req: returned pointer to AEAD request data
637 * @sg: returned pointer to SG lists
638 * @nsg: number of SG lists to be allocated
639 *
640 * Allocate memory to store the crypto context data, AEAD request, IV and SG
641 * lists, the memory layout is as follows:
642 * crypto_ctx || iv || aead_req || sg[]
643 *
644 * Return: the pointer to the memory areas in case of success, otherwise NULL
645 */
646static void *tipc_aead_mem_alloc(struct crypto_aead *tfm,
647 unsigned int crypto_ctx_size,
648 u8 **iv, struct aead_request **req,
649 struct scatterlist **sg, int nsg)
650{
651 unsigned int iv_size, req_size;
652 unsigned int len;
653 u8 *mem;
654
655 iv_size = crypto_aead_ivsize(tfm);
656 req_size = sizeof(**req) + crypto_aead_reqsize(tfm);
657
658 len = crypto_ctx_size;
659 len += iv_size;
660 len += crypto_aead_alignmask(tfm) & ~(crypto_tfm_ctx_alignment() - 1);
661 len = ALIGN(len, crypto_tfm_ctx_alignment());
662 len += req_size;
663 len = ALIGN(len, __alignof__(struct scatterlist));
664 len += nsg * sizeof(**sg);
665
666 mem = kmalloc(len, GFP_ATOMIC);
667 if (!mem)
668 return NULL;
669
670 *iv = (u8 *)PTR_ALIGN(mem + crypto_ctx_size,
671 crypto_aead_alignmask(tfm) + 1);
672 *req = (struct aead_request *)PTR_ALIGN(*iv + iv_size,
673 crypto_tfm_ctx_alignment());
674 *sg = (struct scatterlist *)PTR_ALIGN((u8 *)*req + req_size,
675 __alignof__(struct scatterlist));
676
677 return (void *)mem;
678}
679
680/**
681 * tipc_aead_encrypt - Encrypt a message
682 * @aead: TIPC AEAD key for the message encryption
683 * @skb: the input/output skb
684 * @b: TIPC bearer where the message will be delivered after the encryption
685 * @dst: the destination media address
686 * @__dnode: TIPC dest node if "known"
687 *
688 * Return:
689 * 0 : if the encryption has completed
690 * -EINPROGRESS/-EBUSY : if a callback will be performed
691 * < 0 : the encryption has failed
692 */
693static int tipc_aead_encrypt(struct tipc_aead *aead, struct sk_buff *skb,
694 struct tipc_bearer *b,
695 struct tipc_media_addr *dst,
696 struct tipc_node *__dnode)
697{
698 struct crypto_aead *tfm = tipc_aead_tfm_next(aead);
699 struct tipc_crypto_tx_ctx *tx_ctx;
700 struct aead_request *req;
701 struct sk_buff *trailer;
702 struct scatterlist *sg;
703 struct tipc_ehdr *ehdr;
704 int ehsz, len, tailen, nsg, rc;
705 void *ctx;
706 u32 salt;
707 u8 *iv;
708
709 /* Make sure message len at least 4-byte aligned */
710 len = ALIGN(skb->len, 4);
711 tailen = len - skb->len + aead->authsize;
712
713 /* Expand skb tail for authentication tag:
714 * As for simplicity, we'd have made sure skb having enough tailroom
715 * for authentication tag @skb allocation. Even when skb is nonlinear
716 * but there is no frag_list, it should be still fine!
717 * Otherwise, we must cow it to be a writable buffer with the tailroom.
718 */
fc1b6d6d
TL		 719 SKB_LINEAR_ASSERT(skb);
720 if (tailen > skb_tailroom(skb)) {
f779bf79
TL		 721 pr_debug("TX(): skb tailroom is not enough: %d, requires: %d\n",
722 skb_tailroom(skb), tailen);
fc1b6d6d 723 }
fc1b6d6d
TL		 724
725 if (unlikely(!skb_cloned(skb) && tailen <= skb_tailroom(skb))) {
726 nsg = 1;
727 trailer = skb;
728 } else {
729 /* TODO: We could avoid skb_cow_data() if skb has no frag_list
730 * e.g. by skb_fill_page_desc() to add another page to the skb
731 * with the wanted tailen... However, page skbs look not often,
732 * so take it easy now!
733 * Cloned skbs e.g. from link_xmit() seems no choice though :(
734 */
735 nsg = skb_cow_data(skb, tailen, &trailer);
736 if (unlikely(nsg < 0)) {
737 pr_err("TX: skb_cow_data() returned %d\n", nsg);
738 return nsg;
739 }
740 }
741
742 pskb_put(skb, trailer, tailen);
743
744 /* Allocate memory for the AEAD operation */
745 ctx = tipc_aead_mem_alloc(tfm, sizeof(*tx_ctx), &iv, &req, &sg, nsg);
746 if (unlikely(!ctx))
747 return -ENOMEM;
748 TIPC_SKB_CB(skb)->crypto_ctx = ctx;
749
750 /* Map skb to the sg lists */
751 sg_init_table(sg, nsg);
752 rc = skb_to_sgvec(skb, sg, 0, skb->len);
753 if (unlikely(rc < 0)) {
754 pr_err("TX: skb_to_sgvec() returned %d, nsg %d!\n", rc, nsg);
755 goto exit;
756 }
757
758 /* Prepare IV: [SALT (4 octets)][SEQNO (8 octets)]
759 * In case we're in cluster-key mode, SALT is varied by xor-ing with
760 * the source address (or w0 of id), otherwise with the dest address
761 * if dest is known.
762 */
763 ehdr = (struct tipc_ehdr *)skb->data;
764 salt = aead->salt;
765 if (aead->mode == CLUSTER_KEY)
766 salt ^= ehdr->addr; /* __be32 */
767 else if (__dnode)
768 salt ^= tipc_node_get_addr(__dnode);
769 memcpy(iv, &salt, 4);
770 memcpy(iv + 4, (u8 *)&ehdr->seqno, 8);
771
772 /* Prepare request */
773 ehsz = tipc_ehdr_size(ehdr);
774 aead_request_set_tfm(req, tfm);
775 aead_request_set_ad(req, ehsz);
776 aead_request_set_crypt(req, sg, sg, len - ehsz, iv);
777
778 /* Set callback function & data */
779 aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
780 tipc_aead_encrypt_done, skb);
781 tx_ctx = (struct tipc_crypto_tx_ctx *)ctx;
782 tx_ctx->aead = aead;
783 tx_ctx->bearer = b;
784 memcpy(&tx_ctx->dst, dst, sizeof(*dst));
785
786 /* Hold bearer */
787 if (unlikely(!tipc_bearer_hold(b))) {
788 rc = -ENODEV;
789 goto exit;
790 }
791
792 /* Now, do encrypt */
793 rc = crypto_aead_encrypt(req);
794 if (rc == -EINPROGRESS || rc == -EBUSY)
795 return rc;
796
797 tipc_bearer_put(b);
798
799exit:
800 kfree(ctx);
801 TIPC_SKB_CB(skb)->crypto_ctx = NULL;
802 return rc;
803}
804
805static void tipc_aead_encrypt_done(struct crypto_async_request *base, int err)
806{
807 struct sk_buff *skb = base->data;
808 struct tipc_crypto_tx_ctx *tx_ctx = TIPC_SKB_CB(skb)->crypto_ctx;
809 struct tipc_bearer *b = tx_ctx->bearer;
810 struct tipc_aead *aead = tx_ctx->aead;
811 struct tipc_crypto *tx = aead->crypto;
812 struct net *net = tx->net;
813
814 switch (err) {
815 case 0:
816 this_cpu_inc(tx->stats->stat[STAT_ASYNC_OK]);
f6db9096 817 rcu_read_lock();
fc1b6d6d
TL		 818 if (likely(test_bit(0, &b->up)))
819 b->media->send_msg(net, skb, b, &tx_ctx->dst);
820 else
821 kfree_skb(skb);
f6db9096 822 rcu_read_unlock();
fc1b6d6d
TL		 823 break;
824 case -EINPROGRESS:
825 return;
826 default:
827 this_cpu_inc(tx->stats->stat[STAT_ASYNC_NOK]);
828 kfree_skb(skb);
829 break;
830 }
831
832 kfree(tx_ctx);
833 tipc_bearer_put(b);
834 tipc_aead_put(aead);
835}
836
837/**
838 * tipc_aead_decrypt - Decrypt an encrypted message
839 * @net: struct net
840 * @aead: TIPC AEAD for the message decryption
841 * @skb: the input/output skb
842 * @b: TIPC bearer where the message has been received
843 *
844 * Return:
845 * 0 : if the decryption has completed
846 * -EINPROGRESS/-EBUSY : if a callback will be performed
847 * < 0 : the decryption has failed
848 */
849static int tipc_aead_decrypt(struct net *net, struct tipc_aead *aead,
850 struct sk_buff *skb, struct tipc_bearer *b)
851{
852 struct tipc_crypto_rx_ctx *rx_ctx;
853 struct aead_request *req;
854 struct crypto_aead *tfm;
855 struct sk_buff *unused;
856 struct scatterlist *sg;
857 struct tipc_ehdr *ehdr;
858 int ehsz, nsg, rc;
859 void *ctx;
860 u32 salt;
861 u8 *iv;
862
863 if (unlikely(!aead))
864 return -ENOKEY;
865
866 /* Cow skb data if needed */
867 if (likely(!skb_cloned(skb) &&
868 (!skb_is_nonlinear(skb) || !skb_has_frag_list(skb)))) {
869 nsg = 1 + skb_shinfo(skb)->nr_frags;
870 } else {
871 nsg = skb_cow_data(skb, 0, &unused);
872 if (unlikely(nsg < 0)) {
873 pr_err("RX: skb_cow_data() returned %d\n", nsg);
874 return nsg;
875 }
876 }
877
878 /* Allocate memory for the AEAD operation */
879 tfm = tipc_aead_tfm_next(aead);
880 ctx = tipc_aead_mem_alloc(tfm, sizeof(*rx_ctx), &iv, &req, &sg, nsg);
881 if (unlikely(!ctx))
882 return -ENOMEM;
883 TIPC_SKB_CB(skb)->crypto_ctx = ctx;
884
885 /* Map skb to the sg lists */
886 sg_init_table(sg, nsg);
887 rc = skb_to_sgvec(skb, sg, 0, skb->len);
888 if (unlikely(rc < 0)) {
889 pr_err("RX: skb_to_sgvec() returned %d, nsg %d\n", rc, nsg);
890 goto exit;
891 }
892
893 /* Reconstruct IV: */
894 ehdr = (struct tipc_ehdr *)skb->data;
895 salt = aead->salt;
896 if (aead->mode == CLUSTER_KEY)
897 salt ^= ehdr->addr; /* __be32 */
898 else if (ehdr->destined)
899 salt ^= tipc_own_addr(net);
900 memcpy(iv, &salt, 4);
901 memcpy(iv + 4, (u8 *)&ehdr->seqno, 8);
902
903 /* Prepare request */
904 ehsz = tipc_ehdr_size(ehdr);
905 aead_request_set_tfm(req, tfm);
906 aead_request_set_ad(req, ehsz);
907 aead_request_set_crypt(req, sg, sg, skb->len - ehsz, iv);
908
909 /* Set callback function & data */
910 aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
911 tipc_aead_decrypt_done, skb);
912 rx_ctx = (struct tipc_crypto_rx_ctx *)ctx;
913 rx_ctx->aead = aead;
914 rx_ctx->bearer = b;
915
916 /* Hold bearer */
917 if (unlikely(!tipc_bearer_hold(b))) {
918 rc = -ENODEV;
919 goto exit;
920 }
921
922 /* Now, do decrypt */
923 rc = crypto_aead_decrypt(req);
924 if (rc == -EINPROGRESS || rc == -EBUSY)
925 return rc;
926
927 tipc_bearer_put(b);
928
929exit:
930 kfree(ctx);
931 TIPC_SKB_CB(skb)->crypto_ctx = NULL;
932 return rc;
933}
934
935static void tipc_aead_decrypt_done(struct crypto_async_request *base, int err)
936{
937 struct sk_buff *skb = base->data;
938 struct tipc_crypto_rx_ctx *rx_ctx = TIPC_SKB_CB(skb)->crypto_ctx;
939 struct tipc_bearer *b = rx_ctx->bearer;
940 struct tipc_aead *aead = rx_ctx->aead;
941 struct tipc_crypto_stats __percpu *stats = aead->crypto->stats;
942 struct net *net = aead->crypto->net;
943
944 switch (err) {
945 case 0:
946 this_cpu_inc(stats->stat[STAT_ASYNC_OK]);
947 break;
948 case -EINPROGRESS:
949 return;
950 default:
951 this_cpu_inc(stats->stat[STAT_ASYNC_NOK]);
952 break;
953 }
954
955 kfree(rx_ctx);
956 tipc_crypto_rcv_complete(net, aead, b, &skb, err);
957 if (likely(skb)) {
958 if (likely(test_bit(0, &b->up)))
959 tipc_rcv(net, skb, b);
960 else
961 kfree_skb(skb);
962 }
963
964 tipc_bearer_put(b);
965}
966
967static inline int tipc_ehdr_size(struct tipc_ehdr *ehdr)
968{
969 return (ehdr->user != LINK_CONFIG) ? EHDR_SIZE : EHDR_CFG_SIZE;
970}
971
972/**
973 * tipc_ehdr_validate - Validate an encryption message
974 * @skb: the message buffer
975 *
976 * Returns "true" if this is a valid encryption message, otherwise "false"
977 */
978bool tipc_ehdr_validate(struct sk_buff *skb)
979{
980 struct tipc_ehdr *ehdr;
981 int ehsz;
982
983 if (unlikely(!pskb_may_pull(skb, EHDR_MIN_SIZE)))
984 return false;
985
986 ehdr = (struct tipc_ehdr *)skb->data;
987 if (unlikely(ehdr->version != TIPC_EVERSION))
988 return false;
989 ehsz = tipc_ehdr_size(ehdr);
990 if (unlikely(!pskb_may_pull(skb, ehsz)))
991 return false;
992 if (unlikely(skb->len <= ehsz + TIPC_AES_GCM_TAG_SIZE))
993 return false;
fc1b6d6d
TL		 994
995 return true;
996}
997
998/**
999 * tipc_ehdr_build - Build TIPC encryption message header
1000 * @net: struct net
1001 * @aead: TX AEAD key to be used for the message encryption
1002 * @tx_key: key id used for the message encryption
1003 * @skb: input/output message skb
1004 * @__rx: RX crypto handle if dest is "known"
1005 *
1006 * Return: the header size if the building is successful, otherwise < 0
1007 */
1008static int tipc_ehdr_build(struct net *net, struct tipc_aead *aead,
1009 u8 tx_key, struct sk_buff *skb,
1010 struct tipc_crypto *__rx)
1011{
1012 struct tipc_msg *hdr = buf_msg(skb);
1013 struct tipc_ehdr *ehdr;
1014 u32 user = msg_user(hdr);
1015 u64 seqno;
1016 int ehsz;
1017
1018 /* Make room for encryption header */
1019 ehsz = (user != LINK_CONFIG) ? EHDR_SIZE : EHDR_CFG_SIZE;
1020 WARN_ON(skb_headroom(skb) < ehsz);
1021 ehdr = (struct tipc_ehdr *)skb_push(skb, ehsz);
1022
1023 /* Obtain a seqno first:
1024 * Use the key seqno (= cluster wise) if dest is unknown or we're in
1025 * cluster key mode, otherwise it's better for a per-peer seqno!
1026 */
1027 if (!__rx || aead->mode == CLUSTER_KEY)
1028 seqno = atomic64_inc_return(&aead->seqno);
1029 else
1030 seqno = atomic64_inc_return(&__rx->sndnxt);
1031
1032 /* Revoke the key if seqno is wrapped around */
1033 if (unlikely(!seqno))
1034 return tipc_crypto_key_revoke(net, tx_key);
1035
1036 /* Word 1-2 */
1037 ehdr->seqno = cpu_to_be64(seqno);
1038
1039 /* Words 0, 3- */
1040 ehdr->version = TIPC_EVERSION;
1041 ehdr->user = 0;
1042 ehdr->keepalive = 0;
1043 ehdr->tx_key = tx_key;
1044 ehdr->destined = (__rx) ? 1 : 0;
1045 ehdr->rx_key_active = (__rx) ? __rx->key.active : 0;
1ef6f7c9 1046 ehdr->rx_nokey = (__rx) ? __rx->nokey : 0;
daef1ee3 1047 ehdr->master_key = aead->crypto->key_master;
fc1b6d6d
TL		 1048 ehdr->reserved_1 = 0;
1049 ehdr->reserved_2 = 0;
1050
1051 switch (user) {
1052 case LINK_CONFIG:
1053 ehdr->user = LINK_CONFIG;
1054 memcpy(ehdr->id, tipc_own_id(net), NODE_ID_LEN);
1055 break;
1056 default:
1057 if (user == LINK_PROTOCOL && msg_type(hdr) == STATE_MSG) {
1058 ehdr->user = LINK_PROTOCOL;
1059 ehdr->keepalive = msg_is_keepalive(hdr);
1060 }
1061 ehdr->addr = hdr->hdr[3];
1062 break;
1063 }
1064
1065 return ehsz;
1066}
1067
1068static inline void tipc_crypto_key_set_state(struct tipc_crypto *c,
1069 u8 new_passive,
1070 u8 new_active,
1071 u8 new_pending)
1072{
fc1b6d6d
TL		 1073 struct tipc_key old = c->key;
1074 char buf[32];
fc1b6d6d
TL		 1075
1076 c->key.keys = ((new_passive & KEY_MASK) << (KEY_BITS * 2)) |
1077 ((new_active & KEY_MASK) << (KEY_BITS)) |
1078 ((new_pending & KEY_MASK));
1079
f779bf79
TL		 1080 pr_debug("%s: key changing %s ::%pS\n", c->name,
1081 tipc_key_change_dump(old, c->key, buf),
1082 __builtin_return_address(0));
fc1b6d6d
TL		 1083}
1084
1085/**
1086 * tipc_crypto_key_init - Initiate a new user / AEAD key
1087 * @c: TIPC crypto to which new key is attached
1088 * @ukey: the user key
1089 * @mode: the key mode (CLUSTER_KEY or PER_NODE_KEY)
daef1ee3 1090 * @master_key: specify this is a cluster master key
fc1b6d6d
TL		 1091 *
1092 * A new TIPC AEAD key will be allocated and initiated with the specified user
1093 * key, then attached to the TIPC crypto.
1094 *
1095 * Return: new key id in case of success, otherwise: < 0
1096 */
1097int tipc_crypto_key_init(struct tipc_crypto *c, struct tipc_aead_key *ukey,
daef1ee3 1098 u8 mode, bool master_key)
fc1b6d6d
TL		 1099{
1100 struct tipc_aead *aead = NULL;
1101 int rc = 0;
1102
1103 /* Initiate with the new user key */
1104 rc = tipc_aead_init(&aead, ukey, mode);
1105
1106 /* Attach it to the crypto */
1107 if (likely(!rc)) {
daef1ee3 1108 rc = tipc_crypto_key_attach(c, aead, 0, master_key);
fc1b6d6d
TL		 1109 if (rc < 0)
1110 tipc_aead_free(&aead->rcu);
1111 }
1112
fc1b6d6d
TL		 1113 return rc;
1114}
1115
1116/**
1117 * tipc_crypto_key_attach - Attach a new AEAD key to TIPC crypto
1118 * @c: TIPC crypto to which the new AEAD key is attached
1119 * @aead: the new AEAD key pointer
1120 * @pos: desired slot in the crypto key array, = 0 if any!
daef1ee3 1121 * @master_key: specify this is a cluster master key
fc1b6d6d
TL		 1122 *
1123 * Return: new key id in case of success, otherwise: -EBUSY
1124 */
1125static int tipc_crypto_key_attach(struct tipc_crypto *c,
daef1ee3
TL		 1126 struct tipc_aead *aead, u8 pos,
1127 bool master_key)
fc1b6d6d 1128{
fc1b6d6d
TL		 1129 struct tipc_key key;
1130 int rc = -EBUSY;
f779bf79 1131 u8 new_key;
fc1b6d6d
TL		 1132
1133 spin_lock_bh(&c->lock);
1134 key = c->key;
daef1ee3
TL		 1135 if (master_key) {
1136 new_key = KEY_MASTER;
1137 goto attach;
1138 }
fc1b6d6d
TL		 1139 if (key.active && key.passive)
1140 goto exit;
fc1b6d6d 1141 if (key.pending) {
fc1b6d6d
TL		 1142 if (tipc_aead_users(c->aead[key.pending]) > 0)
1143 goto exit;
f779bf79 1144 /* if (pos): ok with replacing, will be aligned when needed */
fc1b6d6d 1145 /* Replace it */
f779bf79 1146 new_key = key.pending;
fc1b6d6d
TL		 1147 } else {
1148 if (pos) {
1149 if (key.active && pos != key_next(key.active)) {
f779bf79
TL		 1150 key.passive = pos;
1151 new_key = pos;
fc1b6d6d
TL		 1152 goto attach;
1153 } else if (!key.active && !key.passive) {
f779bf79
TL		 1154 key.pending = pos;
1155 new_key = pos;
fc1b6d6d
TL		 1156 goto attach;
1157 }
1158 }
f779bf79
TL		 1159 key.pending = key_next(key.active ?: key.passive);
1160 new_key = key.pending;
fc1b6d6d
TL		 1161 }
1162
1163attach:
1164 aead->crypto = c;
1ef6f7c9 1165 aead->gen = (is_tx(c)) ? ++c->key_gen : c->key_gen;
fc1b6d6d 1166 tipc_aead_rcu_replace(c->aead[new_key], aead, &c->lock);
f779bf79
TL		 1167 if (likely(c->key.keys != key.keys))
1168 tipc_crypto_key_set_state(c, key.passive, key.active,
1169 key.pending);
fc1b6d6d 1170 c->working = 1;
1ef6f7c9 1171 c->nokey = 0;
daef1ee3 1172 c->key_master |= master_key;
fc1b6d6d
TL		 1173 rc = new_key;
1174
1175exit:
1176 spin_unlock_bh(&c->lock);
1177 return rc;
1178}
1179
1180void tipc_crypto_key_flush(struct tipc_crypto *c)
1181{
1ef6f7c9 1182 struct tipc_crypto *tx, *rx;
fc1b6d6d
TL		 1183 int k;
1184
1185 spin_lock_bh(&c->lock);
1ef6f7c9
TL		 1186 if (is_rx(c)) {
1187 /* Try to cancel pending work */
1188 rx = c;
1189 tx = tipc_net(rx->net)->crypto_tx;
1190 if (cancel_delayed_work(&rx->work)) {
1191 kfree(rx->skey);
1192 rx->skey = NULL;
1193 atomic_xchg(&rx->key_distr, 0);
1194 tipc_node_put(rx->node);
1195 }
1196 /* RX stopping => decrease TX key users if any */
1197 k = atomic_xchg(&rx->peer_rx_active, 0);
1198 if (k) {
1199 tipc_aead_users_dec(tx->aead[k], 0);
1200 /* Mark the point TX key users changed */
1201 tx->timer1 = jiffies;
1202 }
1203 }
1204
daef1ee3 1205 c->flags = 0;
fc1b6d6d
TL		 1206 tipc_crypto_key_set_state(c, 0, 0, 0);
1207 for (k = KEY_MIN; k <= KEY_MAX; k++)
1208 tipc_crypto_key_detach(c->aead[k], &c->lock);
fc1b6d6d
TL		 1209 atomic64_set(&c->sndnxt, 0);
1210 spin_unlock_bh(&c->lock);
1211}
1212
1213/**
1214 * tipc_crypto_key_try_align - Align RX keys if possible
1215 * @rx: RX crypto handle
1216 * @new_pending: new pending slot if aligned (= TX key from peer)
1217 *
1218 * Peer has used an unknown key slot, this only happens when peer has left and
1219 * rejoned, or we are newcomer.
1220 * That means, there must be no active key but a pending key at unaligned slot.
1221 * If so, we try to move the pending key to the new slot.
1222 * Note: A potential passive key can exist, it will be shifted correspondingly!
1223 *
1224 * Return: "true" if key is successfully aligned, otherwise "false"
1225 */
1226static bool tipc_crypto_key_try_align(struct tipc_crypto *rx, u8 new_pending)
1227{
1228 struct tipc_aead *tmp1, *tmp2 = NULL;
1229 struct tipc_key key;
1230 bool aligned = false;
1231 u8 new_passive = 0;
1232 int x;
1233
1234 spin_lock(&rx->lock);
1235 key = rx->key;
1236 if (key.pending == new_pending) {
1237 aligned = true;
1238 goto exit;
1239 }
1240 if (key.active)
1241 goto exit;
1242 if (!key.pending)
1243 goto exit;
1244 if (tipc_aead_users(rx->aead[key.pending]) > 0)
1245 goto exit;
1246
1247 /* Try to "isolate" this pending key first */
1248 tmp1 = tipc_aead_rcu_ptr(rx->aead[key.pending], &rx->lock);
1249 if (!refcount_dec_if_one(&tmp1->refcnt))
1250 goto exit;
1251 rcu_assign_pointer(rx->aead[key.pending], NULL);
1252
1253 /* Move passive key if any */
1254 if (key.passive) {
1a271ebb 1255 tmp2 = rcu_replace_pointer(rx->aead[key.passive], tmp2, lockdep_is_held(&rx->lock));
fc1b6d6d
TL		 1256 x = (key.passive - key.pending + new_pending) % KEY_MAX;
1257 new_passive = (x <= 0) ? x + KEY_MAX : x;
1258 }
1259
1260 /* Re-allocate the key(s) */
1261 tipc_crypto_key_set_state(rx, new_passive, 0, new_pending);
1262 rcu_assign_pointer(rx->aead[new_pending], tmp1);
1263 if (new_passive)
1264 rcu_assign_pointer(rx->aead[new_passive], tmp2);
1265 refcount_set(&tmp1->refcnt, 1);
1266 aligned = true;
f779bf79
TL		 1267 pr_info_ratelimited("%s: key[%d] -> key[%d]\n", rx->name, key.pending,
1268 new_pending);
fc1b6d6d
TL		 1269
1270exit:
1271 spin_unlock(&rx->lock);
1272 return aligned;
1273}
1274
1275/**
1276 * tipc_crypto_key_pick_tx - Pick one TX key for message decryption
1277 * @tx: TX crypto handle
1278 * @rx: RX crypto handle (can be NULL)
1279 * @skb: the message skb which will be decrypted later
daef1ee3 1280 * @tx_key: peer TX key id
fc1b6d6d
TL		 1281 *
1282 * This function looks up the existing TX keys and pick one which is suitable
1283 * for the message decryption, that must be a cluster key and not used before
1284 * on the same message (i.e. recursive).
1285 *
1286 * Return: the TX AEAD key handle in case of success, otherwise NULL
1287 */
1288static struct tipc_aead *tipc_crypto_key_pick_tx(struct tipc_crypto *tx,
1289 struct tipc_crypto *rx,
daef1ee3
TL		 1290 struct sk_buff *skb,
1291 u8 tx_key)
fc1b6d6d
TL		 1292{
1293 struct tipc_skb_cb *skb_cb = TIPC_SKB_CB(skb);
1294 struct tipc_aead *aead = NULL;
1295 struct tipc_key key = tx->key;
1296 u8 k, i = 0;
1297
1298 /* Initialize data if not yet */
1299 if (!skb_cb->tx_clone_deferred) {
1300 skb_cb->tx_clone_deferred = 1;
1301 memset(&skb_cb->tx_clone_ctx, 0, sizeof(skb_cb->tx_clone_ctx));
1302 }
1303
1304 skb_cb->tx_clone_ctx.rx = rx;
1305 if (++skb_cb->tx_clone_ctx.recurs > 2)
1306 return NULL;
1307
1308 /* Pick one TX key */
1309 spin_lock(&tx->lock);
daef1ee3
TL		 1310 if (tx_key == KEY_MASTER) {
1311 aead = tipc_aead_rcu_ptr(tx->aead[KEY_MASTER], &tx->lock);
1312 goto done;
1313 }
fc1b6d6d
TL		 1314 do {
1315 k = (i == 0) ? key.pending :
1316 ((i == 1) ? key.active : key.passive);
1317 if (!k)
1318 continue;
1319 aead = tipc_aead_rcu_ptr(tx->aead[k], &tx->lock);
1320 if (!aead)
1321 continue;
1322 if (aead->mode != CLUSTER_KEY ||
1323 aead == skb_cb->tx_clone_ctx.last) {
1324 aead = NULL;
1325 continue;
1326 }
1327 /* Ok, found one cluster key */
1328 skb_cb->tx_clone_ctx.last = aead;
1329 WARN_ON(skb->next);
1330 skb->next = skb_clone(skb, GFP_ATOMIC);
1331 if (unlikely(!skb->next))
1332 pr_warn("Failed to clone skb for next round if any\n");
fc1b6d6d
TL		 1333 break;
1334 } while (++i < 3);
daef1ee3
TL		 1335
1336done:
1337 if (likely(aead))
1338 WARN_ON(!refcount_inc_not_zero(&aead->refcnt));
fc1b6d6d
TL		 1339 spin_unlock(&tx->lock);
1340
1341 return aead;
1342}
1343
1344/**
1345 * tipc_crypto_key_synch: Synch own key data according to peer key status
1346 * @rx: RX crypto handle
f779bf79 1347 * @skb: TIPCv2 message buffer (incl. the ehdr from peer)
fc1b6d6d
TL		 1348 *
1349 * This function updates the peer node related data as the peer RX active key
1350 * has changed, so the number of TX keys' users on this node are increased and
1351 * decreased correspondingly.
1352 *
daef1ee3 1353 * It also considers if peer has no key, then we need to make own master key
1ef6f7c9
TL		 1354 * (if any) taking over i.e. starting grace period and also trigger key
1355 * distributing process.
daef1ee3 1356 *
fc1b6d6d
TL		 1357 * The "per-peer" sndnxt is also reset when the peer key has switched.
1358 */
f779bf79 1359static void tipc_crypto_key_synch(struct tipc_crypto *rx, struct sk_buff *skb)
fc1b6d6d 1360{
f779bf79
TL		 1361 struct tipc_ehdr *ehdr = (struct tipc_ehdr *)skb_network_header(skb);
1362 struct tipc_crypto *tx = tipc_net(rx->net)->crypto_tx;
1363 struct tipc_msg *hdr = buf_msg(skb);
1364 u32 self = tipc_own_addr(rx->net);
1365 u8 cur, new;
1ef6f7c9 1366 unsigned long delay;
fc1b6d6d 1367
daef1ee3
TL		 1368 /* Update RX 'key_master' flag according to peer, also mark "legacy" if
1369 * a peer has no master key.
1370 */
1371 rx->key_master = ehdr->master_key;
1372 if (!rx->key_master)
1373 tx->legacy_user = 1;
1374
1375 /* For later cases, apply only if message is destined to this node */
f779bf79 1376 if (!ehdr->destined || msg_short(hdr) || msg_destnode(hdr) != self)
fc1b6d6d
TL		 1377 return;
1378
daef1ee3 1379 /* Case 1: Peer has no keys, let's make master key take over */
1ef6f7c9 1380 if (ehdr->rx_nokey) {
daef1ee3
TL		 1381 /* Set or extend grace period */
1382 tx->timer2 = jiffies;
1ef6f7c9
TL		 1383 /* Schedule key distributing for the peer if not yet */
1384 if (tx->key.keys &&
1385 !atomic_cmpxchg(&rx->key_distr, 0, KEY_DISTR_SCHED)) {
1386 get_random_bytes(&delay, 2);
1387 delay %= 5;
1388 delay = msecs_to_jiffies(500 * ++delay);
1389 if (queue_delayed_work(tx->wq, &rx->work, delay))
1390 tipc_node_get(rx->node);
1391 }
1392 } else {
1393 /* Cancel a pending key distributing if any */
1394 atomic_xchg(&rx->key_distr, 0);
1395 }
daef1ee3
TL		 1396
1397 /* Case 2: Peer RX active key has changed, let's update own TX users */
f779bf79
TL		 1398 cur = atomic_read(&rx->peer_rx_active);
1399 new = ehdr->rx_key_active;
1400 if (tx->key.keys &&
1401 cur != new &&
1402 atomic_cmpxchg(&rx->peer_rx_active, cur, new) == cur) {
1403 if (new)
1404 tipc_aead_users_inc(tx->aead[new], INT_MAX);
1405 if (cur)
1406 tipc_aead_users_dec(tx->aead[cur], 0);
fc1b6d6d
TL		 1407
1408 atomic64_set(&rx->sndnxt, 0);
1409 /* Mark the point TX key users changed */
1410 tx->timer1 = jiffies;
1411
f779bf79
TL		 1412 pr_debug("%s: key users changed %d-- %d++, peer %s\n",
1413 tx->name, cur, new, rx->name);
fc1b6d6d
TL		 1414 }
1415}
1416
1417static int tipc_crypto_key_revoke(struct net *net, u8 tx_key)
1418{
1419 struct tipc_crypto *tx = tipc_net(net)->crypto_tx;
1420 struct tipc_key key;
1421
1422 spin_lock(&tx->lock);
1423 key = tx->key;
1424 WARN_ON(!key.active || tx_key != key.active);
1425
1426 /* Free the active key */
1427 tipc_crypto_key_set_state(tx, key.passive, 0, key.pending);
1428 tipc_crypto_key_detach(tx->aead[key.active], &tx->lock);
1429 spin_unlock(&tx->lock);
1430
f779bf79 1431 pr_warn("%s: key is revoked\n", tx->name);
fc1b6d6d
TL		 1432 return -EKEYREVOKED;
1433}
1434
1435int tipc_crypto_start(struct tipc_crypto **crypto, struct net *net,
1436 struct tipc_node *node)
1437{
1438 struct tipc_crypto *c;
1439
1440 if (*crypto)
1441 return -EEXIST;
1442
1443 /* Allocate crypto */
1444 c = kzalloc(sizeof(*c), GFP_ATOMIC);
1445 if (!c)
1446 return -ENOMEM;
1447
1ef6f7c9
TL		 1448 /* Allocate workqueue on TX */
1449 if (!node) {
1450 c->wq = alloc_ordered_workqueue("tipc_crypto", 0);
1451 if (!c->wq) {
1452 kfree(c);
1453 return -ENOMEM;
1454 }
1455 }
1456
fc1b6d6d
TL		 1457 /* Allocate statistic structure */
1458 c->stats = alloc_percpu_gfp(struct tipc_crypto_stats, GFP_ATOMIC);
1459 if (!c->stats) {
453431a5 1460 kfree_sensitive(c);
fc1b6d6d
TL		 1461 return -ENOMEM;
1462 }
1463
daef1ee3 1464 c->flags = 0;
fc1b6d6d
TL		 1465 c->net = net;
1466 c->node = node;
1ef6f7c9 1467 get_random_bytes(&c->key_gen, 2);
fc1b6d6d 1468 tipc_crypto_key_set_state(c, 0, 0, 0);
1ef6f7c9 1469 atomic_set(&c->key_distr, 0);
fc1b6d6d
TL		 1470 atomic_set(&c->peer_rx_active, 0);
1471 atomic64_set(&c->sndnxt, 0);
1472 c->timer1 = jiffies;
1473 c->timer2 = jiffies;
1474 spin_lock_init(&c->lock);
f779bf79
TL		 1475 scnprintf(c->name, 48, "%s(%s)", (is_rx(c)) ? "RX" : "TX",
1476 (is_rx(c)) ? tipc_node_get_id_str(c->node) :
1477 tipc_own_id_string(c->net));
fc1b6d6d 1478
1ef6f7c9
TL		 1479 if (is_rx(c))
1480 INIT_DELAYED_WORK(&c->work, tipc_crypto_work_rx);
1481
f779bf79 1482 *crypto = c;
fc1b6d6d
TL		 1483 return 0;
1484}
1485
1486void tipc_crypto_stop(struct tipc_crypto **crypto)
1487{
1ef6f7c9 1488 struct tipc_crypto *c = *crypto;
fc1b6d6d
TL		 1489 u8 k;
1490
f779bf79 1491 if (!c)
fc1b6d6d
TL		 1492 return;
1493
1ef6f7c9
TL		 1494 /* Flush any queued works & destroy wq */
1495 if (is_tx(c))
1496 destroy_workqueue(c->wq);
fc1b6d6d
TL		 1497
1498 /* Release AEAD keys */
1ef6f7c9 1499 rcu_read_lock();
fc1b6d6d
TL		 1500 for (k = KEY_MIN; k <= KEY_MAX; k++)
1501 tipc_aead_put(rcu_dereference(c->aead[k]));
1502 rcu_read_unlock();
f779bf79 1503 pr_debug("%s: has been stopped\n", c->name);
fc1b6d6d
TL		 1504
1505 /* Free this crypto statistics */
1506 free_percpu(c->stats);
1507
1508 *crypto = NULL;
453431a5 1509 kfree_sensitive(c);
fc1b6d6d
TL		 1510}
1511
1512void tipc_crypto_timeout(struct tipc_crypto *rx)
1513{
1514 struct tipc_net *tn = tipc_net(rx->net);
1515 struct tipc_crypto *tx = tn->crypto_tx;
1516 struct tipc_key key;
fc1b6d6d
TL		 1517 int cmd;
1518
f779bf79 1519 /* TX pending: taking all users & stable -> active */
fc1b6d6d
TL		 1520 spin_lock(&tx->lock);
1521 key = tx->key;
1522 if (key.active && tipc_aead_users(tx->aead[key.active]) > 0)
1523 goto s1;
1524 if (!key.pending || tipc_aead_users(tx->aead[key.pending]) <= 0)
1525 goto s1;
f779bf79 1526 if (time_before(jiffies, tx->timer1 + TIPC_TX_LASTING_TIME))
fc1b6d6d
TL		 1527 goto s1;
1528
1529 tipc_crypto_key_set_state(tx, key.passive, key.pending, 0);
1530 if (key.active)
1531 tipc_crypto_key_detach(tx->aead[key.active], &tx->lock);
1532 this_cpu_inc(tx->stats->stat[STAT_SWITCHES]);
f779bf79 1533 pr_info("%s: key[%d] is activated\n", tx->name, key.pending);
fc1b6d6d
TL		 1534
1535s1:
1536 spin_unlock(&tx->lock);
1537
f779bf79 1538 /* RX pending: having user -> active */
fc1b6d6d
TL		 1539 spin_lock(&rx->lock);
1540 key = rx->key;
1541 if (!key.pending || tipc_aead_users(rx->aead[key.pending]) <= 0)
1542 goto s2;
1543
f779bf79
TL		 1544 if (key.active)
1545 key.passive = key.active;
1546 key.active = key.pending;
1547 rx->timer2 = jiffies;
1548 tipc_crypto_key_set_state(rx, key.passive, key.active, 0);
fc1b6d6d 1549 this_cpu_inc(rx->stats->stat[STAT_SWITCHES]);
f779bf79 1550 pr_info("%s: key[%d] is activated\n", rx->name, key.pending);
fc1b6d6d
TL		 1551 goto s5;
1552
1553s2:
f779bf79
TL		 1554 /* RX pending: not working -> remove */
1555 if (!key.pending || tipc_aead_users(rx->aead[key.pending]) > -10)
fc1b6d6d
TL		 1556 goto s3;
1557
f779bf79
TL		 1558 tipc_crypto_key_set_state(rx, key.passive, key.active, 0);
1559 tipc_crypto_key_detach(rx->aead[key.pending], &rx->lock);
1560 pr_debug("%s: key[%d] is removed\n", rx->name, key.pending);
fc1b6d6d
TL		 1561 goto s5;
1562
1563s3:
f779bf79 1564 /* RX active: timed out or no user -> pending */
fc1b6d6d
TL		 1565 if (!key.active)
1566 goto s4;
f779bf79
TL		 1567 if (time_before(jiffies, rx->timer1 + TIPC_RX_ACTIVE_LIM) &&
1568 tipc_aead_users(rx->aead[key.active]) > 0)
fc1b6d6d
TL		 1569 goto s4;
1570
f779bf79
TL		 1571 if (key.pending)
1572 key.passive = key.active;
1573 else
1574 key.pending = key.active;
1575 rx->timer2 = jiffies;
1576 tipc_crypto_key_set_state(rx, key.passive, 0, key.pending);
1577 tipc_aead_users_set(rx->aead[key.pending], 0);
1578 pr_debug("%s: key[%d] is deactivated\n", rx->name, key.active);
fc1b6d6d
TL		 1579 goto s5;
1580
1581s4:
f779bf79
TL		 1582 /* RX passive: outdated or not working -> free */
1583 if (!key.passive)
fc1b6d6d 1584 goto s5;
f779bf79
TL		 1585 if (time_before(jiffies, rx->timer2 + TIPC_RX_PASSIVE_LIM) &&
1586 tipc_aead_users(rx->aead[key.passive]) > -10)
fc1b6d6d
TL		 1587 goto s5;
1588
1589 tipc_crypto_key_set_state(rx, 0, key.active, key.pending);
1590 tipc_crypto_key_detach(rx->aead[key.passive], &rx->lock);
f779bf79 1591 pr_debug("%s: key[%d] is freed\n", rx->name, key.passive);
fc1b6d6d
TL		 1592
1593s5:
1594 spin_unlock(&rx->lock);
1595
daef1ee3
TL		 1596 /* Relax it here, the flag will be set again if it really is, but only
1597 * when we are not in grace period for safety!
1598 */
1599 if (time_after(jiffies, tx->timer2 + TIPC_TX_GRACE_PERIOD))
1600 tx->legacy_user = 0;
1601
fc1b6d6d
TL		 1602 /* Limit max_tfms & do debug commands if needed */
1603 if (likely(sysctl_tipc_max_tfms <= TIPC_MAX_TFMS_LIM))
1604 return;
1605
1606 cmd = sysctl_tipc_max_tfms;
1607 sysctl_tipc_max_tfms = TIPC_MAX_TFMS_DEF;
1608 tipc_crypto_do_cmd(rx->net, cmd);
1609}
1610
daef1ee3
TL		 1611static inline void tipc_crypto_clone_msg(struct net *net, struct sk_buff *_skb,
1612 struct tipc_bearer *b,
1613 struct tipc_media_addr *dst,
1614 struct tipc_node *__dnode, u8 type)
1615{
1616 struct sk_buff *skb;
1617
1618 skb = skb_clone(_skb, GFP_ATOMIC);
1619 if (skb) {
1620 TIPC_SKB_CB(skb)->xmit_type = type;
1621 tipc_crypto_xmit(net, &skb, b, dst, __dnode);
1622 if (skb)
1623 b->media->send_msg(net, skb, b, dst);
1624 }
1625}
1626
fc1b6d6d
TL		 1627/**
1628 * tipc_crypto_xmit - Build & encrypt TIPC message for xmit
1629 * @net: struct net
1630 * @skb: input/output message skb pointer
1631 * @b: bearer used for xmit later
1632 * @dst: destination media address
1633 * @__dnode: destination node for reference if any
1634 *
1635 * First, build an encryption message header on the top of the message, then
daef1ee3
TL		 1636 * encrypt the original TIPC message by using the pending, master or active
1637 * key with this preference order.
fc1b6d6d
TL		 1638 * If the encryption is successful, the encrypted skb is returned directly or
1639 * via the callback.
1640 * Otherwise, the skb is freed!
1641 *
1642 * Return:
1643 * 0 : the encryption has succeeded (or no encryption)
1644 * -EINPROGRESS/-EBUSY : the encryption is ongoing, a callback will be made
1645 * -ENOKEK : the encryption has failed due to no key
1646 * -EKEYREVOKED : the encryption has failed due to key revoked
1647 * -ENOMEM : the encryption has failed due to no memory
1648 * < 0 : the encryption has failed due to other reasons
1649 */
1650int tipc_crypto_xmit(struct net *net, struct sk_buff **skb,
1651 struct tipc_bearer *b, struct tipc_media_addr *dst,
1652 struct tipc_node *__dnode)
1653{
1654 struct tipc_crypto *__rx = tipc_node_crypto_rx(__dnode);
1655 struct tipc_crypto *tx = tipc_net(net)->crypto_tx;
1656 struct tipc_crypto_stats __percpu *stats = tx->stats;
f779bf79 1657 struct tipc_msg *hdr = buf_msg(*skb);
fc1b6d6d
TL		 1658 struct tipc_key key = tx->key;
1659 struct tipc_aead *aead = NULL;
f779bf79 1660 u32 user = msg_user(hdr);
daef1ee3
TL		 1661 u32 type = msg_type(hdr);
1662 int rc = -ENOKEY;
1663 u8 tx_key = 0;
fc1b6d6d
TL		 1664
1665 /* No encryption? */
1666 if (!tx->working)
1667 return 0;
1668
daef1ee3 1669 /* Pending key if peer has active on it or probing time */
fc1b6d6d
TL		 1670 if (unlikely(key.pending)) {
1671 tx_key = key.pending;
daef1ee3 1672 if (!tx->key_master && !key.active)
fc1b6d6d
TL		 1673 goto encrypt;
1674 if (__rx && atomic_read(&__rx->peer_rx_active) == tx_key)
1675 goto encrypt;
daef1ee3 1676 if (TIPC_SKB_CB(*skb)->xmit_type == SKB_PROBING) {
f779bf79
TL		 1677 pr_debug("%s: probing for key[%d]\n", tx->name,
1678 key.pending);
fc1b6d6d 1679 goto encrypt;
f779bf79 1680 }
daef1ee3
TL		 1681 if (user == LINK_CONFIG || user == LINK_PROTOCOL)
1682 tipc_crypto_clone_msg(net, *skb, b, dst, __dnode,
1683 SKB_PROBING);
1684 }
1685
1686 /* Master key if this is a *vital* message or in grace period */
1687 if (tx->key_master) {
1688 tx_key = KEY_MASTER;
1689 if (!key.active)
1690 goto encrypt;
1691 if (TIPC_SKB_CB(*skb)->xmit_type == SKB_GRACING) {
1692 pr_debug("%s: gracing for msg (%d %d)\n", tx->name,
1693 user, type);
1694 goto encrypt;
1695 }
1696 if (user == LINK_CONFIG ||
1697 (user == LINK_PROTOCOL && type == RESET_MSG) ||
1ef6f7c9 1698 (user == MSG_CRYPTO && type == KEY_DISTR_MSG) ||
daef1ee3
TL		 1699 time_before(jiffies, tx->timer2 + TIPC_TX_GRACE_PERIOD)) {
1700 if (__rx && __rx->key_master &&
1701 !atomic_read(&__rx->peer_rx_active))
1702 goto encrypt;
1703 if (!__rx) {
1704 if (likely(!tx->legacy_user))
1705 goto encrypt;
1706 tipc_crypto_clone_msg(net, *skb, b, dst,
1707 __dnode, SKB_GRACING);
fc1b6d6d
TL		 1708 }
1709 }
1710 }
daef1ee3 1711
fc1b6d6d
TL		 1712 /* Else, use the active key if any */
1713 if (likely(key.active)) {
1714 tx_key = key.active;
1715 goto encrypt;
1716 }
daef1ee3 1717
fc1b6d6d
TL		 1718 goto exit;
1719
1720encrypt:
1721 aead = tipc_aead_get(tx->aead[tx_key]);
1722 if (unlikely(!aead))
1723 goto exit;
1724 rc = tipc_ehdr_build(net, aead, tx_key, *skb, __rx);
1725 if (likely(rc > 0))
1726 rc = tipc_aead_encrypt(aead, *skb, b, dst, __dnode);
1727
1728exit:
1729 switch (rc) {
1730 case 0:
1731 this_cpu_inc(stats->stat[STAT_OK]);
1732 break;
1733 case -EINPROGRESS:
1734 case -EBUSY:
1735 this_cpu_inc(stats->stat[STAT_ASYNC]);
1736 *skb = NULL;
1737 return rc;
1738 default:
1739 this_cpu_inc(stats->stat[STAT_NOK]);
1740 if (rc == -ENOKEY)
1741 this_cpu_inc(stats->stat[STAT_NOKEYS]);
1742 else if (rc == -EKEYREVOKED)
1743 this_cpu_inc(stats->stat[STAT_BADKEYS]);
1744 kfree_skb(*skb);
1745 *skb = NULL;
1746 break;
1747 }
1748
1749 tipc_aead_put(aead);
1750 return rc;
1751}
1752
1753/**
1754 * tipc_crypto_rcv - Decrypt an encrypted TIPC message from peer
1755 * @net: struct net
1756 * @rx: RX crypto handle
1757 * @skb: input/output message skb pointer
1758 * @b: bearer where the message has been received
1759 *
1760 * If the decryption is successful, the decrypted skb is returned directly or
1761 * as the callback, the encryption header and auth tag will be trimed out
1762 * before forwarding to tipc_rcv() via the tipc_crypto_rcv_complete().
1763 * Otherwise, the skb will be freed!
1764 * Note: RX key(s) can be re-aligned, or in case of no key suitable, TX
1765 * cluster key(s) can be taken for decryption (- recursive).
1766 *
1767 * Return:
1768 * 0 : the decryption has successfully completed
1769 * -EINPROGRESS/-EBUSY : the decryption is ongoing, a callback will be made
1770 * -ENOKEY : the decryption has failed due to no key
1771 * -EBADMSG : the decryption has failed due to bad message
1772 * -ENOMEM : the decryption has failed due to no memory
1773 * < 0 : the decryption has failed due to other reasons
1774 */
1775int tipc_crypto_rcv(struct net *net, struct tipc_crypto *rx,
1776 struct sk_buff **skb, struct tipc_bearer *b)
1777{
1778 struct tipc_crypto *tx = tipc_net(net)->crypto_tx;
1779 struct tipc_crypto_stats __percpu *stats;
1780 struct tipc_aead *aead = NULL;
1781 struct tipc_key key;
1782 int rc = -ENOKEY;
1ef6f7c9 1783 u8 tx_key, n;
daef1ee3
TL		 1784
1785 tx_key = ((struct tipc_ehdr *)(*skb)->data)->tx_key;
fc1b6d6d
TL		 1786
1787 /* New peer?
1788 * Let's try with TX key (i.e. cluster mode) & verify the skb first!
1789 */
daef1ee3 1790 if (unlikely(!rx || tx_key == KEY_MASTER))
fc1b6d6d
TL		 1791 goto pick_tx;
1792
f779bf79 1793 /* Pick RX key according to TX key if any */
fc1b6d6d 1794 key = rx->key;
f779bf79
TL		 1795 if (tx_key == key.active || tx_key == key.pending ||
1796 tx_key == key.passive)
fc1b6d6d 1797 goto decrypt;
fc1b6d6d
TL		 1798
1799 /* Unknown key, let's try to align RX key(s) */
1800 if (tipc_crypto_key_try_align(rx, tx_key))
1801 goto decrypt;
1802
1803pick_tx:
1804 /* No key suitable? Try to pick one from TX... */
daef1ee3 1805 aead = tipc_crypto_key_pick_tx(tx, rx, *skb, tx_key);
fc1b6d6d
TL		 1806 if (aead)
1807 goto decrypt;
1808 goto exit;
1809
1810decrypt:
1811 rcu_read_lock();
1812 if (!aead)
1813 aead = tipc_aead_get(rx->aead[tx_key]);
1814 rc = tipc_aead_decrypt(net, aead, *skb, b);
1815 rcu_read_unlock();
1816
1817exit:
1818 stats = ((rx) ?: tx)->stats;
1819 switch (rc) {
1820 case 0:
1821 this_cpu_inc(stats->stat[STAT_OK]);
1822 break;
1823 case -EINPROGRESS:
1824 case -EBUSY:
1825 this_cpu_inc(stats->stat[STAT_ASYNC]);
1826 *skb = NULL;
1827 return rc;
1828 default:
1829 this_cpu_inc(stats->stat[STAT_NOK]);
1830 if (rc == -ENOKEY) {
1831 kfree_skb(*skb);
1832 *skb = NULL;
1ef6f7c9
TL		 1833 if (rx) {
1834 /* Mark rx->nokey only if we dont have a
1835 * pending received session key, nor a newer
1836 * one i.e. in the next slot.
1837 */
1838 n = key_next(tx_key);
1839 rx->nokey = !(rx->skey ||
1840 rcu_access_pointer(rx->aead[n]));
1841 pr_debug_ratelimited("%s: nokey %d, key %d/%x\n",
1842 rx->name, rx->nokey,
1843 tx_key, rx->key.keys);
fc1b6d6d 1844 tipc_node_put(rx->node);
1ef6f7c9 1845 }
fc1b6d6d
TL		 1846 this_cpu_inc(stats->stat[STAT_NOKEYS]);
1847 return rc;
1848 } else if (rc == -EBADMSG) {
1849 this_cpu_inc(stats->stat[STAT_BADMSGS]);
1850 }
1851 break;
1852 }
1853
1854 tipc_crypto_rcv_complete(net, aead, b, skb, rc);
1855 return rc;
1856}
1857
1858static void tipc_crypto_rcv_complete(struct net *net, struct tipc_aead *aead,
1859 struct tipc_bearer *b,
1860 struct sk_buff **skb, int err)
1861{
1862 struct tipc_skb_cb *skb_cb = TIPC_SKB_CB(*skb);
1863 struct tipc_crypto *rx = aead->crypto;
1864 struct tipc_aead *tmp = NULL;
1865 struct tipc_ehdr *ehdr;
1866 struct tipc_node *n;
fc1b6d6d
TL		 1867
1868 /* Is this completed by TX? */
f779bf79 1869 if (unlikely(is_tx(aead->crypto))) {
fc1b6d6d 1870 rx = skb_cb->tx_clone_ctx.rx;
f779bf79
TL		 1871 pr_debug("TX->RX(%s): err %d, aead %p, skb->next %p, flags %x\n",
1872 (rx) ? tipc_node_get_id_str(rx->node) : "-", err, aead,
1873 (*skb)->next, skb_cb->flags);
1874 pr_debug("skb_cb [recurs %d, last %p], tx->aead [%p %p %p]\n",
1875 skb_cb->tx_clone_ctx.recurs, skb_cb->tx_clone_ctx.last,
1876 aead->crypto->aead[1], aead->crypto->aead[2],
1877 aead->crypto->aead[3]);
fc1b6d6d
TL		 1878 if (unlikely(err)) {
1879 if (err == -EBADMSG && (*skb)->next)
1880 tipc_rcv(net, (*skb)->next, b);
1881 goto free_skb;
1882 }
1883
1884 if (likely((*skb)->next)) {
1885 kfree_skb((*skb)->next);
1886 (*skb)->next = NULL;
1887 }
1888 ehdr = (struct tipc_ehdr *)(*skb)->data;
1889 if (!rx) {
1890 WARN_ON(ehdr->user != LINK_CONFIG);
1891 n = tipc_node_create(net, 0, ehdr->id, 0xffffu, 0,
1892 true);
1893 rx = tipc_node_crypto_rx(n);
1894 if (unlikely(!rx))
1895 goto free_skb;
1896 }
1897
daef1ee3
TL		 1898 /* Ignore cloning if it was TX master key */
1899 if (ehdr->tx_key == KEY_MASTER)
1900 goto rcv;
fc1b6d6d
TL		 1901 if (tipc_aead_clone(&tmp, aead) < 0)
1902 goto rcv;
daef1ee3 1903 if (tipc_crypto_key_attach(rx, tmp, ehdr->tx_key, false) < 0) {
fc1b6d6d
TL		 1904 tipc_aead_free(&tmp->rcu);
1905 goto rcv;
1906 }
1907 tipc_aead_put(aead);
1908 aead = tipc_aead_get(tmp);
1909 }
1910
1911 if (unlikely(err)) {
1912 tipc_aead_users_dec(aead, INT_MIN);
1913 goto free_skb;
1914 }
1915
1916 /* Set the RX key's user */
1917 tipc_aead_users_set(aead, 1);
1918
fc1b6d6d
TL		 1919 /* Mark this point, RX works */
1920 rx->timer1 = jiffies;
1921
daef1ee3 1922rcv:
fc1b6d6d
TL		 1923 /* Remove ehdr & auth. tag prior to tipc_rcv() */
1924 ehdr = (struct tipc_ehdr *)(*skb)->data;
f779bf79
TL		 1925
1926 /* Mark this point, RX passive still works */
1927 if (rx->key.passive && ehdr->tx_key == rx->key.passive)
1928 rx->timer2 = jiffies;
1929
1930 skb_reset_network_header(*skb);
fc1b6d6d
TL		 1931 skb_pull(*skb, tipc_ehdr_size(ehdr));
1932 pskb_trim(*skb, (*skb)->len - aead->authsize);
1933
1934 /* Validate TIPCv2 message */
1935 if (unlikely(!tipc_msg_validate(skb))) {
1936 pr_err_ratelimited("Packet dropped after decryption!\n");
1937 goto free_skb;
1938 }
1939
f779bf79
TL		 1940 /* Ok, everything's fine, try to synch own keys according to peers' */
1941 tipc_crypto_key_synch(rx, *skb);
fc1b6d6d
TL		 1942
1943 /* Mark skb decrypted */
1944 skb_cb->decrypted = 1;
1945
1946 /* Clear clone cxt if any */
1947 if (likely(!skb_cb->tx_clone_deferred))
1948 goto exit;
1949 skb_cb->tx_clone_deferred = 0;
1950 memset(&skb_cb->tx_clone_ctx, 0, sizeof(skb_cb->tx_clone_ctx));
1951 goto exit;
1952
1953free_skb:
1954 kfree_skb(*skb);
1955 *skb = NULL;
1956
1957exit:
1958 tipc_aead_put(aead);
1959 if (rx)
1960 tipc_node_put(rx->node);
1961}
1962
1963static void tipc_crypto_do_cmd(struct net *net, int cmd)
1964{
1965 struct tipc_net *tn = tipc_net(net);
1966 struct tipc_crypto *tx = tn->crypto_tx, *rx;
1967 struct list_head *p;
1968 unsigned int stat;
1969 int i, j, cpu;
1970 char buf[200];
1971
1972 /* Currently only one command is supported */
1973 switch (cmd) {
1974 case 0xfff1:
1975 goto print_stats;
1976 default:
1977 return;
1978 }
1979
1980print_stats:
1981 /* Print a header */
1982 pr_info("\n=============== TIPC Crypto Statistics ===============\n\n");
1983
1984 /* Print key status */
1985 pr_info("Key status:\n");
1986 pr_info("TX(%7.7s)\n%s", tipc_own_id_string(net),
1987 tipc_crypto_key_dump(tx, buf));
1988
1989 rcu_read_lock();
1990 for (p = tn->node_list.next; p != &tn->node_list; p = p->next) {
1991 rx = tipc_node_crypto_rx_by_list(p);
1992 pr_info("RX(%7.7s)\n%s", tipc_node_get_id_str(rx->node),
1993 tipc_crypto_key_dump(rx, buf));
1994 }
1995 rcu_read_unlock();
1996
1997 /* Print crypto statistics */
1998 for (i = 0, j = 0; i < MAX_STATS; i++)
1999 j += scnprintf(buf + j, 200 - j, "|%11s ", hstats[i]);
f779bf79 2000 pr_info("Counter %s", buf);
fc1b6d6d
TL		 2001
2002 memset(buf, '-', 115);
2003 buf[115] = '\0';
2004 pr_info("%s\n", buf);
2005
2006 j = scnprintf(buf, 200, "TX(%7.7s) ", tipc_own_id_string(net));
2007 for_each_possible_cpu(cpu) {
2008 for (i = 0; i < MAX_STATS; i++) {
2009 stat = per_cpu_ptr(tx->stats, cpu)->stat[i];
2010 j += scnprintf(buf + j, 200 - j, "|%11d ", stat);
2011 }
2012 pr_info("%s", buf);
2013 j = scnprintf(buf, 200, "%12s", " ");
2014 }
2015
2016 rcu_read_lock();
2017 for (p = tn->node_list.next; p != &tn->node_list; p = p->next) {
2018 rx = tipc_node_crypto_rx_by_list(p);
2019 j = scnprintf(buf, 200, "RX(%7.7s) ",
2020 tipc_node_get_id_str(rx->node));
2021 for_each_possible_cpu(cpu) {
2022 for (i = 0; i < MAX_STATS; i++) {
2023 stat = per_cpu_ptr(rx->stats, cpu)->stat[i];
2024 j += scnprintf(buf + j, 200 - j, "|%11d ",
2025 stat);
2026 }
2027 pr_info("%s", buf);
2028 j = scnprintf(buf, 200, "%12s", " ");
2029 }
2030 }
2031 rcu_read_unlock();
2032
2033 pr_info("\n======================== Done ========================\n");
2034}
2035
2036static char *tipc_crypto_key_dump(struct tipc_crypto *c, char *buf)
2037{
2038 struct tipc_key key = c->key;
2039 struct tipc_aead *aead;
2040 int k, i = 0;
2041 char *s;
2042
2043 for (k = KEY_MIN; k <= KEY_MAX; k++) {
daef1ee3
TL		 2044 if (k == KEY_MASTER) {
2045 if (is_rx(c))
2046 continue;
2047 if (time_before(jiffies,
2048 c->timer2 + TIPC_TX_GRACE_PERIOD))
2049 s = "ACT";
2050 else
2051 s = "PAS";
2052 } else {
2053 if (k == key.passive)
2054 s = "PAS";
2055 else if (k == key.active)
2056 s = "ACT";
2057 else if (k == key.pending)
2058 s = "PEN";
2059 else
2060 s = "-";
2061 }
fc1b6d6d
TL		 2062 i += scnprintf(buf + i, 200 - i, "\tKey%d: %s", k, s);
2063
2064 rcu_read_lock();
2065 aead = rcu_dereference(c->aead[k]);
2066 if (aead)
2067 i += scnprintf(buf + i, 200 - i,
f779bf79 2068 "{\"0x...%s\", \"%s\"}/%d:%d",
fc1b6d6d
TL		 2069 aead->hint,
2070 (aead->mode == CLUSTER_KEY) ? "c" : "p",
2071 atomic_read(&aead->users),
2072 refcount_read(&aead->refcnt));
2073 rcu_read_unlock();
2074 i += scnprintf(buf + i, 200 - i, "\n");
2075 }
2076
f779bf79 2077 if (is_rx(c))
fc1b6d6d
TL		 2078 i += scnprintf(buf + i, 200 - i, "\tPeer RX active: %d\n",
2079 atomic_read(&c->peer_rx_active));
2080
2081 return buf;
2082}
2083
fc1b6d6d
TL		 2084static char *tipc_key_change_dump(struct tipc_key old, struct tipc_key new,
2085 char *buf)
2086{
2087 struct tipc_key *key = &old;
2088 int k, i = 0;
2089 char *s;
2090
2091 /* Output format: "[%s %s %s] -> [%s %s %s]", max len = 32 */
2092again:
2093 i += scnprintf(buf + i, 32 - i, "[");
daef1ee3 2094 for (k = KEY_1; k <= KEY_3; k++) {
fc1b6d6d
TL		 2095 if (k == key->passive)
2096 s = "pas";
2097 else if (k == key->active)
2098 s = "act";
2099 else if (k == key->pending)
2100 s = "pen";
2101 else
2102 s = "-";
2103 i += scnprintf(buf + i, 32 - i,
daef1ee3 2104 (k != KEY_3) ? "%s " : "%s", s);
fc1b6d6d
TL		 2105 }
2106 if (key != &new) {
2107 i += scnprintf(buf + i, 32 - i, "] -> ");
2108 key = &new;
2109 goto again;
2110 }
2111 i += scnprintf(buf + i, 32 - i, "]");
2112 return buf;
2113}
1ef6f7c9
TL		 2114
2115/**
2116 * tipc_crypto_msg_rcv - Common 'MSG_CRYPTO' processing point
2117 * @net: the struct net
2118 * @skb: the receiving message buffer
2119 */
2120void tipc_crypto_msg_rcv(struct net *net, struct sk_buff *skb)
2121{
2122 struct tipc_crypto *rx;
2123 struct tipc_msg *hdr;
2124
2125 if (unlikely(skb_linearize(skb)))
2126 goto exit;
2127
2128 hdr = buf_msg(skb);
2129 rx = tipc_node_crypto_rx_by_addr(net, msg_prevnode(hdr));
2130 if (unlikely(!rx))
2131 goto exit;
2132
2133 switch (msg_type(hdr)) {
2134 case KEY_DISTR_MSG:
2135 if (tipc_crypto_key_rcv(rx, hdr))
2136 goto exit;
2137 break;
2138 default:
2139 break;
2140 }
2141
2142 tipc_node_put(rx->node);
2143
2144exit:
2145 kfree_skb(skb);
2146}
2147
2148/**
2149 * tipc_crypto_key_distr - Distribute a TX key
2150 * @tx: the TX crypto
2151 * @key: the key's index
2152 * @dest: the destination tipc node, = NULL if distributing to all nodes
2153 *
2154 * Return: 0 in case of success, otherwise < 0
2155 */
2156int tipc_crypto_key_distr(struct tipc_crypto *tx, u8 key,
2157 struct tipc_node *dest)
2158{
2159 struct tipc_aead *aead;
2160 u32 dnode = tipc_node_get_addr(dest);
2161 int rc = -ENOKEY;
2162
2163 if (!sysctl_tipc_key_exchange_enabled)
2164 return 0;
2165
2166 if (key) {
2167 rcu_read_lock();
2168 aead = tipc_aead_get(tx->aead[key]);
2169 if (likely(aead)) {
2170 rc = tipc_crypto_key_xmit(tx->net, aead->key,
2171 aead->gen, aead->mode,
2172 dnode);
2173 tipc_aead_put(aead);
2174 }
2175 rcu_read_unlock();
2176 }
2177
2178 return rc;
2179}
2180
2181/**
2182 * tipc_crypto_key_xmit - Send a session key
2183 * @net: the struct net
2184 * @skey: the session key to be sent
2185 * @gen: the key's generation
2186 * @mode: the key's mode
2187 * @dnode: the destination node address, = 0 if broadcasting to all nodes
2188 *
2189 * The session key 'skey' is packed in a TIPC v2 'MSG_CRYPTO/KEY_DISTR_MSG'
2190 * as its data section, then xmit-ed through the uc/bc link.
2191 *
2192 * Return: 0 in case of success, otherwise < 0
2193 */
2194static int tipc_crypto_key_xmit(struct net *net, struct tipc_aead_key *skey,
2195 u16 gen, u8 mode, u32 dnode)
2196{
2197 struct sk_buff_head pkts;
2198 struct tipc_msg *hdr;
2199 struct sk_buff *skb;
2200 u16 size, cong_link_cnt;
2201 u8 *data;
2202 int rc;
2203
2204 size = tipc_aead_key_size(skey);
2205 skb = tipc_buf_acquire(INT_H_SIZE + size, GFP_ATOMIC);
2206 if (!skb)
2207 return -ENOMEM;
2208
2209 hdr = buf_msg(skb);
2210 tipc_msg_init(tipc_own_addr(net), hdr, MSG_CRYPTO, KEY_DISTR_MSG,
2211 INT_H_SIZE, dnode);
2212 msg_set_size(hdr, INT_H_SIZE + size);
2213 msg_set_key_gen(hdr, gen);
2214 msg_set_key_mode(hdr, mode);
2215
2216 data = msg_data(hdr);
2217 *((__be32 *)(data + TIPC_AEAD_ALG_NAME)) = htonl(skey->keylen);
2218 memcpy(data, skey->alg_name, TIPC_AEAD_ALG_NAME);
2219 memcpy(data + TIPC_AEAD_ALG_NAME + sizeof(__be32), skey->key,
2220 skey->keylen);
2221
2222 __skb_queue_head_init(&pkts);
2223 __skb_queue_tail(&pkts, skb);
2224 if (dnode)
2225 rc = tipc_node_xmit(net, &pkts, dnode, 0);
2226 else
2227 rc = tipc_bcast_xmit(net, &pkts, &cong_link_cnt);
2228
2229 return rc;
2230}
2231
2232/**
2233 * tipc_crypto_key_rcv - Receive a session key
2234 * @rx: the RX crypto
2235 * @hdr: the TIPC v2 message incl. the receiving session key in its data
2236 *
2237 * This function retrieves the session key in the message from peer, then
2238 * schedules a RX work to attach the key to the corresponding RX crypto.
2239 *
2240 * Return: "true" if the key has been scheduled for attaching, otherwise
2241 * "false".
2242 */
2243static bool tipc_crypto_key_rcv(struct tipc_crypto *rx, struct tipc_msg *hdr)
2244{
2245 struct tipc_crypto *tx = tipc_net(rx->net)->crypto_tx;
2246 struct tipc_aead_key *skey = NULL;
2247 u16 key_gen = msg_key_gen(hdr);
2248 u16 size = msg_data_sz(hdr);
2249 u8 *data = msg_data(hdr);
2250
2251 spin_lock(&rx->lock);
2252 if (unlikely(rx->skey || (key_gen == rx->key_gen && rx->key.keys))) {
2253 pr_err("%s: key existed <%p>, gen %d vs %d\n", rx->name,
2254 rx->skey, key_gen, rx->key_gen);
2255 goto exit;
2256 }
2257
2258 /* Allocate memory for the key */
2259 skey = kmalloc(size, GFP_ATOMIC);
2260 if (unlikely(!skey)) {
2261 pr_err("%s: unable to allocate memory for skey\n", rx->name);
2262 goto exit;
2263 }
2264
2265 /* Copy key from msg data */
2266 skey->keylen = ntohl(*((__be32 *)(data + TIPC_AEAD_ALG_NAME)));
2267 memcpy(skey->alg_name, data, TIPC_AEAD_ALG_NAME);
2268 memcpy(skey->key, data + TIPC_AEAD_ALG_NAME + sizeof(__be32),
2269 skey->keylen);
2270
2271 /* Sanity check */
2272 if (unlikely(size != tipc_aead_key_size(skey))) {
2273 kfree(skey);
2274 skey = NULL;
2275 goto exit;
2276 }
2277
2278 rx->key_gen = key_gen;
2279 rx->skey_mode = msg_key_mode(hdr);
2280 rx->skey = skey;
2281 rx->nokey = 0;
2282 mb(); /* for nokey flag */
2283
2284exit:
2285 spin_unlock(&rx->lock);
2286
2287 /* Schedule the key attaching on this crypto */
2288 if (likely(skey && queue_delayed_work(tx->wq, &rx->work, 0)))
2289 return true;
2290
2291 return false;
2292}
2293
2294/**
2295 * tipc_crypto_work_rx - Scheduled RX works handler
2296 * @work: the struct RX work
2297 *
2298 * The function processes the previous scheduled works i.e. distributing TX key
2299 * or attaching a received session key on RX crypto.
2300 */
2301static void tipc_crypto_work_rx(struct work_struct *work)
2302{
2303 struct delayed_work *dwork = to_delayed_work(work);
2304 struct tipc_crypto *rx = container_of(dwork, struct tipc_crypto, work);
2305 struct tipc_crypto *tx = tipc_net(rx->net)->crypto_tx;
2306 unsigned long delay = msecs_to_jiffies(5000);
2307 bool resched = false;
2308 u8 key;
2309 int rc;
2310
2311 /* Case 1: Distribute TX key to peer if scheduled */
2312 if (atomic_cmpxchg(&rx->key_distr,
2313 KEY_DISTR_SCHED,
2314 KEY_DISTR_COMPL) == KEY_DISTR_SCHED) {
2315 /* Always pick the newest one for distributing */
2316 key = tx->key.pending ?: tx->key.active;
2317 rc = tipc_crypto_key_distr(tx, key, rx->node);
2318 if (unlikely(rc))
2319 pr_warn("%s: unable to distr key[%d] to %s, err %d\n",
2320 tx->name, key, tipc_node_get_id_str(rx->node),
2321 rc);
2322
2323 /* Sched for key_distr releasing */
2324 resched = true;
2325 } else {
2326 atomic_cmpxchg(&rx->key_distr, KEY_DISTR_COMPL, 0);
2327 }
2328
2329 /* Case 2: Attach a pending received session key from peer if any */
2330 if (rx->skey) {
2331 rc = tipc_crypto_key_init(rx, rx->skey, rx->skey_mode, false);
2332 if (unlikely(rc < 0))
2333 pr_warn("%s: unable to attach received skey, err %d\n",
2334 rx->name, rc);
2335 switch (rc) {
2336 case -EBUSY:
2337 case -ENOMEM:
2338 /* Resched the key attaching */
2339 resched = true;
2340 break;
2341 default:
2342 synchronize_rcu();
2343 kfree(rx->skey);
2344 rx->skey = NULL;
2345 break;
2346 }
2347 }
2348
2349 if (resched && queue_delayed_work(tx->wq, &rx->work, delay))
2350 return;
2351
2352 tipc_node_put(rx->node);
2353}
Linux 6.x block layer and io_uring tree(s)