Thread (71 messages) 71 messages, 4 authors, 2024-07-19

Re: [PATCH net-next v5 22/25] ovpn: kill key and notify userspace in case of IV exhaustion

From: Sabrina Dubroca <sd@queasysnail.net>
Date: 2024-07-17 10:42:33

2024-06-27, 15:08:40 +0200, Antonio Quartulli wrote:
quoted hunk ↗ jump to hunk
IV wrap-around is cryptographically dangerous for a number of ciphers,
therefore kill the key and inform userspace (via netlink) should the
IV space go exhausted.

Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
---
 drivers/net/ovpn/netlink.c | 39 ++++++++++++++++++++++++++++++++++++++
 drivers/net/ovpn/netlink.h |  8 ++++++++
 2 files changed, 47 insertions(+)
diff --git a/drivers/net/ovpn/netlink.c b/drivers/net/ovpn/netlink.c
index 31c58cda6a3d..e43bbc9ad5d2 100644
--- a/drivers/net/ovpn/netlink.c
+++ b/drivers/net/ovpn/netlink.c
@@ -846,6 +846,45 @@ int ovpn_nl_del_key_doit(struct sk_buff *skb, struct genl_info *info)
 	return 0;
 }
 
+int ovpn_nl_notify_swap_keys(struct ovpn_peer *peer)
This is not getting called anywhere in this version. v3 had a change
to ovpn_encrypt_one to handle the -ERANGE coming from ovpn_pktid_xmit_next.

Assuming this was getting called just as the TX key expires (like it
was in v3), I'm a bit unclear on how the client can deal well with
this event.

I don't see any way for userspace to know the current IV state (no
notification for when the packetid gets past some threshold, and
pid_xmit isn't getting dumped via netlink), so no chance for userspace
to swap keys early and avoid running out of IVs. And then, since we
don't have a usable primary key anymore, we will have to drop packets
until userspace tells the kernel to swap the keys (or possibly install
a secondary).

Am I missing something in the kernel/userspace interaction?

-- 
Sabrina
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help