Re: [PATCH net-next v5 22/25] ovpn: kill key and notify userspace in case of IV exhaustion
From: Sabrina Dubroca <sd@queasysnail.net>
Date: 2024-07-17 10:42:33
2024-06-27, 15:08:40 +0200, Antonio Quartulli wrote:
quoted hunk ↗ jump to hunk
IV wrap-around is cryptographically dangerous for a number of ciphers, therefore kill the key and inform userspace (via netlink) should the IV space go exhausted. Signed-off-by: Antonio Quartulli <antonio@openvpn.net> --- drivers/net/ovpn/netlink.c | 39 ++++++++++++++++++++++++++++++++++++++ drivers/net/ovpn/netlink.h | 8 ++++++++ 2 files changed, 47 insertions(+)diff --git a/drivers/net/ovpn/netlink.c b/drivers/net/ovpn/netlink.c index 31c58cda6a3d..e43bbc9ad5d2 100644 --- a/drivers/net/ovpn/netlink.c +++ b/drivers/net/ovpn/netlink.c@@ -846,6 +846,45 @@ int ovpn_nl_del_key_doit(struct sk_buff *skb, struct genl_info *info) return 0; } +int ovpn_nl_notify_swap_keys(struct ovpn_peer *peer)
This is not getting called anywhere in this version. v3 had a change to ovpn_encrypt_one to handle the -ERANGE coming from ovpn_pktid_xmit_next. Assuming this was getting called just as the TX key expires (like it was in v3), I'm a bit unclear on how the client can deal well with this event. I don't see any way for userspace to know the current IV state (no notification for when the packetid gets past some threshold, and pid_xmit isn't getting dumped via netlink), so no chance for userspace to swap keys early and avoid running out of IVs. And then, since we don't have a usable primary key anymore, we will have to drop packets until userspace tells the kernel to swap the keys (or possibly install a secondary). Am I missing something in the kernel/userspace interaction? -- Sabrina