mirror of
https://github.com/AuxXxilium/linux_dsm_epyc7002.git
synced 2025-03-10 13:26:24 +07:00
fc1b6d6de2
This commit offers an option to encrypt and authenticate all messaging,
including the neighbor discovery messages. The currently most advanced
algorithm supported is the AEAD AES-GCM (like IPSec or TLS). All
encryption/decryption is done at the bearer layer, just before leaving
or after entering TIPC.
Supported features:
- Encryption & authentication of all TIPC messages (header + data);
- Two symmetric-key modes: Cluster and Per-node;
- Automatic key switching;
- Key-expired revoking (sequence number wrapped);
- Lock-free encryption/decryption (RCU);
- Asynchronous crypto, Intel AES-NI supported;
- Multiple cipher transforms;
- Logs & statistics;
Two key modes:
- Cluster key mode: One single key is used for both TX & RX in all
nodes in the cluster.
- Per-node key mode: Each nodes in the cluster has one specific TX key.
For RX, a node requires its peers' TX key to be able to decrypt the
messages from those peers.
Key setting from user-space is performed via netlink by a user program
(e.g. the iproute2 'tipc' tool).
Internal key state machine:
Attach Align(RX)
+-+ +-+
| V | V
+---------+ Attach +---------+
| IDLE |---------------->| PENDING |(user = 0)
+---------+ +---------+
A A Switch| A
| | | |
| | Free(switch/revoked) | |
(Free)| +----------------------+ | |Timeout
| (TX) | | |(RX)
| | | |
| | v |
+---------+ Switch +---------+
| PASSIVE |<----------------| ACTIVE |
+---------+ (RX) +---------+
(user = 1) (user >= 1)
The number of TFMs is 10 by default and can be changed via the procfs
'net/tipc/max_tfms'. At this moment, as for simplicity, this file is
also used to print the crypto statistics at runtime:
echo 0xfff1 > /proc/sys/net/tipc/max_tfms
The patch defines a new TIPC version (v7) for the encryption message (-
backward compatibility as well). The message is basically encapsulated
as follows:
+----------------------------------------------------------+
| TIPCv7 encryption | Original TIPCv2 | Authentication |
| header | packet (encrypted) | Tag |
+----------------------------------------------------------+
The throughput is about ~40% for small messages (compared with non-
encryption) and ~9% for large messages. With the support from hardware
crypto i.e. the Intel AES-NI CPU instructions, the throughput increases
upto ~85% for small messages and ~55% for large messages.
By default, the new feature is inactive (i.e. no encryption) until user
sets a key for TIPC. There is however also a new option - "TIPC_CRYPTO"
in the kernel configuration to enable/disable the new code when needed.
MAINTAINERS | add two new files 'crypto.h' & 'crypto.c' in tipc
Acked-by: Ying Xue <ying.xue@windreiver.com>
Acked-by: Jon Maloy <jon.maloy@ericsson.com>
Signed-off-by: Tuong Lien <tuong.t.lien@dektech.com.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
|
||
|---|---|---|
| .. | ||
| addr.c | ||
| addr.h | ||
| bcast.c | ||
| bcast.h | ||
| bearer.c | ||
| bearer.h | ||
| core.c | ||
| core.h | ||
| crypto.c | ||
| crypto.h | ||
| diag.c | ||
| discover.c | ||
| discover.h | ||
| eth_media.c | ||
| group.c | ||
| group.h | ||
| ib_media.c | ||
| Kconfig | ||
| link.c | ||
| link.h | ||
| Makefile | ||
| monitor.c | ||
| monitor.h | ||
| msg.c | ||
| msg.h | ||
| name_distr.c | ||
| name_distr.h | ||
| name_table.c | ||
| name_table.h | ||
| net.c | ||
| net.h | ||
| netlink_compat.c | ||
| netlink.c | ||
| netlink.h | ||
| node.c | ||
| node.h | ||
| socket.c | ||
| socket.h | ||
| subscr.c | ||
| subscr.h | ||
| sysctl.c | ||
| topsrv.c | ||
| topsrv.h | ||
| trace.c | ||
| trace.h | ||
| udp_media.c | ||
| udp_media.h | ||