• Tuong Lien's avatar
    tipc: introduce TIPC encryption & authentication · fc1b6d6d
    Tuong Lien authored
    This commit offers an option to encrypt and authenticate all messaging,
    including the neighbor discovery messages. The currently most advanced
    algorithm supported is the AEAD AES-GCM (like IPSec or TLS). All
    encryption/decryption is done at the bearer layer, just before leaving
    or after entering TIPC.
    
    Supported features:
    - Encryption & authentication of all TIPC messages (header + data);
    - Two symmetric-key modes: Cluster and Per-node;
    - Automatic key switching;
    - Key-expired revoking (sequence number wrapped);
    - Lock-free encryption/decryption (RCU);
    - Asynchronous crypto, Intel AES-NI supported;
    - Multiple cipher transforms;
    - Logs & statistics;
    
    Two key modes:
    - Cluster key mode: One single key is used for both TX & RX in all
    nodes in the cluster.
    - Per-node key mode: Each nodes in the cluster has one specific TX key.
    For RX, a node requires its peers' TX key to be able to decrypt the
    messages from those peers.
    
    Key setting from user-space is performed via netlink by a user program
    (e.g. the iproute2 'tipc' tool).
    
    Internal key state machine:
    
                                     Attach    Align(RX)
                                         +-+   +-+
                                         | V   | V
            +---------+      Attach     +---------+
            |  IDLE   |---------------->| PENDING |(user = 0)
            +---------+                 +---------+
               A   A                   Switch|  A
               |   |                         |  |
               |   | Free(switch/revoked)    |  |
         (Free)|   +----------------------+  |  |Timeout
               |              (TX)        |  |  |(RX)
               |                          |  |  |
               |                          |  v  |
            +---------+      Switch     +---------+
            | PASSIVE |<----------------| ACTIVE  |
            +---------+       (RX)      +---------+
            (user = 1)                  (user >= 1)
    
    The number of TFMs is 10 by default and can be changed via the procfs
    'net/tipc/max_tfms'. At this moment, as for simplicity, this file is
    also used to print the crypto statistics at runtime:
    
    echo 0xfff1 > /proc/sys/net/tipc/max_tfms
    
    The patch defines a new TIPC version (v7) for the encryption message (-
    backward compatibility as well). The message is basically encapsulated
    as follows:
    
       +----------------------------------------------------------+
       | TIPCv7 encryption  | Original TIPCv2    | Authentication |
       | header             | packet (encrypted) | Tag            |
       +----------------------------------------------------------+
    
    The throughput is about ~40% for small messages (compared with non-
    encryption) and ~9% for large messages. With the support from hardware
    crypto i.e. the Intel AES-NI CPU instructions, the throughput increases
    upto ~85% for small messages and ~55% for large messages.
    
    By default, the new feature is inactive (i.e. no encryption) until user
    sets a key for TIPC. There is however also a new option - "TIPC_CRYPTO"
    in the kernel configuration to enable/disable the new code when needed.
    
    MAINTAINERS | add two new files 'crypto.h' & 'crypto.c' in tipc
    Acked-by: default avatarYing Xue <ying.xue@windreiver.com>
    Acked-by: default avatarJon Maloy <jon.maloy@ericsson.com>
    Signed-off-by: default avatarTuong Lien <tuong.t.lien@dektech.com.au>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    fc1b6d6d
bearer.c 30.6 KB