Re: [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN

2014-05-03 Thread Matthias-Christian Ott 
On 05/01/14 12:53, Marek Vasut wrote:
> On Wednesday, April 30, 2014 at 09:23:40 PM, Matthias-Christian Ott wrote:
>> On 04/28/14 23:37, Marek Vasut wrote:
>>> On Friday, April 25, 2014 at 12:51:06 AM, Matthias-Christian Ott wrote:
>>>> CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information
>>>> provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules
>>>> and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that
>>>> processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher
>>>> details, such as cipher priorities, for AF_ALG.
>>>>
>>>> Signed-off-by: Matthias-Christian Ott 
>>>> ---
>>>>
>>>>  crypto/crypto_user.c | 12 +---
>>>>  1 file changed, 9 insertions(+), 3 deletions(-)
>>>
>>> Can you please submit the patch using git send-email so we can properly
>>> review it?
>>
>> git-send-email or more specifically Net::SMTP only works with IPv4. The
>> SMTP server I use for submission only listens IPv6 addresses. Moreover,
>> TLS seems broken. I patched Net::SMTP to use IO::Socket::INET6 but gave
>> up because of the TLS issues and used git format-patch and git imap-send.
> 
> You can always set up a separate mailserver or use one of the many 
> free-to-use 
> mailservers to follow the agreed-upon submission process, right?

I don't comment on this statement to keep this discussion focused (send
me a private email if you want to discuss it).

I did try to submit the email directly (with SPF disabled) from git
send-email to vger.kernel.org but vger.kernel.org uses greylisting, so I
can't help you with that.

Can you simply copy the file that was attached on the first email I
sent, save it to the filesystem and simply commit it in git? You would
have to do this anyway if I filed a bug in the Kernel Bug Tracker. So
there is an “agreed-upon submission process” to commit a file.

> Of course, patches for Net::SMTP are welcome.

I reported the bug and someone who actually knows Perl is working on it.
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN

2014-04-30 Thread Matthias-Christian Ott 
On 04/28/14 23:37, Marek Vasut wrote:
> On Friday, April 25, 2014 at 12:51:06 AM, Matthias-Christian Ott wrote:
>> CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information
>> provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules
>> and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that
>> processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher
>> details, such as cipher priorities, for AF_ALG.
>>
>> Signed-off-by: Matthias-Christian Ott 
>> ---
>>  crypto/crypto_user.c | 12 +---
>>  1 file changed, 9 insertions(+), 3 deletions(-)
> 
> Can you please submit the patch using git send-email so we can properly 
> review 
> it?

git-send-email or more specifically Net::SMTP only works with IPv4. The
SMTP server I use for submission only listens IPv6 addresses. Moreover,
TLS seems broken. I patched Net::SMTP to use IO::Socket::INET6 but gave
up because of the TLS issues and used git format-patch and git imap-send.

Regards,
Matthias-Christian

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[PATCH] crypto: user - Allow CRYPTO_MSG_GETALG without CAP_NET_ADMIN

2014-04-24 Thread Matthias-Christian Ott 

CRYPTO_USER requires CAP_NET_ADMIN for all operations. Most information
provided by CRYPTO_MSG_GETALG is also accessible through /proc/modules
and AF_ALG. CRYPTO_MSG_GETALG should not require CAP_NET_ADMIN so that
processes without CAP_NET_ADMIN can use CRYPTO_MSG_GETALG to get cipher
details, such as cipher priorities, for AF_ALG.

Signed-off-by: Matthias-Christian Ott 
---
 crypto/crypto_user.c | 12 +---
 1 file changed, 9 insertions(+), 3 deletions(-)


diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c
index 1512e41..aa906b8 100644
--- a/crypto/crypto_user.c
+++ b/crypto/crypto_user.c
@@ -265,6 +265,9 @@ static int crypto_update_alg(struct sk_buff *skb, struct nlmsghdr *nlh,
 	struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
 	LIST_HEAD(list);
 
+	if (!capable(CAP_NET_ADMIN))
+		return -EPERM;
+
 	if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
 		return -EINVAL;
 
@@ -295,6 +298,9 @@ static int crypto_del_alg(struct sk_buff *skb, struct nlmsghdr *nlh,
 	struct crypto_alg *alg;
 	struct crypto_user_alg *p = nlmsg_data(nlh);
 
+	if (!capable(CAP_NET_ADMIN))
+		return -EPERM;
+
 	if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
 		return -EINVAL;
 
@@ -379,6 +385,9 @@ static int crypto_add_alg(struct sk_buff *skb, struct nlmsghdr *nlh,
 	struct crypto_user_alg *p = nlmsg_data(nlh);
 	struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL];
 
+	if (!capable(CAP_NET_ADMIN))
+		return -EPERM;
+
 	if (!null_terminated(p->cru_name) || !null_terminated(p->cru_driver_name))
 		return -EINVAL;
 
@@ -466,9 +475,6 @@ static int crypto_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
 	type -= CRYPTO_MSG_BASE;
 	link = &crypto_dispatch[type];
 
-	if (!capable(CAP_NET_ADMIN))
-		return -EPERM;
-
 	if ((type == (CRYPTO_MSG_GETALG - CRYPTO_MSG_BASE) &&
 	(nlh->nlmsg_flags & NLM_F_DUMP))) {
 		struct crypto_alg *alg;

Why does CRYPTO_USER require CAP_NET_ADMIN?

2014-04-05 Thread Matthias-Christian Ott 
If I'm not mistaken, CRYPTO_USER requires CAP_NET_ADMIN for all
requests. Is there any reason for this requirement for read-only requests?

I think read-only requests should not require CAP_NET_ADMIN. An example
where this is important is important is AF_ALG. I'm working on AF_ALG
support for GnuTLS, encryption and decryption via AF_ALG does not
require special capabilities. However, retrieving the cipher priority to
determine whether the cipher is hardware accelerated does require
CAP_NET_ADMIN.

Regards,
Matthias-Christian
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Hardware acceleration indication in af_alg

2011-10-21 Thread Matthias-Christian Ott 
On Fri, Oct 21, 2011 at 04:15:41PM +0200, Matthias-Christian Ott wrote:
> On Fri, Oct 21, 2011 at 03:23:36PM +0200, Herbert Xu wrote:
> > Matthias-Christian Ott  wrote:
> > > I did some experiments with af_alg and noticed that to be really
> > > useful, it should indicate whether a certain algorithm is hardware
> > > accelerated. I guess this has to be inferred by the priority of the
> > > algorithm could be made available via a read-only socket option. Any
> > > thoughts on this?
> > > 
> > > I can imagine, an alternative approach and perhaps better approach
> > > would be to measure the speed of the kernel provided algorithm against
> > > a software implementation, but there are many other factors that could
> > > influence the results. Therefore, it is perhaps better to just make
> > > the assumption that hardware acceleration is faster which is made in
> > > the kernel anyhow.
> > 
> > You have to be careful to distinguish between hardware acceleration
> > that is directly available to user-space (such as AESNI) and those
> > that aren't.
> > 
> > For the former it makes zero sense to go through the kernel as
> > you'll only make it slower.  The latter case is the reason why
> > this interface exists.
> 
> This is why I didn't consider hardware acceleration that is directly
> available to user-space in the first place (I'm not aware of anything
> except CPUs that is usable this way). So the question remains whether
> e.g. the AES implementation provided through af_alg by the kernel is
> faster (and thus most likely hardware accelerated) than a software
> implementation. Since the kernel seems to make the assumption that
> hardware acceleration is faster, I asked whether it would be possible to
> pass this information to user-space as well.

Ignore that e-mail. The the recent user configuration patches
by Stefan Klassert seem to expose the algorithm's priority via
CRYPTOCFGA_PRIORITY_VAL. This should solve my problem, provided that
the patches will be included.

Regards,
Matthias-Christian
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: Hardware acceleration indication in af_alg

2011-10-21 Thread Matthias-Christian Ott 
On Fri, Oct 21, 2011 at 03:23:36PM +0200, Herbert Xu wrote:
> Matthias-Christian Ott  wrote:
> > I did some experiments with af_alg and noticed that to be really
> > useful, it should indicate whether a certain algorithm is hardware
> > accelerated. I guess this has to be inferred by the priority of the
> > algorithm could be made available via a read-only socket option. Any
> > thoughts on this?
> > 
> > I can imagine, an alternative approach and perhaps better approach
> > would be to measure the speed of the kernel provided algorithm against
> > a software implementation, but there are many other factors that could
> > influence the results. Therefore, it is perhaps better to just make
> > the assumption that hardware acceleration is faster which is made in
> > the kernel anyhow.
> 
> You have to be careful to distinguish between hardware acceleration
> that is directly available to user-space (such as AESNI) and those
> that aren't.
> 
> For the former it makes zero sense to go through the kernel as
> you'll only make it slower.  The latter case is the reason why
> this interface exists.

This is why I didn't consider hardware acceleration that is directly
available to user-space in the first place (I'm not aware of anything
except CPUs that is usable this way). So the question remains whether
e.g. the AES implementation provided through af_alg by the kernel is
faster (and thus most likely hardware accelerated) than a software
implementation. Since the kernel seems to make the assumption that
hardware acceleration is faster, I asked whether it would be possible to
pass this information to user-space as well.

Regards,
Matthias-Christian
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Hardware acceleration indication in af_alg

2011-10-18 Thread Matthias-Christian Ott 
I did some experiments with af_alg and noticed that to be really
useful, it should indicate whether a certain algorithm is hardware
accelerated. I guess this has to be inferred by the priority of the
algorithm could be made available via a read-only socket option. Any
thoughts on this?

I can imagine, an alternative approach and perhaps better approach
would be to measure the speed of the kernel provided algorithm against
a software implementation, but there are many other factors that could
influence the results. Therefore, it is perhaps better to just make
the assumption that hardware acceleration is faster which is made in
the kernel anyhow.

Regards,
Matthias-Christian
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html