91541ab192
Add simple tc hook selftests to show the way to work with new crypto BPF API. Some tricky dynptr initialization is used to provide empty iv dynptr. Simple AES-ECB algo is used to demonstrate encryption and decryption of fixed size buffers. Signed-off-by: Vadim Fedorenko <vadfed@meta.com> Link: https://lore.kernel.org/r/20240422225024.2847039-4-vadfed@meta.com Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
69 lines
1.1 KiB
C
69 lines
1.1 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
/* Copyright (c) 2023 Meta Platforms, Inc. and affiliates. */
|
|
|
|
#include "vmlinux.h"
|
|
#include <bpf/bpf_helpers.h>
|
|
#include <bpf/bpf_tracing.h>
|
|
#include "bpf_misc.h"
|
|
#include "bpf_kfuncs.h"
|
|
#include "crypto_common.h"
|
|
|
|
int status;
|
|
SEC("syscall")
|
|
int crypto_release(void *ctx)
|
|
{
|
|
struct bpf_crypto_params params = {
|
|
.type = "skcipher",
|
|
.algo = "ecb(aes)",
|
|
.key_len = 16,
|
|
};
|
|
|
|
struct bpf_crypto_ctx *cctx;
|
|
int err = 0;
|
|
|
|
status = 0;
|
|
|
|
cctx = bpf_crypto_ctx_create(¶ms, sizeof(params), &err);
|
|
|
|
if (!cctx) {
|
|
status = err;
|
|
return 0;
|
|
}
|
|
|
|
bpf_crypto_ctx_release(cctx);
|
|
|
|
return 0;
|
|
}
|
|
|
|
SEC("syscall")
|
|
__failure __msg("Unreleased reference")
|
|
int crypto_acquire(void *ctx)
|
|
{
|
|
struct bpf_crypto_params params = {
|
|
.type = "skcipher",
|
|
.algo = "ecb(aes)",
|
|
.key_len = 16,
|
|
};
|
|
struct bpf_crypto_ctx *cctx;
|
|
int err = 0;
|
|
|
|
status = 0;
|
|
|
|
cctx = bpf_crypto_ctx_create(¶ms, sizeof(params), &err);
|
|
|
|
if (!cctx) {
|
|
status = err;
|
|
return 0;
|
|
}
|
|
|
|
cctx = bpf_crypto_ctx_acquire(cctx);
|
|
if (!cctx)
|
|
return -EINVAL;
|
|
|
|
bpf_crypto_ctx_release(cctx);
|
|
|
|
return 0;
|
|
}
|
|
|
|
char __license[] SEC("license") = "GPL";
|