You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nuttx.apache.org by ag...@apache.org on 2019/12/20 19:28:17 UTC
[incubator-nuttx] branch netlink_crypto created (now 30e5315)
This is an automated email from the ASF dual-hosted git repository.
aguettouche pushed a change to branch netlink_crypto
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx.git.
at 30e5315 Add files missed in last commit
This branch includes the following new commits:
new 9ae00b5 Restore netlink_crypto branch broken by a bad merge. Includes these changes:
new 30e5315 Add files missed in last commit
The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[incubator-nuttx] 01/02: Restore netlink_crypto branch broken by a
bad merge. Includes these changes:
Posted by ag...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
aguettouche pushed a commit to branch netlink_crypto
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx.git
commit 9ae00b5433ce3003ddfeeb4af1585d79f3d27ff6
Author: Gregory Nutt <gn...@nuttx.org>
AuthorDate: Fri Nov 29 14:38:44 2019 -0600
Restore netlink_crypto branch broken by a bad merge. Includes these changes:
Author: Gregory Nutt <gn...@nuttx.org>
Date: Mon Nov 18 17:07:37 2019 -0600
crypto/crypto_netlink.*: All pointers to request structures should be 'const'.
Author: Gregory Nutt <gn...@nuttx.org>
Date: Mon Nov 18 16:06:59 2019 -0600
crypto/ and net/netlink: Fix some early compilation problems. Of course we cannot expect a clean build now because the crypto-side mess
aging is incomplete.
Author: Gregory Nutt <gn...@nuttx.org>
Date: Mon Nov 18 11:21:09 2019 -0600
net/netlink/netlink.h: Add missing function prototypes.
Author: Gregory Nutt <gn...@nuttx.org>
Date: Mon Nov 18 11:08:43 2019 -0600
net/netlink/netlink_crypto.c and netlink_sockif.c: Add some overlooked parts of the message routing.
Author: Gregory Nutt <gn...@nuttx.org>
Date: Mon Nov 18 10:45:32 2019 -0600
net/netlink/netlink_crypto.c and crypto/crypto_netlink.c: Fleshes out the framework for the NETLINK_CRYPTO message handling. Just needs
verfication and implementation of the actual crypto request message handling.
Author: Gregory Nutt <gn...@nuttx.org>
Date: Mon Nov 18 09:52:30 2019 -0600
Rename crypto/netlink.h to crypto/crypto_netlink.h
Author: Gregory Nutt <gn...@nuttx.org>
Date: Sun Nov 17 11:02:34 2019 -0600
crypto/netlink and include/netpack/netlink.h: Some initial definitions for NETLINK_CRYPTO messaging.
---
crypto/Makefile | 4 +
include/netpacket/netlink.h | 237 +++++++++++++++++++++++++++++++++++++++++++
include/sys/socket.h | 2 +
net/netlink/Kconfig | 12 +++
net/netlink/Make.defs | 4 +
net/netlink/netlink.h | 31 ++++++
net/netlink/netlink_sockif.c | 25 +++++
7 files changed, 315 insertions(+)
diff --git a/crypto/Makefile b/crypto/Makefile
index 13c7b42..a26c31d 100644
--- a/crypto/Makefile
+++ b/crypto/Makefile
@@ -68,6 +68,10 @@ ifeq ($(CONFIG_CRYPTO_RANDOM_POOL),y)
CRYPTO_CSRCS += random_pool.c
endif
+ifeq ($(CONFIG_NETLINK_CRYPTO),y)
+ CRYPTO_CSRCS += crypto_netlink.c
+endif
+
endif # CONFIG_CRYPTO
ASRCS = $(CRYPTO_ASRCS)
diff --git a/include/netpacket/netlink.h b/include/netpacket/netlink.h
index f1fdd7e..0f1775b 100644
--- a/include/netpacket/netlink.h
+++ b/include/netpacket/netlink.h
@@ -351,6 +351,67 @@
#define RT_SCOPE_HOST 254 /* Route on local host */
#define RT_SCOPE_NOWHERE 255 /* Destination does not exist */
+/* NETLINK_CRYPTO protocol message types ************************************/
+
+/* Algorithim socket options */
+
+#define ALG_SET_KEY 1
+#define ALG_SET_IV 2
+#define ALG_SET_OP 3
+#define ALG_SET_AEAD_ASSOCLEN 4
+#define ALG_SET_AEAD_AUTHSIZE 5
+
+/* Algorithm operations */
+
+#define ALG_OP_DECRYPT 0
+#define ALG_OP_ENCRYPT 1
+
+/* NETLINK_CRYPTO message types */
+
+#define CRYPTO_MSG_NEWALG (RTM_LASTMSG + 1)
+#define CRYPTO_MSG_DELALG (RTM_LASTMSG + 2)
+#define CRYPTO_MSG_UPDATEALG (RTM_LASTMSG + 3)
+#define CRYPTO_MSG_GETALG (RTM_LASTMSG + 4)
+#define CRYPTO_MSG_DELRNG (RTM_LASTMSG + 5)
+#define CRYPTO_MSG_GETSTAT (RTM_LASTMSG + 6)
+
+#define CRYPTO_MSG_LAST (RTM_LASTMSG + 6)
+
+/* NETLINK_CRYPTO report attributes. */
+
+#define CRYPTOCFGA_UNSPEC 0
+#define CRYPTOCFGA_PRIORITY_VAL 1 /* Argument: uint32_t */
+
+#define CRYPTOCFGA_REPORT_LARVAL 2 /* Argument: struct crypto_report_larval */
+#define CRYPTOCFGA_REPORT_HASH 3 /* Argument: struct crypto_report_hash */
+#define CRYPTOCFGA_REPORT_BLKCIPHER 4 /* Argument: struct crypto_report_blkcipher */
+#define CRYPTOCFGA_REPORT_AEAD 5 /* Argument: struct crypto_report_aead */
+#define CRYPTOCFGA_REPORT_COMPRESS 6 /* Argument: struct crypto_report_comp */
+#define CRYPTOCFGA_REPORT_RNG 7 /* Argument: struct crypto_report_rng */
+#define CRYPTOCFGA_REPORT_CIPHER 8 /* Argument: struct crypto_report_cipher */
+#define CRYPTOCFGA_REPORT_AKCIPHER 9 /* Argument: struct crypto_report_akcipher */
+#define CRYPTOCFGA_REPORT_KPP 0 /* Argument: struct crypto_report_kpp */
+#define CRYPTOCFGA_REPORT_ACOMP 1 /* Argument: struct crypto_report_acomp */
+
+#define CRYPTOCFGA_STAT_LARVAL 2 /* Argument: struct crypto_stat_larval */
+#define CRYPTOCFGA_STAT_HASH 3 /* Argument: struct crypto_stat_hash */
+#define CRYPTOCFGA_STAT_BLKCIPHER 4 /* Argument: struct crypto_stat_blkcipher */
+#define CRYPTOCFGA_STAT_AEAD 5 /* Argument: struct crypto_stat_aead */
+#define CRYPTOCFGA_STAT_COMPRESS 6 /* Argument: struct crypto_stat_comp */
+#define CRYPTOCFGA_STAT_RNG 7 /* Argument: struct crypto_stat_rng */
+#define CRYPTOCFGA_STAT_CIPHER 8 /* Argument: struct crypto_stat_cipher */
+#define CRYPTOCFGA_STAT_AKCIPHER 9 /* Argument: struct crypto_stat_akcipher */
+#define CRYPTOCFGA_STAT_KPP 10 /* Argument: struct crypto_stat_kpp */
+#define CRYPTOCFGA_STAT_ACOMP 11 /* Argument: struct crypto_stat_acomp */
+
+/* Max size of names. No magic here. These can be extended as necessary. */
+
+#define CRYPTO_MAX_ALG_NAME 32
+#define CRYPTO_MAX_NAME 32
+
+#define CRYPTO_REPORT_MAXSIZE \
+ (sizeof(struct crypto_user_alg) + sizeof(struct crypto_report_blkcipher))
+
/****************************************************************************
* Public Type Definitions
****************************************************************************/
@@ -465,6 +526,182 @@ struct rtmsg
uint32_t rtm_flags;
};
+/* NETLINK_CRYPTO Structures *************************************************/
+
+/* Algorithm socket address */
+
+struct sockaddr_alg
+{
+ uint16_t salg_family;
+ uint8_t salg_type[14];
+ uint32_t salg_feat;
+ uint32_t salg_mask;
+ uint8_t salg_name[64];
+};
+
+struct af_alg_iv
+{
+ uint32_t ivlen;
+ uint8_t iv[0];
+};
+
+/* NETLINK_CRYPTO Message Structures */
+
+struct crypto_user_alg
+{
+ char cru_name[CRYPTO_MAX_ALG_NAME];
+ char cru_driver_name[CRYPTO_MAX_ALG_NAME];
+ char cru_module_name[CRYPTO_MAX_ALG_NAME];
+ uint32_t cru_type;
+ uint32_t cru_mask;
+ uint32_t cru_refcnt;
+ uint32_t cru_flags;
+};
+
+struct crypto_report_larval
+{
+ char type[CRYPTO_MAX_NAME];
+};
+
+struct crypto_report_hash
+{
+ char type[CRYPTO_MAX_NAME];
+ size_t blocksize;
+ size_t digestsize;
+};
+
+struct crypto_report_cipher
+{
+ char type[CRYPTO_MAX_ALG_NAME];
+ size_t blocksize;
+ size_t min_keysize;
+ size_t max_keysize;
+};
+
+struct crypto_report_blkcipher
+{
+ char type[CRYPTO_MAX_NAME];
+ char geniv[CRYPTO_MAX_NAME];
+ size_t blocksize;
+ size_t min_keysize;
+ size_t max_keysize;
+ size_t ivsize;
+};
+
+struct crypto_report_aead
+{
+ char type[CRYPTO_MAX_NAME];
+ char geniv[CRYPTO_MAX_NAME];
+ size_t blocksize;
+ size_t maxauthsize;
+ size_t ivsize;
+};
+
+struct crypto_report_comp
+{
+ char type[CRYPTO_MAX_NAME];
+};
+
+struct crypto_report_rng
+{
+ char type[CRYPTO_MAX_NAME];
+ size_t seedsize;
+};
+
+struct crypto_report_akcipher
+{
+ char type[CRYPTO_MAX_NAME];
+};
+
+struct crypto_report_kpp
+{
+ char type[CRYPTO_MAX_NAME];
+};
+
+struct crypto_report_acomp
+{
+ char type[CRYPTO_MAX_NAME];
+};
+
+struct crypto_stat_larval
+{
+ char type[CRYPTO_MAX_NAME];
+};
+
+#ifdef CONFIG_HAVE_LONG_LONG
+typedef uint64_t crypto_stat_t;
+#else
+typedef uint32_t crypto_stat_t;
+#endif
+
+struct crypto_stat_aead
+{
+ char type[CRYPTO_MAX_NAME];
+ crypto_stat_t stat_encrypt_cnt;
+ crypto_stat_t stat_encrypt_tlen;
+ crypto_stat_t stat_decrypt_cnt;
+ crypto_stat_t stat_decrypt_tlen;
+ crypto_stat_t stat_err_cnt;
+};
+
+struct crypto_stat_akcipher
+{
+ char type[CRYPTO_MAX_NAME];
+ crypto_stat_t stat_encrypt_cnt;
+ crypto_stat_t stat_encrypt_tlen;
+ crypto_stat_t stat_decrypt_cnt;
+ crypto_stat_t stat_decrypt_tlen;
+ crypto_stat_t stat_verify_cnt;
+ crypto_stat_t stat_sign_cnt;
+ crypto_stat_t stat_err_cnt;
+};
+
+struct crypto_stat_cipher
+{
+ char type[CRYPTO_MAX_NAME];
+ crypto_stat_t stat_encrypt_cnt;
+ crypto_stat_t stat_encrypt_tlen;
+ crypto_stat_t stat_decrypt_cnt;
+ crypto_stat_t stat_decrypt_tlen;
+ crypto_stat_t stat_err_cnt;
+};
+
+struct crypto_stat_compress
+{
+ char type[CRYPTO_MAX_NAME];
+ crypto_stat_t stat_compress_cnt;
+ crypto_stat_t stat_compress_tlen;
+ crypto_stat_t stat_decompress_cnt;
+ crypto_stat_t stat_decompress_tlen;
+ crypto_stat_t stat_err_cnt;
+};
+
+struct crypto_stat_hash
+{
+ char type[CRYPTO_MAX_NAME];
+ crypto_stat_t stat_hash_cnt;
+ crypto_stat_t stat_hash_tlen;
+ crypto_stat_t stat_err_cnt;
+};
+
+struct crypto_stat_kpp
+{
+ char type[CRYPTO_MAX_NAME];
+ crypto_stat_t stat_setsecret_cnt;
+ crypto_stat_t stat_generate_public_key_cnt;
+ crypto_stat_t stat_compute_shared_secret_cnt;
+ crypto_stat_t stat_err_cnt;
+};
+
+struct crypto_stat_rng
+{
+ char type[CRYPTO_MAX_NAME];
+ crypto_stat_t stat_generate_cnt;
+ crypto_stat_t stat_generate_tlen;
+ crypto_stat_t stat_seed_cnt;
+ crypto_stat_t stat_err_cnt;
+};
+
/****************************************************************************
* Public Function Prototypes
****************************************************************************/
diff --git a/include/sys/socket.h b/include/sys/socket.h
index b462cda..0b7b46f 100644
--- a/include/sys/socket.h
+++ b/include/sys/socket.h
@@ -64,6 +64,7 @@
#define PF_PACKET 17 /* Low level packet interface */
#define PF_BLUETOOTH 31 /* Bluetooth sockets */
#define PF_IEEE802154 36 /* Low level IEEE 802.15.4 radio frame interface */
+#define PF_ALG 38 /* Crypto algorithm sockets */
#define PF_PKTRADIO 64 /* Low level packet radio interface */
/* Supported Address Families. Opengroup.org requires only AF_UNSPEC,
@@ -80,6 +81,7 @@
#define AF_PACKET PF_PACKET
#define AF_BLUETOOTH PF_BLUETOOTH
#define AF_IEEE802154 PF_IEEE802154
+#define AF_ALG PF_ALG
#define AF_PKTRADIO PF_PKTRADIO
/* The socket created by socket() has the indicated type, which specifies
diff --git a/net/netlink/Kconfig b/net/netlink/Kconfig
index b7d094e..679a03a 100644
--- a/net/netlink/Kconfig
+++ b/net/netlink/Kconfig
@@ -57,6 +57,18 @@ config NETLINK_DISABLE_GETROUTE
RTM_GETROUTE is used to retrieve routing tables.
endif # NETLINK_ROUTE
+
+config NETLINK_CRYPTO
+ bool "Netlink Crypto protocol"
+ default n
+ select CRYPTO
+ depends on EXPERIMENTAL
+ ---help---
+ Support the NETLINK_CRYPTO protocol option.
+
+if NETLINK_CRYPTO
+
+endif # NETLINK_CRYPTO
endmenu # Netlink Protocols
endif # NET_NETLINK
endmenu # Netlink Socket Support
diff --git a/net/netlink/Make.defs b/net/netlink/Make.defs
index 5e1a58a..56200cc 100644
--- a/net/netlink/Make.defs
+++ b/net/netlink/Make.defs
@@ -44,6 +44,10 @@ ifeq ($(CONFIG_NETLINK_ROUTE),y)
NET_CSRCS += netlink_route.c
endif
+ifeq ($(CONFIG_NETLINK_CRYPTO),y)
+NET_CSRCS += netlink_crypto.c
+endif
+
# Include netlink build support
DEPPATH += --dep-path netlink
diff --git a/net/netlink/netlink.h b/net/netlink/netlink.h
index 9232f87..413a97a 100644
--- a/net/netlink/netlink.h
+++ b/net/netlink/netlink.h
@@ -339,6 +339,37 @@ ssize_t netlink_route_recvfrom(FAR struct socket *psock,
FAR struct sockaddr_nl *from);
#endif
+/****************************************************************************
+ * Name: netlink_crypto_sendto()
+ *
+ * Description:
+ * Perform the sendto() operation for the NETLINK_CRYPTO protocol.
+ *
+ ****************************************************************************/
+
+#ifdef CONFIG_NETLINK_CRYPTO
+ssize_t netlink_crypto_sendto(FAR struct socket *psock,
+ FAR const struct nlmsghdr *nlmsg,
+ size_t len, int flags,
+ FAR const struct sockaddr_alg *to,
+ socklen_t tolen);
+#endif
+
+/****************************************************************************
+ * Name: netlink_crypto_recvfrom()
+ *
+ * Description:
+ * Perform the recvfrom() operation for the NETLINK_CRYPTO protocol.
+ *
+ ****************************************************************************/
+
+#ifdef CONFIG_NETLINK_CRYPTO
+ssize_t netlink_crypto_recvfrom(FAR struct socket *psock,
+ FAR struct nlmsghdr *nlmsg,
+ size_t len, int flags,
+ FAR struct sockaddr_alg *from);
+#endif
+
#undef EXTERN
#ifdef __cplusplus
}
diff --git a/net/netlink/netlink_sockif.c b/net/netlink/netlink_sockif.c
index 378cbae..97776e4 100644
--- a/net/netlink/netlink_sockif.c
+++ b/net/netlink/netlink_sockif.c
@@ -152,6 +152,11 @@ static int netlink_setup(FAR struct socket *psock, int protocol)
break;
#endif
+#ifdef CONFIG_NETLINK_CRYPTO
+ case NETLINK_CRYPTO:
+ break;
+#endif
+
default:
return -EPROTONOSUPPORT;
}
@@ -802,6 +807,14 @@ static ssize_t netlink_sendto(FAR struct socket *psock, FAR const void *buf,
break;
#endif
+#ifdef CONFIG_NETLINK_CRYPTO
+ case NETLINK_CRYPTO:
+ ret = netlink_crypto_sendto(psock, nlmsg, len, flags,
+ (FAR struct sockaddr_alg *)to,
+ tolen);
+ break;
+#endif
+
default:
ret = -EOPNOTSUPP;
break;
@@ -865,6 +878,18 @@ static ssize_t netlink_recvfrom(FAR struct socket *psock, FAR void *buf,
break;
#endif
+#ifdef CONFIG_NETLINK_CRYPTO
+ case NETLINK_CRYPTO:
+ ret = netlink_crypto_recvfrom(psock, nlmsg, len, flags,
+ (FAR struct sockaddr_alg *)from);
+ if (ret >= 0 && fromlen != NULL)
+ {
+ *fromlen = sizeof(struct sockaddr_alg);
+ }
+
+ break;
+#endif
+
default:
ret = -EOPNOTSUPP;
break;
[incubator-nuttx] 02/02: Add files missed in last commit
Posted by ag...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
aguettouche pushed a commit to branch netlink_crypto
in repository https://gitbox.apache.org/repos/asf/incubator-nuttx.git
commit 30e5315482c8470e4273849c384e504ca1701a4b
Author: Gregory Nutt <gn...@nuttx.org>
AuthorDate: Fri Nov 29 15:03:55 2019 -0600
Add files missed in last commit
---
crypto/crypto_netlink.c | 202 ++++++++++++++++++++++++++++++++++
crypto/crypto_netlink.h | 146 ++++++++++++++++++++++++
include/nuttx/crypto/crypto_netlink.h | 81 ++++++++++++++
net/netlink/netlink_crypto.c | 193 ++++++++++++++++++++++++++++++++
4 files changed, 622 insertions(+)
diff --git a/crypto/crypto_netlink.c b/crypto/crypto_netlink.c
new file mode 100644
index 0000000..ffdbcc9
--- /dev/null
+++ b/crypto/crypto_netlink.c
@@ -0,0 +1,202 @@
+/****************************************************************************
+ * crypto/crypto_netlink.c
+ * Provides the Netlink interface between the socket layer and the crypto
+ * subsystem.
+ *
+ * Copyright (C) 2019 Gregory Nutt. All rights reserved.
+ * Author: Gregory Nutt <gn...@nuttx.org>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * 3. Neither the name NuttX nor the names of its contributors may be
+ * used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ ****************************************************************************/
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <nuttx/config.h>
+
+#include <sys/types.h>
+#include <stdbool.h>
+#include <string.h>
+#include <poll.h>
+#include <assert.h>
+#include <debug.h>
+#include <errno.h>
+
+#include <netpacket/netlink.h>
+#include <nuttx/net/netlink.h>
+#include <nuttx/crypto/crypto_netlink.h>
+
+#include "crypto_netlink.h"
+
+/****************************************************************************
+ * Public Functions
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: crypto_request_handler
+ *
+ * Description:
+ * This function receives the raw NETLINK_CRYPTO request and provides that
+ * request to the appropriate handler.
+ *
+ * Input Parameters:
+ * handle - A handle for use in subsequent calls to netlink_add_response()
+ * when the response to the request is available.
+ * req - A reference to the common header of the Netlink messages.
+ * This may be cast to the specific message type associated with
+ * the decoded Netlink messages.
+ * reqlen - The full length of the request 'req'
+ * to - The destination address for bound sockets.
+ *
+ * Returned Value
+ * Zero is returned on success meaning that the response was successfully
+ * processed. In this case, a response has been or will be generated. In
+ * the event of an error, a negated errno value will be returned.
+ *
+ ****************************************************************************/
+
+int crypto_request_handler(NETLINK_HANDLE handle,
+ FAR const struct nlmsghdr *req, size_t reqlen,
+ FAR const struct sockaddr_alg *to)
+{
+ int ret;
+
+ DEBUGASSERT(handle != NULL && req != NULL);
+
+ /* Dispatch the NETLINK_CRYPTO request according to its nlmsg_type */
+
+ switch (req->nlmsg_type)
+ {
+ case CRYPTO_MSG_NEWALG:
+ {
+ FAR const struct crypto_msg_newalg_request_s *newalg =
+ (FAR const struct crypto_msg_newalg_request_s *)req;
+
+ if (reqlen < sizeof(struct crypto_msg_newalg_request_s))
+ {
+ ret = -EINVAL;
+ }
+ else
+ {
+ ret = crypto_newalg_request(handle, newalg, reqlen, to);
+ }
+ }
+ break;
+
+ case CRYPTO_MSG_DELALG:
+ {
+ FAR const struct crypto_msg_delalg_request_s *delalg =
+ (FAR const struct crypto_msg_delalg_request_s *)req;
+
+ if (reqlen < sizeof(struct crypto_msg_delalg_request_s))
+ {
+ ret = -EINVAL;
+ }
+ else
+ {
+ ret = crypto_delalg_request(handle, delalg, reqlen, to);
+ }
+ }
+ break;
+
+ case CRYPTO_MSG_UPDATEALG:
+ {
+ FAR const struct crypto_msg_updatealg_request_s *updatealg =
+ (FAR const struct crypto_msg_updatealg_request_s *)req;
+
+ if (reqlen < sizeof(struct crypto_msg_updatealg_request_s))
+ {
+ ret = -EINVAL;
+ }
+ else
+ {
+ ret = crypto_updatealg_request(handle, updatealg, reqlen, to);
+ }
+ }
+ break;
+
+ case CRYPTO_MSG_GETALG:
+ {
+ FAR const struct crypto_msg_getalg_request_s *getalg =
+ (FAR const struct crypto_msg_getalg_request_s *)req;
+
+ if (reqlen < sizeof(struct crypto_msg_getalg_request_s))
+ {
+ ret = -EINVAL;
+ }
+ else
+ {
+ ret = crypto_getalg_request(handle, getalg, reqlen, to);
+ }
+ }
+ break;
+
+ case CRYPTO_MSG_DELRNG:
+ {
+ FAR const struct crypto_msg_delrng_request_s *delrng =
+ (FAR const struct crypto_msg_delrng_request_s *)req;
+
+ if (reqlen < sizeof(struct crypto_msg_delrng_request_s))
+ {
+ ret = -EINVAL;
+ }
+ else
+ {
+ ret = crypto_delrng_request(handle, delrng, reqlen, to);
+ }
+ }
+ break;
+
+ case CRYPTO_MSG_GETSTAT:
+ {
+ FAR const struct crypto_msg_getstat_request_s *getstat =
+ (FAR const struct crypto_msg_getstat_request_s *)req;
+
+ if (reqlen < sizeof(struct crypto_msg_getstat_request_s))
+ {
+ ret = -EINVAL;
+ }
+ else
+ {
+ ret = crypto_getstat_request(handle, getstat, reqlen, to);
+ }
+ }
+ break;
+
+ default:
+ {
+ nerr("ERROR: Invalid nlmsg_type: %u\n", req->nlmsg_type);
+ ret = -EINVAL;
+ }
+ break;
+ }
+
+ return ret;
+}
diff --git a/crypto/crypto_netlink.h b/crypto/crypto_netlink.h
new file mode 100644
index 0000000..c9b5d51
--- /dev/null
+++ b/crypto/crypto_netlink.h
@@ -0,0 +1,146 @@
+/****************************************************************************
+ * crypto/crypto_netlink.h
+ * Describes NETLINK_CRYPTO messaging
+ *
+ * Copyright (C) 2019 Gregory Nutt. All rights reserved.
+ * Author: Gregory Nutt <gn...@nuttx.org>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * 3. Neither the name NuttX nor the names of its contributors may be
+ * used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ ****************************************************************************/
+
+#ifndef __CRYPTO_CRYPTO_NETLINK_H
+#define __CRYPTO_CRYPTO_NETLINK_H
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <nuttx/config.h>
+
+#include <netpacket/netlink.h>
+#include <nuttx/net/netlink.h>
+
+/****************************************************************************
+ * Pre-processor Definitions
+ ****************************************************************************/
+
+/****************************************************************************
+ * Public Types
+ ****************************************************************************/
+
+/* Request Message Structures */
+
+struct crypto_msg_newalg_request_s
+{
+ struct nlmsghdr hdr; /* nlmsg_type = CRYPTO_MSG_NEWALG */
+ struct crypto_user_alg alg;
+};
+
+struct crypto_msg_delalg_request_s
+{
+ struct nlmsghdr hdr; /* nlmsg_type = CRYPTO_MSG_DELALG */
+ struct crypto_user_alg alg;
+};
+
+struct crypto_msg_updatealg_request_s
+{
+ struct nlmsghdr hdr; /* nlmsg_type = CRYPTO_MSG_UPDATEALG */
+ struct crypto_user_alg alg;
+};
+
+struct crypto_msg_getalg_request_s
+{
+ struct nlmsghdr hdr; /* nlmsg_type = CRYPTO_MSG_GETALG */
+ struct crypto_user_alg alg;
+};
+
+struct crypto_msg_delrng_request_s
+{
+ struct nlmsghdr hdr; /* nlmsg_type = CRYPTO_MSG_DELRNG */
+};
+
+struct crypto_msg_getstat_request_s
+{
+ struct nlmsghdr hdr; /* nlmsg_type = CRYPTO_MSG_GETSTAT */
+ struct crypto_user_alg alg;
+};
+
+/* Response message structures */
+
+/****************************************************************************
+ * Public Function Prototypes
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: crypto_*alg_request
+ *
+ * Description:
+ * The is a set of messages handlers that are required to provide the
+ * response to each NETLINK_CRYPTO request message.
+ *
+ * If successfully, each function will create the appropriate response
+ * message and queue that message via a call to netlink_add_response().
+ * That call may be synchronous with the call to the response handler
+ * or may occur sometime later asynchronously.
+ *
+ * Input Parameters:
+ * handle - A handle for use in subsequent calls to netlink_add_response()
+ * when the response to the request is available.
+ * req - A reference received request.
+ * reqlen - The size of the received request. This size is guaranteed by
+ * the message dispatcher to be at least as large as the type
+ * refereed to by the 'req' parameter.
+ *
+ * Returned Value
+ * Zero is returned on success meaning that the response was successfully
+ * processed. In this case, a response has been or will be generated. In
+ * the event of an error, a negated errno value will be returned.
+ *
+ ****************************************************************************/
+
+int crypto_newalg_request(NETLINK_HANDLE handle,
+ FAR const struct crypto_msg_newalg_request_s *req,
+ size_t reqlen, FAR const struct sockaddr_alg *to);
+int crypto_delalg_request(NETLINK_HANDLE handle,
+ FAR const struct crypto_msg_delalg_request_s *req,
+ size_t reqlen, FAR const struct sockaddr_alg *to);
+int crypto_updatealg_request(NETLINK_HANDLE handle,
+ FAR const struct crypto_msg_updatealg_request_s *req,
+ size_t reqlen, FAR const struct sockaddr_alg *to);
+int crypto_getalg_request(NETLINK_HANDLE handle,
+ FAR const struct crypto_msg_getalg_request_s *req,
+ size_t reqlen, FAR const struct sockaddr_alg *to);
+int crypto_delrng_request(NETLINK_HANDLE handle,
+ FAR const struct crypto_msg_delrng_request_s *req,
+ size_t reqlen, FAR const struct sockaddr_alg *to);
+int crypto_getstat_request(NETLINK_HANDLE handle,
+ FAR const struct crypto_msg_getstat_request_s *req,
+ size_t reqlen, FAR const struct sockaddr_alg *to);
+
+#endif /* __CRYPTO_CRYPTO_NETLINK_H */
diff --git a/include/nuttx/crypto/crypto_netlink.h b/include/nuttx/crypto/crypto_netlink.h
new file mode 100644
index 0000000..10b5ada
--- /dev/null
+++ b/include/nuttx/crypto/crypto_netlink.h
@@ -0,0 +1,81 @@
+/****************************************************************************
+ * include/nuttx/crypto/crypto_netlink.h
+ * Describes Netlink interface between the socket layer and the crypto
+ * subsystem.
+ *
+ * Copyright (C) 2019 Gregory Nutt. All rights reserved.
+ * Author: Gregory Nutt <gn...@nuttx.org>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * 3. Neither the name NuttX nor the names of its contributors may be
+ * used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ ****************************************************************************/
+
+#ifndef __INCLUDE_NUTTX_CRYPTO_CRYPTO_NETLINK_H
+#define __INCLUDE_NUTTX_CRYPTO_CRYPTO_NETLINK_H
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <nuttx/config.h>
+
+#include <netpacket/netlink.h>
+#include <nuttx/net/netlink.h>
+
+/****************************************************************************
+ * Public Function Prototypes
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: crypto_request_handler
+ *
+ * Description:
+ * This function receives the raw NETLINK_CRYPTO request and provides that
+ * request to the appropriate handler.
+ *
+ * Input Parameters:
+ * handle - A handle for use in subsequent calls to netlink_add_response()
+ * when the response to the request is available.
+ * req - A reference to the common header of the Netlink messages.
+ * This may be cast to the specific message type associated with
+ * the decoded Netlink messages.
+ * reqlen - The full length of the request 'req'
+ * to - The destination address for bound sockets.
+ *
+ * Returned Value
+ * Zero is returned on success meaning that the response was successfully
+ * processed. In this case, a response has been or will be generated. In
+ * the event of an error, a negated errno value will be returned.
+ *
+ ****************************************************************************/
+
+int crypto_request_handler(NETLINK_HANDLE handle,
+ FAR const struct nlmsghdr *req, size_t reqlen,
+ FAR const struct sockaddr_alg *to);
+
+#endif /* __INCLUDE_NUTTX_CRYPTO_CRYPTO_NETLINK_H */
diff --git a/net/netlink/netlink_crypto.c b/net/netlink/netlink_crypto.c
new file mode 100644
index 0000000..45b6551
--- /dev/null
+++ b/net/netlink/netlink_crypto.c
@@ -0,0 +1,193 @@
+/****************************************************************************
+ * net/netlink/netlink_crypto.c
+ *
+ * Copyright (C) 2019 Gregory Nutt. All rights reserved.
+ * Author: Gregory Nutt <gn...@nuttx.org>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * 3. Neither the name NuttX nor the names of its contributors may be
+ * used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
+ * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+ * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
+ * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
+ * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
+ * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ *
+ ****************************************************************************/
+
+/****************************************************************************
+ * Included Files
+ ****************************************************************************/
+
+#include <nuttx/config.h>
+
+#include <sys/types.h>
+#include <string.h>
+#include <assert.h>
+#include <errno.h>
+
+#include <nuttx/kmalloc.h>
+#include <nuttx/crypto/crypto_netlink.h>
+
+#include "netlink/netlink.h"
+
+#ifdef CONFIG_NETLINK_CRYPTO
+
+/****************************************************************************
+ * Pre-processor Definitions
+ ****************************************************************************/
+
+/* Configuration ************************************************************/
+
+/* Helpers ******************************************************************/
+
+/****************************************************************************
+ * Private Types
+ ****************************************************************************/
+
+/****************************************************************************
+ * Private Functions
+ ****************************************************************************/
+
+/****************************************************************************
+ * Public Functions
+ ****************************************************************************/
+
+/****************************************************************************
+ * Name: netlink_crypto_sendto()
+ *
+ * Description:
+ * Perform the sendto() operation for the NETLINK_CRYPTO protocol.
+ *
+ ****************************************************************************/
+
+ssize_t netlink_crypto_sendto(FAR struct socket *psock,
+ FAR const struct nlmsghdr *nlmsg,
+ size_t len, int flags,
+ FAR const struct sockaddr_alg *to,
+ socklen_t tolen)
+{
+ int ret;
+
+ DEBUGASSERT(psock != NULL && nlmsg != NULL &&
+ nlmsg->nlmsg_len >= sizeof(struct nlmsghdr) &&
+ len >= sizeof(struct nlmsghdr) &&
+ len >= nlmsg->nlmsg_len && to != NULL &&
+ tolen >= sizeof(struct sockaddr_alg));
+
+ /* Message parsing is handled by the crypto subsystem.
+ */
+
+ ret = crypto_request_handler((NETLINK_HANDLE)psock, nlmsg, len, to);
+
+ /* On success, return the size of the request that was processed */
+
+ if (ret >= 0)
+ {
+ ret = len;
+ }
+
+ return ret;
+}
+
+/****************************************************************************
+ * Name: netlink_crypto_recvfrom()
+ *
+ * Description:
+ * Perform the recvfrom() operation for the NETLINK_CRYPTO protocol.
+ *
+ ****************************************************************************/
+
+ssize_t netlink_crypto_recvfrom(FAR struct socket *psock,
+ FAR struct nlmsghdr *nlmsg,
+ size_t len, int flags,
+ FAR struct sockaddr_alg *from)
+{
+ FAR struct netlink_response_s *entry;
+ ssize_t ret;
+
+ DEBUGASSERT(psock != NULL && nlmsg != NULL &&
+ len >= sizeof(struct nlmsghdr));
+
+ /* Find the response to this message. The return value */
+
+ entry = (FAR struct netlink_response_s *)netlink_tryget_response(psock);
+ if (entry == NULL)
+ {
+ /* No response is variable, but presumably, one is expected. Check
+ * if the socket has been configured for non-blocking operation.
+ * REVISIT: I think there needs to be some higher level logic to
+ * select Netlink non-blocking sockets.
+ */
+
+ if (_SS_ISNONBLOCK(psock->s_flags))
+ {
+ return -EAGAIN;
+ }
+
+ /* Wait for the response. This should always succeed. */
+
+ entry = (FAR struct netlink_response_s *)netlink_get_response(psock);
+ DEBUGASSERT(entry != NULL);
+ if (entry == NULL)
+ {
+ return -EPIPE;
+ }
+ }
+
+ if (len < entry->msg.nlmsg_len)
+ {
+ kmm_free(entry);
+ return -EMSGSIZE;
+ }
+
+ /* Handle the response according to the message type */
+
+ switch (entry->msg.nlmsg_type)
+ {
+#warning Missing logic
+ case ???:
+ {
+ /* Return address. REVISIT... this is just a guess. */
+
+ if (from != NULL)
+ {
+#warning Missing logic
+ }
+
+ /* The return value is the payload size, i.e., the */
+
+ ret = entry->msg.nlmsg_len;
+ }
+ break;
+
+ default:
+ nerr("ERROR: Unrecognized message type: %u\n",
+ entry->msg.nlmsg_type);
+ ret = -EIO;
+ break;
+ }
+
+ kmm_free(entry);
+ return ret;
+}
+
+#endif /* CONFIG_NETLINK_CRYPTO */