Skip to content

Add cryptographic hash and signature verification kfuncs to BPF #10446

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
kernel-patches-daemon-bpf wants to merge 6 commits into from
Closed

Add cryptographic hash and signature verification kfuncs to BPF #10446

kernel-patches-daemon-bpf wants to merge 6 commits into from

Conversation

@kernel-patches-daemon-bpf
Copy link

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot commented Dec 8, 2025

Pull request for series with
subject: Add cryptographic hash and signature verification kfuncs to BPF
version: 3
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1031239

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 8, 2025

Upstream branch: 5d9fb42
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1031239
version: 3

@kernel-patches-review-bot
Copy link

kernel-patches-review-bot bot commented Dec 8, 2025 

commit fc78df752ba126f9138a83fd0bae4d12f24bd320
Author: Daniel Hodges <[email protected]>

crypto: Add BPF hash algorithm type registration module

This commit adds bpf_crypto_shash module that registers a hash type with
the BPF crypto infrastructure through the bpf_crypto_type interface.

> diff --git a/crypto/bpf_crypto_shash.c b/crypto/bpf_crypto_shash.c
> new file mode 100644
> index 000000000000..95c178ec0ce8
> --- /dev/null
> +++ b/crypto/bpf_crypto_shash.c
> @@ -0,0 +1,95 @@
[ ... ]
> +
> +static const struct bpf_crypto_type bpf_crypto_shash_type = {
> +	.alloc_tfm	= bpf_crypto_shash_alloc_tfm,
> +	.free_tfm	= bpf_crypto_shash_free_tfm,
> +	.has_algo	= bpf_crypto_shash_has_algo,
> +	.hash		= bpf_crypto_shash_hash,
> +	.digestsize	= bpf_crypto_shash_digestsize,
> +	.get_flags	= bpf_crypto_shash_get_flags,
> +	.owner		= THIS_MODULE,
> +	.name		= "hash",
> +};

The bpf_crypto_type implementation leaves several function pointers as
NULL (setkey, setauthsize, encrypt, decrypt, ivsize, statesize), which is
appropriate for plain hash algorithms. However, this creates an interface
contract mismatch with bpf_crypto_ctx_create() in kernel/bpf/crypto.c.

Looking at the caller bpf_crypto_ctx_create():

  Line 174-177:
    if (!params->key_len || params->key_len > sizeof(params->key)) {
        *err = -EINVAL;
        goto err_module_put;
    }

Can hash contexts be created? This check requires key_len to be non-zero,
but plain hash algorithms like SHA256 don't use keys. This prevents
creating hash contexts entirely.

  Line 186-189:
    ctx->tfm = type->alloc_tfm(params->algo);
    if (IS_ERR(ctx->tfm)) {
        *err = PTR_ERR(ctx->tfm);
        goto err_free_tfm;

Can bpf_crypto_shash_free_tfm handle ERR_PTR? When alloc_tfm fails and
returns ERR_PTR, the code stores it in ctx->tfm then jumps to err_free_tfm
which calls type->free_tfm(ctx->tfm). In bpf_crypto_shash_free_tfm(), the
code dereferences ctx->tfm without checking for ERR_PTR, which will crash:

    static void bpf_crypto_shash_free_tfm(void *tfm)
    {
        struct bpf_shash_ctx *ctx = tfm;
        crypto_free_shash(ctx->tfm);  /* dereferences ctx */
        kfree(ctx);
    }

  Line 198:
    *err = type->setkey(ctx->tfm, params->key, params->key_len);

Does this dereference NULL? The hash implementation doesn't provide setkey
(it's NULL in bpf_crypto_shash_type), but this line calls it
unconditionally.

  Line 207:
    ctx->siv_len = type->ivsize(ctx->tfm) + type->statesize(ctx->tfm);

Do these dereference NULL? The hash implementation doesn't provide ivsize
or statesize (both NULL), but this line calls them unconditionally.

Note: These issues are fixed in commit 14cc32f873e0 ("bpf: Add SHA hash
kfunc for cryptographic hashing") which makes the setkey, ivsize, and
statesize calls conditional, and fixes the ERR_PTR handling by changing
the error path from "goto err_free_tfm" to "goto err_free_ctx".

AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md

In-Reply-To-Subject: crypto: Add BPF hash algorithm type registration module
CI run summary: https://github.com/kernel-patches/bpf/actions/runs/20015426139

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 8, 2025

Forwarding comment 3624446358 via email
In-Reply-To: [email protected]
Patch: https://patchwork.kernel.org/project/netdevbpf/patch/[email protected]/

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 10, 2025

Upstream branch: 5d9fb42
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1031239
version: 3

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 10, 2025

Upstream branch: c93c124
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1031239
version: 3

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 10, 2025

Upstream branch: 759377d
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1031239
version: 3

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 13, 2025

Upstream branch: 759377d
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1031239
version: 3

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 14, 2025

Upstream branch: 6f0b824
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1031239
version: 3

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 16, 2025

Upstream branch: e7a0adb
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1031239
version: 3

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 17, 2025

Upstream branch: ec439c3
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1031239
version: 3

@hodgesds
bpf: Extend bpf_crypto_type with hash operations
335f80e 
Add hash operation callbacks to bpf_crypto_type structure:
 - hash(): Performs hashing operation on input data
 - digestsize(): Returns the output size for the hash algorithm

These additions enable BPF programs to use cryptographic hash functions
through the unified bpf_crypto_type interface, supporting use cases such
as content verification, integrity checking, and data authentication.

Signed-off-by: Daniel Hodges <[email protected]>
@hodgesds
crypto: Add BPF hash algorithm type registration module
ec27a1a 
Add bpf_crypto_shash module that registers a hash type with the BPF
crypto infrastructure, enabling BPF programs to access kernel hash
algorithms through a unified interface.

Update the bpf_crypto_type interface with hash-specific callbacks:
   - alloc_tfm: Allocates crypto_shash context with proper descriptor size
   - free_tfm: Releases hash transform and context memory
   - has_algo: Checks algorithm availability via crypto_has_shash()
   - hash: Performs single-shot hashing via crypto_shash_digest()
   - digestsize: Returns the output size for the hash algorithm
   - get_flags: Exposes transform flags to BPF programs

Update bpf_shash_ctx to contain crypto_shash transform and shash_desc
descriptor to accommodate algorithm-specific descriptor requirements.

Signed-off-by: Daniel Hodges <[email protected]>
@hodgesds
bpf: Add SHA hash kfunc for cryptographic hashing
33c7f40 
Extend bpf_crypto_type structure with hash operations:
 - hash(): Performs hashing operation
 - digestsize(): Returns hash output size

Update bpf_crypto_ctx_create() to support keyless operations:
 - Hash algorithms don't require keys, unlike ciphers
 - Only validates key presence if type->setkey is defined
 - Conditionally sets IV/state length for cipher operations only

Add bpf_crypto_hash() kfunc that works with any hash algorithm
registered in the kernel's crypto API through the BPF crypto type
system. This enables BPF programs to compute cryptographic hashes for
use cases such as content verification, integrity checking, and data
authentication.

Signed-off-by: Daniel Hodges <[email protected]>
Acked-by: Mykyta Yatsenko <[email protected]>
@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 17, 2025

Upstream branch: ec439c3
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1031239
version: 3

@hodgesds
selftests/bpf: Add tests for bpf_crypto_hash kfunc
a84597b 
Add selftests to validate the bpf_crypto_hash works properly. The tests
verify both correct functionality and proper error handling.

Test Data:
All tests use the well-known NIST test vector input "abc" and validate
against the standardized expected outputs for each algorithm. This ensures
the BPF kfunc wrappers correctly delegate to the kernel crypto library.

Signed-off-by: Daniel Hodges <[email protected]>
@hodgesds
bpf: Add ECDSA signature verification kfuncs
8290fd2 
Add context-based ECDSA signature verification kfuncs:
- bpf_ecdsa_ctx_create(): Creates reusable ECDSA context with public key
- bpf_ecdsa_verify(): Verifies signatures using the context
- bpf_ecdsa_ctx_acquire(): Increments context reference count
- bpf_ecdsa_ctx_release(): Releases context with RCU safety

The ECDSA implementation supports NIST curves (P-256, P-384, P-521) and
uses the kernel's crypto_sig API. Public keys must be in uncompressed
format (0x04 || x || y), and signatures are in r || s format.

Signed-off-by: Daniel Hodges <[email protected]>
@hodgesds
selftests/bpf: Add tests for ECDSA signature verification kfuncs
e0cafd2 
Add selftests to validate the ECDSA signature verification kfuncs
introduced in the BPF crypto subsystem. The tests verify both valid
signature acceptance and invalid signature rejection using the
context-based ECDSA API.

The tests use RFC 6979 test vectors for NIST P-256 (secp256r1) with
well-known valid signatures. The algorithm "p1363(ecdsa-nist-p256)"
is used to handle standard r||s signature format.

Signed-off-by: Daniel Hodges <[email protected]>
@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 18, 2025

At least one diff in series https://patchwork.kernel.org/project/netdevbpf/list/?series=1031239 expired. Closing PR.

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot deleted the series/1031239=>bpf-next branch December 21, 2025 01:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bpf-next changes-requested V3-ci-fail V3

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@hodgesds