Make the warning intervals for deprecated crypto algorithms tunable.

New sysctl/tunables can now set the interval (in seconds) between rate-limited crypto warnings. The new sysctls are: - kern.cryptodev_warn_interval for /dev/crypto - net.inet.ipsec.crypto_warn_interval for IPsec - kern.kgssapi_warn_interval for KGSSAPI Reviewed by: cem MFC after: 1 month Relnotes: yes Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D20555
2019-06-11 23:00:55 +00:00 · 2019-06-11 23:00:55 +00:00 · 0f70218343
commit 0f70218343
parent 574b98cbd9
14 changed files with 104 additions and 17 deletions
--- a/share/man/man9/Makefile
+++ b/share/man/man9/Makefile
@ -1996,6 +1996,7 @@ MLINKS+=sysctl.9 SYSCTL_DECL.9 \
 	sysctl.9 SYSCTL_ADD_S64.9 \
 	sysctl.9 SYSCTL_ADD_STRING.9 \
 	sysctl.9 SYSCTL_ADD_STRUCT.9 \
+	sysctl.9 SYSCTL_ADD_TIMEVAL_SEC.9 \
 	sysctl.9 SYSCTL_ADD_U8.9 \
 	sysctl.9 SYSCTL_ADD_U16.9 \
 	sysctl.9 SYSCTL_ADD_U32.9 \
@ -2024,6 +2025,7 @@ MLINKS+=sysctl.9 SYSCTL_DECL.9 \
 	sysctl.9 SYSCTL_S64.9 \
 	sysctl.9 SYSCTL_STRING.9 \
 	sysctl.9 SYSCTL_STRUCT.9 \
+	sysctl.9 SYSCTL_TIMEVAL_SEC.9 \
 	sysctl.9 SYSCTL_U8.9 \
 	sysctl.9 SYSCTL_U16.9 \
 	sysctl.9 SYSCTL_U32.9 \
--- a/share/man/man9/sysctl.9
+++ b/share/man/man9/sysctl.9
@ -50,6 +50,7 @@
 .Nm SYSCTL_ADD_STRING ,
 .Nm SYSCTL_ADD_CONST_STRING ,
 .Nm SYSCTL_ADD_STRUCT ,
+.Nm SYSCTL_ADD_TIMEVAL_SEC ,
 .Nm SYSCTL_ADD_U8 ,
 .Nm SYSCTL_ADD_U16 ,
 .Nm SYSCTL_ADD_U32 ,
@ -86,6 +87,7 @@
 .Nm SYSCTL_STRING ,
 .Nm SYSCTL_CONST_STRING ,
 .Nm SYSCTL_STRUCT ,
+.Nm SYSCTL_TIMEVAL_SEC ,
 .Nm SYSCTL_U8 ,
 .Nm SYSCTL_U16 ,
 .Nm SYSCTL_U32 ,
@ -315,6 +317,16 @@
 .Fa "const char *descr"
 .Fc
 .Ft struct sysctl_oid *
+.Fo SYSCTL_ADD_TIMEVAL_SEC
+.Fa "struct sysctl_ctx_list *ctx"
+.Fa "struct sysctl_oid_list *parent"
+.Fa "int number"
+.Fa "const char *name"
+.Fa "int ctlflags"
+.Fa "struct timeval *ptr"
+.Fa "const char *descr"
+.Fc
+.Ft struct sysctl_oid *
 .Fo SYSCTL_ADD_U8
 .Fa "struct sysctl_ctx_list *ctx"
 .Fa "struct sysctl_oid_list *parent"
@ -460,6 +472,7 @@
 .Fn SYSCTL_STRING parent number name ctlflags arg len descr
 .Fn SYSCTL_CONST_STRING parent number name ctlflags arg descr
 .Fn SYSCTL_STRUCT parent number name ctlflags ptr struct_type descr
+.Fn SYSCTL_TIMEVAL_SEC parent number name ctlflags ptr descr
 .Fn SYSCTL_U8 parent number name ctlflags ptr val descr
 .Fn SYSCTL_U16 parent number name ctlflags ptr val descr
 .Fn SYSCTL_U32 parent number name ctlflags ptr val descr
@ -649,6 +662,21 @@ macros all create nodes which export an in-kernel variable of type
 These nodes do not export the raw value of the associated variable.
 Instead, they export a 64-bit integer containing a count of either
 milliseconds (the MSEC variants) or microseconds (the USEC variants).
+.Pp
+The
+.Fn SYSCTL_ADD_TIMEVAL_SEC
+function and
+.Fn SYSCTL_TIMEVAL_SEC
+macro create nodes which export an in-kernel variable of type
+.Vt struct timeval .
+These nodes do not export full value of the associated structure.
+Instead, they export a count in seconds as a simple integer which is
+stored in the
+.Fa tv_sec
+field of the associated variable.
+This function and macro are intended to be used with variables which
+store a non-negative interval rather than an absolute time.
+As a result, they reject attempts to store negative values.
 .Sh CREATING ROOT NODES
 Sysctl MIBs or OIDs are created in a hierarchical tree.
 The nodes at the bottom of the tree are called root nodes, and have no
@ -731,6 +759,7 @@ Static sysctls are declared using one of the
 .Fn SYSCTL_STRING ,
 .Fn SYSCTL_CONST_STRING ,
 .Fn SYSCTL_STRUCT ,
+.Fn SYSCTL_TIMEVAL_SEC ,
 .Fn SYSCTL_U8 ,
 .Fn SYSCTL_U16 ,
 .Fn SYSCTL_U32 ,
@ -764,6 +793,7 @@ Dynamic nodes are created using one of the
 .Fn SYSCTL_ADD_STRING ,
 .Fn SYSCTL_ADD_CONST_STRING ,
 .Fn SYSCTL_ADD_STRUCT ,
+.Fn SYSCTL_ADD_TIMEVAL_SEC ,
 .Fn SYSCTL_ADD_U8 ,
 .Fn SYSCTL_ADD_U16 ,
 .Fn SYSCTL_ADD_U32 ,
--- a/sys/kern/kern_sysctl.c
+++ b/sys/kern/kern_sysctl.c
@ -1732,6 +1732,29 @@ sysctl_msec_to_sbintime(SYSCTL_HANDLER_ARGS)
 	return (0);
 }

+/*
+ * Convert seconds to a struct timeval.  Intended for use with
+ * intervals and thus does not permit negative seconds.
+ */
+int
+sysctl_sec_to_timeval(SYSCTL_HANDLER_ARGS)
+{
+	struct timeval *tv;
+	int error, secs;
+
+	tv = arg1;
+	secs = tv->tv_sec;
+
+	error = sysctl_handle_int(oidp, &secs, 0, req);
+	if (error || req->newptr == NULL)
+		return (error);
+
+	if (secs < 0)
+		return (EINVAL);
+	tv->tv_sec = secs;
+
+	return (0);
+}

 /*
 * Transfer functions to/from kernel space.
--- a/sys/kgssapi/krb5/kcrypto.c
+++ b/sys/kgssapi/krb5/kcrypto.c
@ -34,6 +34,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/malloc.h>
 #include <sys/kobj.h>
 #include <sys/mbuf.h>
+#include <sys/sysctl.h>

 #include <kgssapi/gssapi.h>
 #include <kgssapi/gssapi_impl.h>
@ -50,6 +51,11 @@ static struct krb5_encryption_class *krb5_encryption_classes[] = {
 	NULL
 };

+struct timeval krb5_warn_interval = { .tv_sec = 3600, .tv_usec = 0 };
+SYSCTL_TIMEVAL_SEC(_kern, OID_AUTO, kgssapi_warn_interval, CTLFLAG_RW,
+    &krb5_warn_interval,
+    "Delay in seconds between warnings of deprecated KGSSAPI crypto.");
+
 struct krb5_encryption_class *
 krb5_find_encryption_class(int etype)
 {
--- a/sys/kgssapi/krb5/kcrypto.h
+++ b/sys/kgssapi/krb5/kcrypto.h
@ -101,6 +101,7 @@ extern struct krb5_encryption_class krb5_aes128_encryption_class;
 extern struct krb5_encryption_class krb5_aes256_encryption_class;
 extern struct krb5_encryption_class krb5_arcfour_encryption_class;
 extern struct krb5_encryption_class krb5_arcfour_56_encryption_class;
+extern struct timeval krb5_warn_interval;

 static __inline void
 krb5_set_key(struct krb5_key_state *ks, const void *keydata)
--- a/sys/kgssapi/krb5/kcrypto_arcfour.c
+++ b/sys/kgssapi/krb5/kcrypto_arcfour.c
@ -47,10 +47,9 @@ static void
 arcfour_init(struct krb5_key_state *ks)
 {
 	static struct timeval lastwarn;
-	static struct timeval warninterval = { .tv_sec = 3600, .tv_usec = 0 };

 	ks->ks_priv = NULL;
-	if (ratecheck(&lastwarn, &warninterval))
+	if (ratecheck(&lastwarn, &krb5_warn_interval))
 		gone_in(13, "RC4 cipher for Kerberos GSS");
 }

--- a/sys/kgssapi/krb5/kcrypto_des.c
+++ b/sys/kgssapi/krb5/kcrypto_des.c
@ -54,13 +54,12 @@ static void
 des1_init(struct krb5_key_state *ks)
 {
 	static struct timeval lastwarn;
-	static struct timeval warninterval = { .tv_sec = 3600, .tv_usec = 0 };
 	struct des1_state *ds;

 	ds = malloc(sizeof(struct des1_state), M_GSSAPI, M_WAITOK|M_ZERO);
 	mtx_init(&ds->ds_lock, "gss des lock", NULL, MTX_DEF);
 	ks->ks_priv = ds;
-	if (ratecheck(&lastwarn, &warninterval))
+	if (ratecheck(&lastwarn, &krb5_warn_interval))
 		gone_in(13, "DES cipher for Kerberos GSS");
 }

--- a/sys/kgssapi/krb5/kcrypto_des3.c
+++ b/sys/kgssapi/krb5/kcrypto_des3.c
@ -55,13 +55,12 @@ static void
 des3_init(struct krb5_key_state *ks)
 {
 	static struct timeval lastwarn;
-	static struct timeval warninterval = { .tv_sec = 3600, .tv_usec = 0 };
 	struct des3_state *ds;

 	ds = malloc(sizeof(struct des3_state), M_GSSAPI, M_WAITOK|M_ZERO);
 	mtx_init(&ds->ds_lock, "gss des3 lock", NULL, MTX_DEF);
 	ks->ks_priv = ds;
-	if (ratecheck(&lastwarn, &warninterval))
+	if (ratecheck(&lastwarn, &krb5_warn_interval))
 		gone_in(13, "DES3 cipher for Kerberos GSS");
 }

--- a/sys/netipsec/ipsec.c
+++ b/sys/netipsec/ipsec.c
@ -216,6 +216,11 @@ SYSCTL_INT(_net_inet_ipsec, OID_AUTO, filtertunnel,
 SYSCTL_VNET_PCPUSTAT(_net_inet_ipsec, OID_AUTO, ipsecstats, struct ipsecstat,
    ipsec4stat, "IPsec IPv4 statistics.");

+struct timeval ipsec_warn_interval = { .tv_sec = 1, .tv_usec = 0 };
+SYSCTL_TIMEVAL_SEC(_net_inet_ipsec, OID_AUTO, crypto_warn_interval, CTLFLAG_RW,
+    &ipsec_warn_interval,
+    "Delay in seconds between warnings of deprecated IPsec crypto algorithms.");
+
 #ifdef REGRESSION
 /*
 * When set to 1, IPsec will send packets with the same sequence number.
--- a/sys/netipsec/ipsec.h
+++ b/sys/netipsec/ipsec.h
@ -287,6 +287,8 @@ VNET_DECLARE(int, crypto_support);
 VNET_DECLARE(int, async_crypto);
 VNET_DECLARE(int, natt_cksum_policy);

+extern struct timeval ipsec_warn_interval;
+
 #define	IPSECSTAT_INC(name)	\
    VNET_PCPUSTAT_ADD(struct ipsecstat, ipsec4stat, name, 1)
 #define	V_ip4_esp_trans_deflev	VNET(ip4_esp_trans_deflev)
--- a/sys/netipsec/xform_ah.c
+++ b/sys/netipsec/xform_ah.c
@ -109,7 +109,6 @@ SYSCTL_VNET_PCPUSTAT(_net_inet_ah, IPSECCTL_STATS, stats, struct ahstat,

 static unsigned char ipseczeroes[256];	/* larger than an ip6 extension hdr */
 static struct timeval md5warn, ripewarn, kpdkmd5warn, kpdksha1warn;
-static struct timeval warninterval = { .tv_sec = 1, .tv_usec = 0 };

 static int ah_input_cb(struct cryptop*);
 static int ah_output_cb(struct cryptop*);
@ -189,19 +188,19 @@ ah_init0(struct secasvar *sav, struct xformsw *xsp, struct cryptoini *cria)

 	switch (sav->alg_auth) {
 	case SADB_AALG_MD5HMAC:
-		if (ratecheck(&md5warn, &warninterval))
+		if (ratecheck(&md5warn, &ipsec_warn_interval))
 			gone_in(13, "MD5-HMAC authenticator for IPsec");
 		break;
 	case SADB_X_AALG_RIPEMD160HMAC:
-		if (ratecheck(&ripewarn, &warninterval))
+		if (ratecheck(&ripewarn, &ipsec_warn_interval))
 			gone_in(13, "RIPEMD160-HMAC authenticator for IPsec");
 		break;
 	case SADB_X_AALG_MD5:
-		if (ratecheck(&kpdkmd5warn, &warninterval))
+		if (ratecheck(&kpdkmd5warn, &ipsec_warn_interval))
 			gone_in(13, "Keyed-MD5 authenticator for IPsec");
 		break;
 	case SADB_X_AALG_SHA:
-		if (ratecheck(&kpdksha1warn, &warninterval))
+		if (ratecheck(&kpdksha1warn, &ipsec_warn_interval))
 			gone_in(13, "Keyed-SHA1 authenticator for IPsec");
 		break;
 	}
--- a/sys/netipsec/xform_esp.c
+++ b/sys/netipsec/xform_esp.c
@ -95,7 +95,6 @@ SYSCTL_VNET_PCPUSTAT(_net_inet_esp, IPSECCTL_STATS, stats,
    "ESP statistics (struct espstat, netipsec/esp_var.h");

 static struct timeval deswarn, blfwarn, castwarn, camelliawarn;
-static struct timeval warninterval = { .tv_sec = 1, .tv_usec = 0 };

 static int esp_input_cb(struct cryptop *op);
 static int esp_output_cb(struct cryptop *crp);
@ -162,19 +161,19 @@ esp_init(struct secasvar *sav, struct xformsw *xsp)

 	switch (sav->alg_enc) {
 	case SADB_EALG_DESCBC:
-		if (ratecheck(&deswarn, &warninterval))
+		if (ratecheck(&deswarn, &ipsec_warn_interval))
 			gone_in(13, "DES cipher for IPsec");
 		break;
 	case SADB_X_EALG_BLOWFISHCBC:
-		if (ratecheck(&blfwarn, &warninterval))
+		if (ratecheck(&blfwarn, &ipsec_warn_interval))
 			gone_in(13, "Blowfish cipher for IPsec");
 		break;
 	case SADB_X_EALG_CAST128CBC:
-		if (ratecheck(&castwarn, &warninterval))
+		if (ratecheck(&castwarn, &ipsec_warn_interval))
 			gone_in(13, "CAST cipher for IPsec");
 		break;
 	case SADB_X_EALG_CAMELLIACBC:
-		if (ratecheck(&camelliawarn, &warninterval))
+		if (ratecheck(&camelliawarn, &ipsec_warn_interval))
 			gone_in(13, "Camellia cipher for IPsec");
 		break;
 	}
--- a/sys/opencrypto/cryptodev.c
+++ b/sys/opencrypto/cryptodev.c
@ -146,6 +146,11 @@ struct cryptostats32 {
 #define	CIOCGSESSION232	_IOWR('c', 106, struct session2_op32)
 #define	CIOCKEY232	_IOWR('c', 107, struct crypt_kop32)

+static struct timeval warninterval = { .tv_sec = 60, .tv_usec = 0 };
+SYSCTL_TIMEVAL_SEC(_kern, OID_AUTO, cryptodev_warn_interval, CTLFLAG_RW,
+    &warninterval,
+    "Delay in seconds between warnings of deprecated /dev/crypto algorithms");
+
 static void
 session_op_from_32(const struct session_op32 *from, struct session_op *to)
 {
@ -388,7 +393,6 @@ cryptof_ioctl(
 #endif
 	static struct timeval arc4warn, blfwarn, castwarn, deswarn, md5warn;
 	static struct timeval skipwarn, tdeswarn;
-	static struct timeval warninterval = { .tv_sec = 60, .tv_usec = 0 };

 	switch (cmd) {
 	case CIOCGSESSION:
--- a/sys/sys/sysctl.h
+++ b/sys/sys/sysctl.h
@ -218,6 +218,7 @@ int sysctl_handle_uma_zone_cur(SYSCTL_HANDLER_ARGS);

 int sysctl_msec_to_sbintime(SYSCTL_HANDLER_ARGS);
 int sysctl_usec_to_sbintime(SYSCTL_HANDLER_ARGS);
+int sysctl_sec_to_timeval(SYSCTL_HANDLER_ARGS);

 int sysctl_dpcpu_int(SYSCTL_HANDLER_ARGS);
 int sysctl_dpcpu_long(SYSCTL_HANDLER_ARGS);
@ -857,6 +858,24 @@ TAILQ_HEAD(sysctl_ctx_list, sysctl_ctx_entry);
 	    NULL);							\
 })

+/* OID expressing a struct timeval as seconds */
+#define	SYSCTL_TIMEVAL_SEC(parent, nbr, name, access, ptr, descr)	\
+	SYSCTL_OID(parent, nbr, name,					\
+	    CTLTYPE_INT | CTLFLAG_MPSAFE | CTLFLAG_RD | (access),	\
+	    (ptr), 0, sysctl_sec_to_timeval, "I", descr);		\
+	CTASSERT(((access) & CTLTYPE) == 0 ||				\
+	    ((access) & SYSCTL_CT_ASSERT_MASK) == CTLTYPE_INT)
+#define	SYSCTL_ADD_TIMEVAL_SEC(ctx, parent, nbr, name, access, ptr, descr) \
+({									\
+	struct timeval *__ptr = (ptr);					\
+	CTASSERT(((access) & CTLTYPE) == 0 ||				\
+	    ((access) & SYSCTL_CT_ASSERT_MASK) == CTLTYPE_INT);		\
+	sysctl_add_oid(ctx, parent, nbr, name,				\
+	    CTLTYPE_INT | CTLFLAG_MPSAFE | CTLFLAG_RD | (access),	\
+	    __ptr, 0, sysctl_sec_to_timeval, "I", __DESCR(descr),	\
+	    NULL);							\
+})
+
 /*
 * A macro to generate a read-only sysctl to indicate the presence of optional
 * kernel features.