From 31ba6dd2298fd9c49ecf66200103b1e88055f7a0 Mon Sep 17 00:00:00 2001 From: Gaosheng Cui Date: Mon, 19 Jun 2023 21:24:24 +0800 Subject: KEYS: fix kernel-doc warnings in verify_pefile Fix kernel-doc warnings in verify_pefile: crypto/asymmetric_keys/verify_pefile.c:423: warning: Excess function parameter 'trust_keys' description in 'verify_pefile_signature' crypto/asymmetric_keys/verify_pefile.c:423: warning: Function parameter or member 'trusted_keys' not described in 'verify_pefile_signature' Signed-off-by: Gaosheng Cui Signed-off-by: Herbert Xu --- crypto/asymmetric_keys/verify_pefile.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'crypto') diff --git a/crypto/asymmetric_keys/verify_pefile.c b/crypto/asymmetric_keys/verify_pefile.c index 22beaf2213a2..f440767bd727 100644 --- a/crypto/asymmetric_keys/verify_pefile.c +++ b/crypto/asymmetric_keys/verify_pefile.c @@ -391,7 +391,7 @@ error_no_desc: * verify_pefile_signature - Verify the signature on a PE binary image * @pebuf: Buffer containing the PE binary image * @pelen: Length of the binary image - * @trust_keys: Signing certificate(s) to use as starting points + * @trusted_keys: Signing certificate(s) to use as starting points * @usage: The use to which the key is being put. * * Validate that the certificate chain inside the PKCS#7 message inside the PE -- cgit v1.2.3 From babb80b3ecc6f40c962e13c654ebcd27f25ee327 Mon Sep 17 00:00:00 2001 From: Azeem Shaikh Date: Tue, 20 Jun 2023 20:08:32 +0000 Subject: crypto: lrw,xts - Replace strlcpy with strscpy strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This is both inefficient and can lead to linear read overflows if a source string is not NUL-terminated [1]. In an effort to remove strlcpy() completely [2], replace strlcpy() here with strscpy(). Direct replacement is safe here since return value of -errno is used to check for truncation instead of sizeof(dest). [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy [2] https://github.com/KSPP/linux/issues/89 Signed-off-by: Azeem Shaikh Reviewed-by: Kees Cook Signed-off-by: Herbert Xu --- crypto/lrw.c | 6 +++--- crypto/xts.c | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'crypto') diff --git a/crypto/lrw.c b/crypto/lrw.c index 1b0f76ba3eb5..59260aefed28 100644 --- a/crypto/lrw.c +++ b/crypto/lrw.c @@ -357,10 +357,10 @@ static int lrw_create(struct crypto_template *tmpl, struct rtattr **tb) * cipher name. */ if (!strncmp(cipher_name, "ecb(", 4)) { - unsigned len; + int len; - len = strlcpy(ecb_name, cipher_name + 4, sizeof(ecb_name)); - if (len < 2 || len >= sizeof(ecb_name)) + len = strscpy(ecb_name, cipher_name + 4, sizeof(ecb_name)); + if (len < 2) goto err_free_inst; if (ecb_name[len - 1] != ')') diff --git a/crypto/xts.c b/crypto/xts.c index 09be909a6a1a..548b302c6c6a 100644 --- a/crypto/xts.c +++ b/crypto/xts.c @@ -396,10 +396,10 @@ static int xts_create(struct crypto_template *tmpl, struct rtattr **tb) * cipher name. */ if (!strncmp(cipher_name, "ecb(", 4)) { - unsigned len; + int len; - len = strlcpy(ctx->name, cipher_name + 4, sizeof(ctx->name)); - if (len < 2 || len >= sizeof(ctx->name)) + len = strscpy(ctx->name, cipher_name + 4, sizeof(ctx->name)); + if (len < 2) goto err_free_inst; if (ctx->name[len - 1] != ')') -- cgit v1.2.3 From 20508b751b4bef2cda999fe0268071b0fc335ac7 Mon Sep 17 00:00:00 2001 From: Jiapeng Chong Date: Fri, 30 Jun 2023 15:54:24 +0800 Subject: crypto: sig - Remove some unused functions These functions are defined in the sig.c file, but not called elsewhere, so delete these unused functions. crypto/sig.c:24:34: warning: unused function '__crypto_sig_tfm'. Reported-by: Abaci Robot Closes: https://bugzilla.openanolis.cn/show_bug.cgi?id=5701 Signed-off-by: Jiapeng Chong Signed-off-by: Herbert Xu --- crypto/sig.c | 5 ----- 1 file changed, 5 deletions(-) (limited to 'crypto') diff --git a/crypto/sig.c b/crypto/sig.c index b48c18ec65cd..224c47019297 100644 --- a/crypto/sig.c +++ b/crypto/sig.c @@ -21,11 +21,6 @@ static const struct crypto_type crypto_sig_type; -static inline struct crypto_sig *__crypto_sig_tfm(struct crypto_tfm *tfm) -{ - return container_of(tfm, struct crypto_sig, base); -} - static int crypto_sig_init_tfm(struct crypto_tfm *tfm) { if (tfm->__crt_alg->cra_type != &crypto_sig_type) -- cgit v1.2.3 From 9f3fa6bc4ff8515da1349c44a77e7327bd2f4788 Mon Sep 17 00:00:00 2001 From: Mahmoud Adam Date: Mon, 17 Jul 2023 12:55:09 +0000 Subject: KEYS: use kfree_sensitive with key key might contain private part of the key, so better use kfree_sensitive to free it Signed-off-by: Mahmoud Adam Signed-off-by: Herbert Xu --- crypto/asymmetric_keys/public_key.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'crypto') diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c index 773e159dbbcb..abeecb8329b3 100644 --- a/crypto/asymmetric_keys/public_key.c +++ b/crypto/asymmetric_keys/public_key.c @@ -42,7 +42,7 @@ static void public_key_describe(const struct key *asymmetric_key, void public_key_free(struct public_key *key) { if (key) { - kfree(key->key); + kfree_sensitive(key->key); kfree(key->params); kfree(key); } @@ -263,7 +263,7 @@ error_free_tfm: else crypto_free_akcipher(tfm); error_free_key: - kfree(key); + kfree_sensitive(key); pr_devel("<==%s() = %d\n", __func__, ret); return ret; } @@ -369,7 +369,7 @@ error_free_tfm: else crypto_free_akcipher(tfm); error_free_key: - kfree(key); + kfree_sensitive(key); pr_devel("<==%s() = %d\n", __func__, ret); return ret; } @@ -441,7 +441,7 @@ int public_key_verify_signature(const struct public_key *pkey, sig->digest, sig->digest_size); error_free_key: - kfree(key); + kfree_sensitive(key); error_free_tfm: crypto_free_sig(tfm); pr_devel("<==%s() = %d\n", __func__, ret); -- cgit v1.2.3 From 6a4b8aa0a916b39a39175584c07222434fa6c6ef Mon Sep 17 00:00:00 2001 From: David Howells Date: Wed, 26 Jul 2023 22:53:19 +0100 Subject: crypto: af_alg - Fix missing initialisation affecting gcm-aes-s390 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fix af_alg_alloc_areq() to initialise areq->first_rsgl.sgl.sgt.sgl to point to the scatterlist array in areq->first_rsgl.sgl.sgl. Without this, the gcm-aes-s390 driver will oops when it tries to do gcm_walk_start() on req->dst because req->dst is set to the value of areq->first_rsgl.sgl.sgl by _aead_recvmsg() calling aead_request_set_crypt(). The problem comes if an empty ciphertext is passed: the loop in af_alg_get_rsgl() just passes straight out and doesn't set areq->first_rsgl up. This isn't a problem on x86_64 using gcmaes_crypt_by_sg() because, as far as I can tell, that ignores req->dst and only uses req->src[*]. [*] Is this a bug in aesni-intel_glue.c? The s390x oops looks something like: Unable to handle kernel pointer dereference in virtual kernel address space Failing address: 0000000a00000000 TEID: 0000000a00000803 Fault in home space mode while using kernel ASCE. AS:00000000a43a0007 R3:0000000000000024 Oops: 003b ilc:2 [#1] SMP ... Call Trace: [<000003ff7fc3d47e>] gcm_walk_start+0x16/0x28 [aes_s390] [<00000000a2a342f2>] crypto_aead_decrypt+0x9a/0xb8 [<00000000a2a60888>] aead_recvmsg+0x478/0x698 [<00000000a2e519a0>] sock_recvmsg+0x70/0xb0 [<00000000a2e51a56>] sock_read_iter+0x76/0xa0 [<00000000a273e066>] vfs_read+0x26e/0x2a8 [<00000000a273e8c4>] ksys_read+0xbc/0x100 [<00000000a311d808>] __do_syscall+0x1d0/0x1f8 [<00000000a312ff30>] system_call+0x70/0x98 Last Breaking-Event-Address: [<000003ff7fc3e6b4>] gcm_aes_crypt+0x104/0xa68 [aes_s390] Fixes: c1abe6f570af ("crypto: af_alg: Use extract_iter_to_sg() to create scatterlists") Reported-by: Ondrej Mosnáček Link: https://lore.kernel.org/r/CAAUqJDuRkHE8fPgZJGaKjUjd3QfGwzfumuJBmStPqBhubxyk_A@mail.gmail.com/ Signed-off-by: David Howells cc: Herbert Xu cc: Sven Schnelle cc: Harald Freudenberger cc: "David S. Miller" cc: Paolo Abeni cc: linux-crypto@vger.kernel.org cc: linux-s390@vger.kernel.org cc: regressions@lists.linux.dev Tested-by: Sven Schnelle Tested-by: Ondrej Mosnáček Signed-off-by: Herbert Xu --- crypto/af_alg.c | 1 + 1 file changed, 1 insertion(+) (limited to 'crypto') diff --git a/crypto/af_alg.c b/crypto/af_alg.c index 06b15b9f661c..9ee8575d3b1a 100644 --- a/crypto/af_alg.c +++ b/crypto/af_alg.c @@ -1192,6 +1192,7 @@ struct af_alg_async_req *af_alg_alloc_areq(struct sock *sk, areq->areqlen = areqlen; areq->sk = sk; + areq->first_rsgl.sgl.sgt.sgl = areq->first_rsgl.sgl.sgl; areq->last_rsgl = NULL; INIT_LIST_HEAD(&areq->rsgl_list); areq->tsgl = NULL; -- cgit v1.2.3 From 6b4b53ca0b7300ba2af98a49dbce22054bf034fe Mon Sep 17 00:00:00 2001 From: Frederick Lawler Date: Tue, 1 Aug 2023 08:57:09 -0500 Subject: crypto: af_alg - Decrement struct key.usage in alg_set_by_key_serial() Calls to lookup_user_key() require a corresponding key_put() to decrement the usage counter. Once it reaches zero, we schedule key GC. Therefore decrement struct key.usage in alg_set_by_key_serial(). Fixes: 7984ceb134bf ("crypto: af_alg - Support symmetric encryption via keyring keys") Cc: Signed-off-by: Frederick Lawler Signed-off-by: Herbert Xu --- crypto/af_alg.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'crypto') diff --git a/crypto/af_alg.c b/crypto/af_alg.c index 9ee8575d3b1a..e9969dc0e83c 100644 --- a/crypto/af_alg.c +++ b/crypto/af_alg.c @@ -320,18 +320,21 @@ static int alg_setkey_by_key_serial(struct alg_sock *ask, sockptr_t optval, if (IS_ERR(ret)) { up_read(&key->sem); + key_put(key); return PTR_ERR(ret); } key_data = sock_kmalloc(&ask->sk, key_datalen, GFP_KERNEL); if (!key_data) { up_read(&key->sem); + key_put(key); return -ENOMEM; } memcpy(key_data, ret, key_datalen); up_read(&key->sem); + key_put(key); err = type->setkey(ask->private, key_data, key_datalen); -- cgit v1.2.3 From 9ae4577bc077a7e32c3c7d442c95bc76865c0f17 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Thu, 3 Aug 2023 17:59:28 +0800 Subject: crypto: api - Use work queue in crypto_destroy_instance The function crypto_drop_spawn expects to be called in process context. However, when an instance is unregistered while it still has active users, the last user may cause the instance to be freed in atomic context. Fix this by delaying the freeing to a work queue. Fixes: 6bfd48096ff8 ("[CRYPTO] api: Added spawns") Reported-by: Florent Revest Reported-by: syzbot+d769eed29cc42d75e2a3@syzkaller.appspotmail.com Reported-by: syzbot+610ec0671f51e838436e@syzkaller.appspotmail.com Signed-off-by: Herbert Xu Tested-by: Florent Revest Acked-by: Florent Revest Signed-off-by: Herbert Xu --- crypto/algapi.c | 16 ++++++++++++++-- include/crypto/algapi.h | 3 +++ 2 files changed, 17 insertions(+), 2 deletions(-) (limited to 'crypto') diff --git a/crypto/algapi.c b/crypto/algapi.c index 5e7cd603d489..4fe95c448047 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -17,6 +17,7 @@ #include #include #include +#include #include "internal.h" @@ -74,15 +75,26 @@ static void crypto_free_instance(struct crypto_instance *inst) inst->alg.cra_type->free(inst); } -static void crypto_destroy_instance(struct crypto_alg *alg) +static void crypto_destroy_instance_workfn(struct work_struct *w) { - struct crypto_instance *inst = (void *)alg; + struct crypto_instance *inst = container_of(w, struct crypto_instance, + free_work); struct crypto_template *tmpl = inst->tmpl; crypto_free_instance(inst); crypto_tmpl_put(tmpl); } +static void crypto_destroy_instance(struct crypto_alg *alg) +{ + struct crypto_instance *inst = container_of(alg, + struct crypto_instance, + alg); + + INIT_WORK(&inst->free_work, crypto_destroy_instance_workfn); + schedule_work(&inst->free_work); +} + /* * This function adds a spawn to the list secondary_spawns which * will be used at the end of crypto_remove_spawns to unregister diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h index 6156161b181f..ca86f4c6ba43 100644 --- a/include/crypto/algapi.h +++ b/include/crypto/algapi.h @@ -12,6 +12,7 @@ #include #include #include +#include /* * Maximum values for blocksize and alignmask, used to allocate @@ -82,6 +83,8 @@ struct crypto_instance { struct crypto_spawn *spawns; }; + struct work_struct free_work; + void *__ctx[] CRYPTO_MINALIGN_ATTR; }; -- cgit v1.2.3 From 91cb1e1432b3d873a0c8831d0dd8022db98ac8b8 Mon Sep 17 00:00:00 2001 From: Joachim Vandersmissen Date: Sun, 6 Aug 2023 14:19:03 -0500 Subject: crypto: jitter - Add clarifying comments to Jitter Entropy RCT cutoff values The RCT cutoff values are correct, but they don't exactly match the ones one would expect when computing them using the formula in SP800-90B. This discrepancy is due to the fact that the Jitter Entropy RCT starts at 1. To avoid any confusion by future reviewers, add some comments and explicitly subtract 1 from the "correct" cutoff values in the definitions. Signed-off-by: Joachim Vandersmissen Reviewed-by: Stephan Mueller Signed-off-by: Herbert Xu --- crypto/jitterentropy.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'crypto') diff --git a/crypto/jitterentropy.c b/crypto/jitterentropy.c index c7d7f2caa779..fe9c233ec769 100644 --- a/crypto/jitterentropy.c +++ b/crypto/jitterentropy.c @@ -89,10 +89,14 @@ struct rand_data { unsigned int rct_count; /* Number of stuck values */ /* Intermittent health test failure threshold of 2^-30 */ -#define JENT_RCT_CUTOFF 30 /* Taken from SP800-90B sec 4.4.1 */ -#define JENT_APT_CUTOFF 325 /* Taken from SP800-90B sec 4.4.2 */ + /* From an SP800-90B perspective, this RCT cutoff value is equal to 31. */ + /* However, our RCT implementation starts at 1, so we subtract 1 here. */ +#define JENT_RCT_CUTOFF (31 - 1) /* Taken from SP800-90B sec 4.4.1 */ +#define JENT_APT_CUTOFF 325 /* Taken from SP800-90B sec 4.4.2 */ /* Permanent health test failure threshold of 2^-60 */ -#define JENT_RCT_CUTOFF_PERMANENT 60 + /* From an SP800-90B perspective, this RCT cutoff value is equal to 61. */ + /* However, our RCT implementation starts at 1, so we subtract 1 here. */ +#define JENT_RCT_CUTOFF_PERMANENT (61 - 1) #define JENT_APT_CUTOFF_PERMANENT 355 #define JENT_APT_WINDOW_SIZE 512 /* Data window size */ /* LSB of time stamp to process */ -- cgit v1.2.3 From bcd6e41d983621954dfc3f1f64249a55838b3e6a Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Sun, 13 Aug 2023 14:54:32 +0800 Subject: crypto: engine - Remove prepare/unprepare request The callbacks for prepare and unprepare request in crypto_engine is superfluous. They can be done directly from do_one_request. Move the code into do_one_request and remove the unused callbacks. Signed-off-by: Herbert Xu --- crypto/crypto_engine.c | 42 +----------------------------------------- include/crypto/engine.h | 6 ------ 2 files changed, 1 insertion(+), 47 deletions(-) (limited to 'crypto') diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c index 74fcc0897041..17f7955500a0 100644 --- a/crypto/crypto_engine.c +++ b/crypto/crypto_engine.c @@ -26,9 +26,6 @@ static void crypto_finalize_request(struct crypto_engine *engine, struct crypto_async_request *req, int err) { unsigned long flags; - bool finalize_req = false; - int ret; - struct crypto_engine_ctx *enginectx; /* * If hardware cannot enqueue more requests @@ -38,21 +35,11 @@ static void crypto_finalize_request(struct crypto_engine *engine, if (!engine->retry_support) { spin_lock_irqsave(&engine->queue_lock, flags); if (engine->cur_req == req) { - finalize_req = true; engine->cur_req = NULL; } spin_unlock_irqrestore(&engine->queue_lock, flags); } - if (finalize_req || engine->retry_support) { - enginectx = crypto_tfm_ctx(req->tfm); - if (enginectx->op.prepare_request && - enginectx->op.unprepare_request) { - ret = enginectx->op.unprepare_request(engine, req); - if (ret) - dev_err(engine->dev, "failed to unprepare request\n"); - } - } lockdep_assert_in_softirq(); crypto_request_complete(req, err); @@ -141,20 +128,12 @@ start_request: ret = engine->prepare_crypt_hardware(engine); if (ret) { dev_err(engine->dev, "failed to prepare crypt hardware\n"); - goto req_err_2; + goto req_err_1; } } enginectx = crypto_tfm_ctx(async_req->tfm); - if (enginectx->op.prepare_request) { - ret = enginectx->op.prepare_request(engine, async_req); - if (ret) { - dev_err(engine->dev, "failed to prepare request: %d\n", - ret); - goto req_err_2; - } - } if (!enginectx->op.do_one_request) { dev_err(engine->dev, "failed to do request\n"); ret = -EINVAL; @@ -177,18 +156,6 @@ start_request: ret); goto req_err_1; } - /* - * If retry mechanism is supported, - * unprepare current request and - * enqueue it back into crypto-engine queue. - */ - if (enginectx->op.unprepare_request) { - ret = enginectx->op.unprepare_request(engine, - async_req); - if (ret) - dev_err(engine->dev, - "failed to unprepare request\n"); - } spin_lock_irqsave(&engine->queue_lock, flags); /* * If hardware was unable to execute request, enqueue it @@ -204,13 +171,6 @@ start_request: goto retry; req_err_1: - if (enginectx->op.unprepare_request) { - ret = enginectx->op.unprepare_request(engine, async_req); - if (ret) - dev_err(engine->dev, "failed to unprepare request\n"); - } - -req_err_2: crypto_request_complete(async_req, ret); retry: diff --git a/include/crypto/engine.h b/include/crypto/engine.h index 2038764b30c2..1b02f69e0a79 100644 --- a/include/crypto/engine.h +++ b/include/crypto/engine.h @@ -78,15 +78,9 @@ struct crypto_engine { /* * struct crypto_engine_op - crypto hardware engine operations - * @prepare_request: do some preparation if needed before handling the current request - * @unprepare_request: undo any work done by prepare_request() * @do_one_request: do encryption for current request */ struct crypto_engine_op { - int (*prepare_request)(struct crypto_engine *engine, - void *areq); - int (*unprepare_request)(struct crypto_engine *engine, - void *areq); int (*do_one_request)(struct crypto_engine *engine, void *areq); }; -- cgit v1.2.3 From 68021dee251e72d87ebbf052acf69b3217c11383 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Sun, 13 Aug 2023 14:54:36 +0800 Subject: crypto: engine - Move crypto inclusions out of header file The engine file does not need the actual crypto type definitions so move those header inclusions to where they are actually used. Signed-off-by: Herbert Xu --- crypto/crypto_engine.c | 7 ++++++- include/crypto/engine.h | 17 +++++++---------- 2 files changed, 13 insertions(+), 11 deletions(-) (limited to 'crypto') diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c index 17f7955500a0..ba43dfba2fa9 100644 --- a/crypto/crypto_engine.c +++ b/crypto/crypto_engine.c @@ -7,10 +7,15 @@ * Author: Baolin Wang */ +#include +#include +#include +#include +#include +#include #include #include #include -#include #include #include "internal.h" diff --git a/include/crypto/engine.h b/include/crypto/engine.h index 1b02f69e0a79..643639c3227c 100644 --- a/include/crypto/engine.h +++ b/include/crypto/engine.h @@ -7,20 +7,17 @@ #ifndef _CRYPTO_ENGINE_H #define _CRYPTO_ENGINE_H -#include -#include +#include #include -#include +#include #include -#include -#include -#include -#include -#include -#include - +struct aead_request; +struct ahash_request; +struct akcipher_request; struct device; +struct kpp_request; +struct skcipher_request; #define ENGINE_NAME_LEN 30 /* -- cgit v1.2.3 From 45c461c503a7a12f4c5efaff289be17a442aeefe Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Sun, 13 Aug 2023 14:54:41 +0800 Subject: crypto: engine - Create internal/engine.h Create crypto/internal/engine.h to house details that should not be used by drivers. It is empty for the time being. Signed-off-by: Herbert Xu --- crypto/crypto_engine.c | 2 +- include/crypto/internal/engine.h | 13 +++++++++++++ 2 files changed, 14 insertions(+), 1 deletion(-) create mode 100644 include/crypto/internal/engine.h (limited to 'crypto') diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c index ba43dfba2fa9..a75162bc1bf4 100644 --- a/crypto/crypto_engine.c +++ b/crypto/crypto_engine.c @@ -9,8 +9,8 @@ #include #include -#include #include +#include #include #include #include diff --git a/include/crypto/internal/engine.h b/include/crypto/internal/engine.h new file mode 100644 index 000000000000..ffa1bb39d5e4 --- /dev/null +++ b/include/crypto/internal/engine.h @@ -0,0 +1,13 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * Crypto engine API + * + * Copyright (c) 2016 Baolin Wang + * Copyright (c) 2023 Herbert Xu + */ +#ifndef _CRYPTO_INTERNAL_ENGINE_H +#define _CRYPTO_INTERNAL_ENGINE_H + +#include + +#endif -- cgit v1.2.3 From e5e7eb023f24653b07329162b6359283b3a03a20 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Sun, 13 Aug 2023 14:54:49 +0800 Subject: crypto: engine - Move crypto_engine_ops from request into crypto_alg Rather than having the callback in the request, move it into the crypto_alg object. This avoids having crypto_engine look into the request context is private to the driver. Signed-off-by: Herbert Xu --- crypto/crypto_engine.c | 215 +++++++++++++++++++++++++++++++++++++++++++++--- include/crypto/engine.h | 59 +++++++++++-- 2 files changed, 257 insertions(+), 17 deletions(-) (limited to 'crypto') diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c index a75162bc1bf4..abfb1e6bfa48 100644 --- a/crypto/crypto_engine.c +++ b/crypto/crypto_engine.c @@ -7,20 +7,30 @@ * Author: Baolin Wang */ -#include -#include -#include +#include +#include #include -#include -#include +#include +#include +#include #include #include #include +#include +#include #include #include "internal.h" #define CRYPTO_ENGINE_MAX_QLEN 10 +/* Temporary algorithm flag used to indicate an updated driver. */ +#define CRYPTO_ALG_ENGINE 0x200 + +struct crypto_engine_alg { + struct crypto_alg base; + struct crypto_engine_op op; +}; + /** * crypto_finalize_request - finalize one request if the request is done * @engine: the hardware engine @@ -64,6 +74,8 @@ static void crypto_pump_requests(struct crypto_engine *engine, bool in_kthread) { struct crypto_async_request *async_req, *backlog; + struct crypto_engine_alg *alg; + struct crypto_engine_op *op; unsigned long flags; bool was_busy = false; int ret; @@ -137,15 +149,22 @@ start_request: } } - enginectx = crypto_tfm_ctx(async_req->tfm); - - if (!enginectx->op.do_one_request) { - dev_err(engine->dev, "failed to do request\n"); - ret = -EINVAL; - goto req_err_1; + if (async_req->tfm->__crt_alg->cra_flags & CRYPTO_ALG_ENGINE) { + alg = container_of(async_req->tfm->__crt_alg, + struct crypto_engine_alg, base); + op = &alg->op; + } else { + enginectx = crypto_tfm_ctx(async_req->tfm); + op = &enginectx->op; + + if (!op->do_one_request) { + dev_err(engine->dev, "failed to do request\n"); + ret = -EINVAL; + goto req_err_1; + } } - ret = enginectx->op.do_one_request(engine, async_req); + ret = op->do_one_request(engine, async_req); /* Request unsuccessfully executed by hardware */ if (ret < 0) { @@ -556,5 +575,177 @@ int crypto_engine_exit(struct crypto_engine *engine) } EXPORT_SYMBOL_GPL(crypto_engine_exit); +int crypto_engine_register_aead(struct aead_engine_alg *alg) +{ + if (!alg->op.do_one_request) + return -EINVAL; + + alg->base.base.cra_flags |= CRYPTO_ALG_ENGINE; + + return crypto_register_aead(&alg->base); +} +EXPORT_SYMBOL_GPL(crypto_engine_register_aead); + +void crypto_engine_unregister_aead(struct aead_engine_alg *alg) +{ + crypto_unregister_aead(&alg->base); +} +EXPORT_SYMBOL_GPL(crypto_engine_unregister_aead); + +int crypto_engine_register_aeads(struct aead_engine_alg *algs, int count) +{ + int i, ret; + + for (i = 0; i < count; i++) { + ret = crypto_engine_register_aead(&algs[i]); + if (ret) + goto err; + } + + return 0; + +err: + crypto_engine_unregister_aeads(algs, i); + + return ret; +} +EXPORT_SYMBOL_GPL(crypto_engine_register_aeads); + +void crypto_engine_unregister_aeads(struct aead_engine_alg *algs, int count) +{ + int i; + + for (i = count - 1; i >= 0; --i) + crypto_engine_unregister_aead(&algs[i]); +} +EXPORT_SYMBOL_GPL(crypto_engine_unregister_aeads); + +int crypto_engine_register_ahash(struct ahash_engine_alg *alg) +{ + if (!alg->op.do_one_request) + return -EINVAL; + + alg->base.halg.base.cra_flags |= CRYPTO_ALG_ENGINE; + + return crypto_register_ahash(&alg->base); +} +EXPORT_SYMBOL_GPL(crypto_engine_register_ahash); + +void crypto_engine_unregister_ahash(struct ahash_engine_alg *alg) +{ + crypto_unregister_ahash(&alg->base); +} +EXPORT_SYMBOL_GPL(crypto_engine_unregister_ahash); + +int crypto_engine_register_ahashes(struct ahash_engine_alg *algs, int count) +{ + int i, ret; + + for (i = 0; i < count; i++) { + ret = crypto_engine_register_ahash(&algs[i]); + if (ret) + goto err; + } + + return 0; + +err: + crypto_engine_unregister_ahashes(algs, i); + + return ret; +} +EXPORT_SYMBOL_GPL(crypto_engine_register_ahashes); + +void crypto_engine_unregister_ahashes(struct ahash_engine_alg *algs, + int count) +{ + int i; + + for (i = count - 1; i >= 0; --i) + crypto_engine_unregister_ahash(&algs[i]); +} +EXPORT_SYMBOL_GPL(crypto_engine_unregister_ahashes); + +int crypto_engine_register_akcipher(struct akcipher_engine_alg *alg) +{ + if (!alg->op.do_one_request) + return -EINVAL; + + alg->base.base.cra_flags |= CRYPTO_ALG_ENGINE; + + return crypto_register_akcipher(&alg->base); +} +EXPORT_SYMBOL_GPL(crypto_engine_register_akcipher); + +void crypto_engine_unregister_akcipher(struct akcipher_engine_alg *alg) +{ + crypto_unregister_akcipher(&alg->base); +} +EXPORT_SYMBOL_GPL(crypto_engine_unregister_akcipher); + +int crypto_engine_register_kpp(struct kpp_engine_alg *alg) +{ + if (!alg->op.do_one_request) + return -EINVAL; + + alg->base.base.cra_flags |= CRYPTO_ALG_ENGINE; + + return crypto_register_kpp(&alg->base); +} +EXPORT_SYMBOL_GPL(crypto_engine_register_kpp); + +void crypto_engine_unregister_kpp(struct kpp_engine_alg *alg) +{ + crypto_unregister_kpp(&alg->base); +} +EXPORT_SYMBOL_GPL(crypto_engine_unregister_kpp); + +int crypto_engine_register_skcipher(struct skcipher_engine_alg *alg) +{ + if (!alg->op.do_one_request) + return -EINVAL; + + alg->base.base.cra_flags |= CRYPTO_ALG_ENGINE; + + return crypto_register_skcipher(&alg->base); +} +EXPORT_SYMBOL_GPL(crypto_engine_register_skcipher); + +void crypto_engine_unregister_skcipher(struct skcipher_engine_alg *alg) +{ + return crypto_unregister_skcipher(&alg->base); +} +EXPORT_SYMBOL_GPL(crypto_engine_unregister_skcipher); + +int crypto_engine_register_skciphers(struct skcipher_engine_alg *algs, + int count) +{ + int i, ret; + + for (i = 0; i < count; i++) { + ret = crypto_engine_register_skcipher(&algs[i]); + if (ret) + goto err; + } + + return 0; + +err: + crypto_engine_unregister_skciphers(algs, i); + + return ret; +} +EXPORT_SYMBOL_GPL(crypto_engine_register_skciphers); + +void crypto_engine_unregister_skciphers(struct skcipher_engine_alg *algs, + int count) +{ + int i; + + for (i = count - 1; i >= 0; --i) + crypto_engine_unregister_skcipher(&algs[i]); +} +EXPORT_SYMBOL_GPL(crypto_engine_unregister_skciphers); + MODULE_LICENSE("GPL"); MODULE_DESCRIPTION("Crypto hardware engine framework"); diff --git a/include/crypto/engine.h b/include/crypto/engine.h index cc9c7fd1c4d9..cf57e732566b 100644 --- a/include/crypto/engine.h +++ b/include/crypto/engine.h @@ -7,15 +7,15 @@ #ifndef _CRYPTO_ENGINE_H #define _CRYPTO_ENGINE_H +#include +#include +#include +#include +#include #include -struct aead_request; -struct ahash_request; -struct akcipher_request; struct crypto_engine; struct device; -struct kpp_request; -struct skcipher_request; /* * struct crypto_engine_op - crypto hardware engine operations @@ -30,6 +30,31 @@ struct crypto_engine_ctx { struct crypto_engine_op op; }; +struct aead_engine_alg { + struct aead_alg base; + struct crypto_engine_op op; +}; + +struct ahash_engine_alg { + struct ahash_alg base; + struct crypto_engine_op op; +}; + +struct akcipher_engine_alg { + struct akcipher_alg base; + struct crypto_engine_op op; +}; + +struct kpp_engine_alg { + struct kpp_alg base; + struct crypto_engine_op op; +}; + +struct skcipher_engine_alg { + struct skcipher_alg base; + struct crypto_engine_op op; +}; + int crypto_transfer_aead_request_to_engine(struct crypto_engine *engine, struct aead_request *req); int crypto_transfer_akcipher_request_to_engine(struct crypto_engine *engine, @@ -59,4 +84,28 @@ struct crypto_engine *crypto_engine_alloc_init_and_set(struct device *dev, bool rt, int qlen); int crypto_engine_exit(struct crypto_engine *engine); +int crypto_engine_register_aead(struct aead_engine_alg *alg); +void crypto_engine_unregister_aead(struct aead_engine_alg *alg); +int crypto_engine_register_aeads(struct aead_engine_alg *algs, int count); +void crypto_engine_unregister_aeads(struct aead_engine_alg *algs, int count); + +int crypto_engine_register_ahash(struct ahash_engine_alg *alg); +void crypto_engine_unregister_ahash(struct ahash_engine_alg *alg); +int crypto_engine_register_ahashes(struct ahash_engine_alg *algs, int count); +void crypto_engine_unregister_ahashes(struct ahash_engine_alg *algs, + int count); + +int crypto_engine_register_akcipher(struct akcipher_engine_alg *alg); +void crypto_engine_unregister_akcipher(struct akcipher_engine_alg *alg); + +int crypto_engine_register_kpp(struct kpp_engine_alg *alg); +void crypto_engine_unregister_kpp(struct kpp_engine_alg *alg); + +int crypto_engine_register_skcipher(struct skcipher_engine_alg *alg); +void crypto_engine_unregister_skcipher(struct skcipher_engine_alg *alg); +int crypto_engine_register_skciphers(struct skcipher_engine_alg *algs, + int count); +void crypto_engine_unregister_skciphers(struct skcipher_engine_alg *algs, + int count); + #endif /* _CRYPTO_ENGINE_H */ -- cgit v1.2.3 From 5ce0bc68e0eeab14fe4dd3be9975c5ced7b20617 Mon Sep 17 00:00:00 2001 From: Herbert Xu Date: Sun, 13 Aug 2023 14:55:20 +0800 Subject: crypto: engine - Remove crypto_engine_ctx Remove the obsolete crypto_engine_ctx structure. Signed-off-by: Herbert Xu --- crypto/crypto_engine.c | 12 +++--------- include/crypto/engine.h | 4 ---- 2 files changed, 3 insertions(+), 13 deletions(-) (limited to 'crypto') diff --git a/crypto/crypto_engine.c b/crypto/crypto_engine.c index abfb1e6bfa48..108d9d55c509 100644 --- a/crypto/crypto_engine.c +++ b/crypto/crypto_engine.c @@ -79,7 +79,6 @@ static void crypto_pump_requests(struct crypto_engine *engine, unsigned long flags; bool was_busy = false; int ret; - struct crypto_engine_ctx *enginectx; spin_lock_irqsave(&engine->queue_lock, flags); @@ -154,14 +153,9 @@ start_request: struct crypto_engine_alg, base); op = &alg->op; } else { - enginectx = crypto_tfm_ctx(async_req->tfm); - op = &enginectx->op; - - if (!op->do_one_request) { - dev_err(engine->dev, "failed to do request\n"); - ret = -EINVAL; - goto req_err_1; - } + dev_err(engine->dev, "failed to do request\n"); + ret = -EINVAL; + goto req_err_1; } ret = op->do_one_request(engine, async_req); diff --git a/include/crypto/engine.h b/include/crypto/engine.h index cf57e732566b..2835069c5997 100644 --- a/include/crypto/engine.h +++ b/include/crypto/engine.h @@ -26,10 +26,6 @@ struct crypto_engine_op { void *areq); }; -struct crypto_engine_ctx { - struct crypto_engine_op op; -}; - struct aead_engine_alg { struct aead_alg base; struct crypto_engine_op op; -- cgit v1.2.3 From ef5b52a631f8c18353e80ccab8408b963305510c Mon Sep 17 00:00:00 2001 From: Thore Sommer Date: Tue, 15 Aug 2023 14:29:42 +0300 Subject: X.509: if signature is unsupported skip validation When the hash algorithm for the signature is not available the digest size is 0 and the signature in the certificate is marked as unsupported. When validating a self-signed certificate, this needs to be checked, because otherwise trying to validate the signature will fail with an warning: Loading compiled-in X.509 certificates WARNING: CPU: 0 PID: 1 at crypto/rsa-pkcs1pad.c:537 \ pkcs1pad_verify+0x46/0x12c ... Problem loading in-kernel X.509 certificate (-22) Signed-off-by: Thore Sommer Cc: stable@vger.kernel.org # v4.7+ Fixes: 6c2dc5ae4ab7 ("X.509: Extract signature digest and make self-signed cert checks earlier") Signed-off-by: Herbert Xu --- crypto/asymmetric_keys/x509_public_key.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'crypto') diff --git a/crypto/asymmetric_keys/x509_public_key.c b/crypto/asymmetric_keys/x509_public_key.c index 6fdfc82e23a8..7c71db3ac23d 100644 --- a/crypto/asymmetric_keys/x509_public_key.c +++ b/crypto/asymmetric_keys/x509_public_key.c @@ -130,6 +130,11 @@ int x509_check_for_self_signed(struct x509_certificate *cert) goto out; } + if (cert->unsupported_sig) { + ret = 0; + goto out; + } + ret = public_key_verify_signature(cert->pub, cert->sig); if (ret < 0) { if (ret == -ENOPKG) { -- cgit v1.2.3