Commit 6010439f47e6b308c031dad7d99686030ef942dd
1 parent
e4d5b79c66
Exists in
master
and in
7 other branches
[CRYPTO] padlock: Convert padlock-sha to use crypto_hash
This patch converts padlock-sha to use crypto_hash for its fallback. It also changes the fallback selection to use selection by type instead of name. This is done through the new CRYPTO_ALG_NEED_FALLBACK bit, which is set if and only if an algorithm needs a fallback of the same type. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Showing 2 changed files with 41 additions and 56 deletions Side-by-side Diff
drivers/crypto/padlock-sha.c
| ... | ... | @@ -12,10 +12,11 @@ |
| 12 | 12 | * |
| 13 | 13 | */ |
| 14 | 14 | |
| 15 | +#include <crypto/algapi.h> | |
| 16 | +#include <linux/err.h> | |
| 15 | 17 | #include <linux/module.h> |
| 16 | 18 | #include <linux/init.h> |
| 17 | 19 | #include <linux/errno.h> |
| 18 | -#include <linux/crypto.h> | |
| 19 | 20 | #include <linux/cryptohash.h> |
| 20 | 21 | #include <linux/interrupt.h> |
| 21 | 22 | #include <linux/kernel.h> |
| 22 | 23 | |
| 23 | 24 | |
| ... | ... | @@ -30,28 +31,17 @@ |
| 30 | 31 | #define SHA256_DIGEST_SIZE 32 |
| 31 | 32 | #define SHA256_HMAC_BLOCK_SIZE 64 |
| 32 | 33 | |
| 33 | -static char *sha1_fallback = SHA1_DEFAULT_FALLBACK; | |
| 34 | -static char *sha256_fallback = SHA256_DEFAULT_FALLBACK; | |
| 35 | - | |
| 36 | -module_param(sha1_fallback, charp, 0644); | |
| 37 | -module_param(sha256_fallback, charp, 0644); | |
| 38 | - | |
| 39 | -MODULE_PARM_DESC(sha1_fallback, "Fallback driver for SHA1. Default is " | |
| 40 | - SHA1_DEFAULT_FALLBACK); | |
| 41 | -MODULE_PARM_DESC(sha256_fallback, "Fallback driver for SHA256. Default is " | |
| 42 | - SHA256_DEFAULT_FALLBACK); | |
| 43 | - | |
| 44 | 34 | struct padlock_sha_ctx { |
| 45 | 35 | char *data; |
| 46 | 36 | size_t used; |
| 47 | 37 | int bypass; |
| 48 | 38 | void (*f_sha_padlock)(const char *in, char *out, int count); |
| 49 | - struct crypto_tfm *fallback_tfm; | |
| 39 | + struct hash_desc fallback; | |
| 50 | 40 | }; |
| 51 | 41 | |
| 52 | 42 | static inline struct padlock_sha_ctx *ctx(struct crypto_tfm *tfm) |
| 53 | 43 | { |
| 54 | - return (struct padlock_sha_ctx *)(crypto_tfm_ctx(tfm)); | |
| 44 | + return crypto_tfm_ctx(tfm); | |
| 55 | 45 | } |
| 56 | 46 | |
| 57 | 47 | /* We'll need aligned address on the stack */ |
| 58 | 48 | |
| ... | ... | @@ -65,14 +55,12 @@ |
| 65 | 55 | if (ctx(tfm)->bypass) |
| 66 | 56 | return; |
| 67 | 57 | |
| 68 | - BUG_ON(!ctx(tfm)->fallback_tfm); | |
| 69 | - | |
| 70 | - crypto_digest_init(ctx(tfm)->fallback_tfm); | |
| 58 | + crypto_hash_init(&ctx(tfm)->fallback); | |
| 71 | 59 | if (ctx(tfm)->data && ctx(tfm)->used) { |
| 72 | 60 | struct scatterlist sg; |
| 73 | 61 | |
| 74 | 62 | sg_set_buf(&sg, ctx(tfm)->data, ctx(tfm)->used); |
| 75 | - crypto_digest_update(ctx(tfm)->fallback_tfm, &sg, 1); | |
| 63 | + crypto_hash_update(&ctx(tfm)->fallback, &sg, sg.length); | |
| 76 | 64 | } |
| 77 | 65 | |
| 78 | 66 | ctx(tfm)->used = 0; |
| 79 | 67 | |
| ... | ... | @@ -95,9 +83,8 @@ |
| 95 | 83 | |
| 96 | 84 | if (unlikely(ctx(tfm)->bypass)) { |
| 97 | 85 | struct scatterlist sg; |
| 98 | - BUG_ON(!ctx(tfm)->fallback_tfm); | |
| 99 | 86 | sg_set_buf(&sg, (uint8_t *)data, length); |
| 100 | - crypto_digest_update(ctx(tfm)->fallback_tfm, &sg, 1); | |
| 87 | + crypto_hash_update(&ctx(tfm)->fallback, &sg, length); | |
| 101 | 88 | return; |
| 102 | 89 | } |
| 103 | 90 | |
| ... | ... | @@ -160,8 +147,7 @@ |
| 160 | 147 | static void padlock_sha_final(struct crypto_tfm *tfm, uint8_t *out) |
| 161 | 148 | { |
| 162 | 149 | if (unlikely(ctx(tfm)->bypass)) { |
| 163 | - BUG_ON(!ctx(tfm)->fallback_tfm); | |
| 164 | - crypto_digest_final(ctx(tfm)->fallback_tfm, out); | |
| 150 | + crypto_hash_final(&ctx(tfm)->fallback, out); | |
| 165 | 151 | ctx(tfm)->bypass = 0; |
| 166 | 152 | return; |
| 167 | 153 | } |
| 168 | 154 | |
| ... | ... | @@ -172,8 +158,11 @@ |
| 172 | 158 | ctx(tfm)->used = 0; |
| 173 | 159 | } |
| 174 | 160 | |
| 175 | -static int padlock_cra_init(struct crypto_tfm *tfm, const char *fallback_driver_name) | |
| 161 | +static int padlock_cra_init(struct crypto_tfm *tfm) | |
| 176 | 162 | { |
| 163 | + const char *fallback_driver_name = tfm->__crt_alg->cra_name; | |
| 164 | + struct crypto_hash *fallback_tfm; | |
| 165 | + | |
| 177 | 166 | /* For now we'll allocate one page. This |
| 178 | 167 | * could eventually be configurable one day. */ |
| 179 | 168 | ctx(tfm)->data = (char *)__get_free_page(GFP_KERNEL); |
| 180 | 169 | |
| 181 | 170 | |
| ... | ... | @@ -181,14 +170,17 @@ |
| 181 | 170 | return -ENOMEM; |
| 182 | 171 | |
| 183 | 172 | /* Allocate a fallback and abort if it failed. */ |
| 184 | - ctx(tfm)->fallback_tfm = crypto_alloc_tfm(fallback_driver_name, 0); | |
| 185 | - if (!ctx(tfm)->fallback_tfm) { | |
| 173 | + fallback_tfm = crypto_alloc_hash(fallback_driver_name, 0, | |
| 174 | + CRYPTO_ALG_ASYNC | | |
| 175 | + CRYPTO_ALG_NEED_FALLBACK); | |
| 176 | + if (IS_ERR(fallback_tfm)) { | |
| 186 | 177 | printk(KERN_WARNING PFX "Fallback driver '%s' could not be loaded!\n", |
| 187 | 178 | fallback_driver_name); |
| 188 | 179 | free_page((unsigned long)(ctx(tfm)->data)); |
| 189 | - return -ENOENT; | |
| 180 | + return PTR_ERR(fallback_tfm); | |
| 190 | 181 | } |
| 191 | 182 | |
| 183 | + ctx(tfm)->fallback.tfm = fallback_tfm; | |
| 192 | 184 | return 0; |
| 193 | 185 | } |
| 194 | 186 | |
| 195 | 187 | |
| ... | ... | @@ -196,14 +188,14 @@ |
| 196 | 188 | { |
| 197 | 189 | ctx(tfm)->f_sha_padlock = padlock_do_sha1; |
| 198 | 190 | |
| 199 | - return padlock_cra_init(tfm, sha1_fallback); | |
| 191 | + return padlock_cra_init(tfm); | |
| 200 | 192 | } |
| 201 | 193 | |
| 202 | 194 | static int padlock_sha256_cra_init(struct crypto_tfm *tfm) |
| 203 | 195 | { |
| 204 | 196 | ctx(tfm)->f_sha_padlock = padlock_do_sha256; |
| 205 | 197 | |
| 206 | - return padlock_cra_init(tfm, sha256_fallback); | |
| 198 | + return padlock_cra_init(tfm); | |
| 207 | 199 | } |
| 208 | 200 | |
| 209 | 201 | static void padlock_cra_exit(struct crypto_tfm *tfm) |
| 210 | 202 | |
| ... | ... | @@ -213,16 +205,16 @@ |
| 213 | 205 | ctx(tfm)->data = NULL; |
| 214 | 206 | } |
| 215 | 207 | |
| 216 | - BUG_ON(!ctx(tfm)->fallback_tfm); | |
| 217 | - crypto_free_tfm(ctx(tfm)->fallback_tfm); | |
| 218 | - ctx(tfm)->fallback_tfm = NULL; | |
| 208 | + crypto_free_hash(ctx(tfm)->fallback.tfm); | |
| 209 | + ctx(tfm)->fallback.tfm = NULL; | |
| 219 | 210 | } |
| 220 | 211 | |
| 221 | 212 | static struct crypto_alg sha1_alg = { |
| 222 | 213 | .cra_name = "sha1", |
| 223 | 214 | .cra_driver_name = "sha1-padlock", |
| 224 | 215 | .cra_priority = PADLOCK_CRA_PRIORITY, |
| 225 | - .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | |
| 216 | + .cra_flags = CRYPTO_ALG_TYPE_DIGEST | | |
| 217 | + CRYPTO_ALG_NEED_FALLBACK, | |
| 226 | 218 | .cra_blocksize = SHA1_HMAC_BLOCK_SIZE, |
| 227 | 219 | .cra_ctxsize = sizeof(struct padlock_sha_ctx), |
| 228 | 220 | .cra_module = THIS_MODULE, |
| ... | ... | @@ -243,7 +235,8 @@ |
| 243 | 235 | .cra_name = "sha256", |
| 244 | 236 | .cra_driver_name = "sha256-padlock", |
| 245 | 237 | .cra_priority = PADLOCK_CRA_PRIORITY, |
| 246 | - .cra_flags = CRYPTO_ALG_TYPE_DIGEST, | |
| 238 | + .cra_flags = CRYPTO_ALG_TYPE_DIGEST | | |
| 239 | + CRYPTO_ALG_NEED_FALLBACK, | |
| 247 | 240 | .cra_blocksize = SHA256_HMAC_BLOCK_SIZE, |
| 248 | 241 | .cra_ctxsize = sizeof(struct padlock_sha_ctx), |
| 249 | 242 | .cra_module = THIS_MODULE, |
| 250 | 243 | |
| ... | ... | @@ -262,29 +255,15 @@ |
| 262 | 255 | |
| 263 | 256 | static void __init padlock_sha_check_fallbacks(void) |
| 264 | 257 | { |
| 265 | - struct crypto_tfm *tfm; | |
| 258 | + if (!crypto_has_hash("sha1", 0, CRYPTO_ALG_ASYNC | | |
| 259 | + CRYPTO_ALG_NEED_FALLBACK)) | |
| 260 | + printk(KERN_WARNING PFX | |
| 261 | + "Couldn't load fallback module for sha1.\n"); | |
| 266 | 262 | |
| 267 | - /* We'll try to allocate one TFM for each fallback | |
| 268 | - * to test that the modules are available. */ | |
| 269 | - tfm = crypto_alloc_tfm(sha1_fallback, 0); | |
| 270 | - if (!tfm) { | |
| 271 | - printk(KERN_WARNING PFX "Couldn't load fallback module for '%s'. Tried '%s'.\n", | |
| 272 | - sha1_alg.cra_name, sha1_fallback); | |
| 273 | - } else { | |
| 274 | - printk(KERN_NOTICE PFX "Fallback for '%s' is driver '%s' (prio=%d)\n", sha1_alg.cra_name, | |
| 275 | - crypto_tfm_alg_driver_name(tfm), crypto_tfm_alg_priority(tfm)); | |
| 276 | - crypto_free_tfm(tfm); | |
| 277 | - } | |
| 278 | - | |
| 279 | - tfm = crypto_alloc_tfm(sha256_fallback, 0); | |
| 280 | - if (!tfm) { | |
| 281 | - printk(KERN_WARNING PFX "Couldn't load fallback module for '%s'. Tried '%s'.\n", | |
| 282 | - sha256_alg.cra_name, sha256_fallback); | |
| 283 | - } else { | |
| 284 | - printk(KERN_NOTICE PFX "Fallback for '%s' is driver '%s' (prio=%d)\n", sha256_alg.cra_name, | |
| 285 | - crypto_tfm_alg_driver_name(tfm), crypto_tfm_alg_priority(tfm)); | |
| 286 | - crypto_free_tfm(tfm); | |
| 287 | - } | |
| 263 | + if (!crypto_has_hash("sha256", 0, CRYPTO_ALG_ASYNC | | |
| 264 | + CRYPTO_ALG_NEED_FALLBACK)) | |
| 265 | + printk(KERN_WARNING PFX | |
| 266 | + "Couldn't load fallback module for sha256.\n"); | |
| 288 | 267 | } |
| 289 | 268 | |
| 290 | 269 | static int __init padlock_init(void) |
include/linux/crypto.h
| ... | ... | @@ -43,6 +43,12 @@ |
| 43 | 43 | #define CRYPTO_ALG_ASYNC 0x00000080 |
| 44 | 44 | |
| 45 | 45 | /* |
| 46 | + * Set this bit if and only if the algorithm requires another algorithm of | |
| 47 | + * the same type to handle corner cases. | |
| 48 | + */ | |
| 49 | +#define CRYPTO_ALG_NEED_FALLBACK 0x00000100 | |
| 50 | + | |
| 51 | +/* | |
| 46 | 52 | * Transform masks and values (for crt_flags). |
| 47 | 53 | */ |
| 48 | 54 | #define CRYPTO_TFM_MODE_MASK 0x000000ff |