From patchwork Sat Oct 12 15:05:44 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Markus Elfring X-Patchwork-Id: 834972 Received: from mout.web.de (mout.web.de [212.227.17.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AE00A11CA0; Sat, 12 Oct 2024 15:05:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=212.227.17.12 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728745563; cv=none; b=WZNrY8UyjVaJ/vV5Ppf6gSbEI2Oki2Cm0LIkdpuYwtGlcCsez0C6EuRkYirfFZMFCXfRk7nwil+x7Hu3r3GQSWT2MaxNZTpPkWUg6Ki6ihrGD6mXy8w5azDexKOEUZ1LnzYdeIkZatMw8K5CCoezLoif0n9Qr3p0dCPj7VkEdYw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728745563; c=relaxed/simple; bh=S7tpWXAulEfXczQ3Q38hJ+twqbJoVUYqxTYPsyXWQAs=; h=Message-ID:Date:MIME-Version:Subject:From:To:Cc:References: In-Reply-To:Content-Type; b=MgF5GIOhk6KtoUmHmXUEhKeGrrA4I+XfEKATHkQMBN993HBW0P6CwXDqW/GEUmBEK20gmViWmTHMGsc2kYXUO+cjkJ3jlNpCGryupG7P4WUMd9egozTma4keCYxxxaEBiO76m/tziWQkvR2Ld7xCta1xrsaXImKTwkQ8sphSBhs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=web.de; spf=pass smtp.mailfrom=web.de; dkim=pass (2048-bit key) header.d=web.de header.i=markus.elfring@web.de header.b=mB5gCau/; arc=none smtp.client-ip=212.227.17.12 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=web.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=web.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=web.de header.i=markus.elfring@web.de header.b="mB5gCau/" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=web.de; s=s29768273; t=1728745546; x=1729350346; i=markus.elfring@web.de; bh=+ooXuq3xV3z4uSkz3ZVk+MJfz76w0jaExrA46M+2cv0=; h=X-UI-Sender-Class:Message-ID:Date:MIME-Version:Subject:From:To: Cc:References:In-Reply-To:Content-Type:Content-Transfer-Encoding: cc:content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=mB5gCau/k1VhxMqmcYv/PZYNtCN2vdaUlOrNAp2UpK3D/qKpAkZsygM5BlJpPrxv qaK8ynBvXwLIudN/9DUvCm9b2HfBo/u67xkO9Sefp0/wNfBvk+clD1i1jDS9e5eXz SlKhyc2XiiMMfAbW0td0odw/Mo2gUjBgxo8/KmMlIQpafpzzOk930cSzwgAxMaetn vx9WrTj+A06er38BfMptKertQTpyF7kkTF9zy6GH2qkjyHsGeQosfMUHf6lfEwKJZ ENBvMd7/lKRCBPClFcIlEZqNuSFK9nMYWbsflHVTtoLRPFvSQNLda38CRvk/JSNZT +RtdAPQ8WfNovrV9CQ== X-UI-Sender-Class: 814a7b36-bfc1-4dae-8640-3722d8ec6cd6 Received: from [192.168.178.21] ([94.31.89.95]) by smtp.web.de (mrweb106 [213.165.67.124]) with ESMTPSA (Nemesis) id 1MsaRt-1tnu7d2fc3-00qzpE; Sat, 12 Oct 2024 17:05:46 +0200 Message-ID: <265021be-5349-4bda-88af-80b3796a4b88@web.de> Date: Sat, 12 Oct 2024 17:05:44 +0200 Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: [PATCH v3 1/3] crypto: lib/mpi - Extend support for scope-based resource management From: Markus Elfring To: linux-crypto@vger.kernel.org, kernel-janitors@vger.kernel.org, Andrew Morton , Herbert Xu , Peter Zijlstra Cc: LKML References: <202409180725.ZV8DCvII-lkp@intel.com> <91d10516-4ba9-4fe0-8f63-86205cc4f88c@web.de> <9ddc71e7-e98a-4fa8-b140-4035dd2874b6@web.de> Content-Language: en-GB In-Reply-To: X-Provags-ID: V03:K1:e/7I/RLhJfIa7NP5KTPnYC8Kqi2cfRLkbKskE2NubKjz4YbgJ6f R1G2FFVIS6kyL28qv6EBJpUDTGg7tZwNTMqSYcAxkyFxQloOeBTOHYHF5mDeTFW59nxN+MW 2jXMGHF1zCQ6XHCBLOd0UDUdzhYibRrmW7w9XTd/h3kPKSPAUAzQUbin/UYsuzcp+Pd2uSD wayQdPB6xOFa+/+JTOrBw== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:dHaS+jlx2Us=;48wLR3yji6IMcPOw0nB/ENK2lgy caUPnTBDAK/Cj4XieFzJ+fbMGIXASzp3pBr/AZEa6fWEJATEVtA77wqHFDK41Xe52IvMcUGbi ECl5D5Q7A+QPQy/j19ItORRss3YUBSQDXBN6zJ1Pe36Lp6VaS06iTa88Kj5gQlVu2pJ6vmTaD h0p+qk5NHGeF4TFC3lwExKQDBNLIswyTiYqRcyB+K8hgB2Ibdfa2yqx47i2D7d8AL7ar0eppX m9ywun8TD8RdH6sH6qdm9noES9X/omFkqITAM75Jdzu399HDrvTO1HTbQZX7xoRIZox4EzGC+ hY+a+HzvT8JFVbHUvgqEzHa5vRGzKz3EVeN7LwSk6h/VI5fkDFZaYqmjxK1CR23ACV9GQsxB0 lEzjGn2p4U88980Q6EfTWdTekC4kLv4mQr8YOltffnvqPuj0ODyTW5qaCFhcFFJwvNKvnMDFg LI50eYdPw62bntLuDYv0hiwVci0zk8Qa/q4zJzXxS9KLyOG87dTh++5B+ESS9CanQEi4DiYa9 +eUKoa1hTfcgtWzHVy9PPhISdRnqNsebKuIQnvKA3IrD2MnGTig416PDiep7DOtEh6dz1B4Qh 85Agz/FW3ru8bLJ38GBBu1RLa3819cuu5NzLvYvWTCd5NCsD3i/E4KYn3Si1y7Cly5124aftM lDui95omwvwIguXK8uBbNwSjHj3Ylx40A4Cp8vJgNeuEw5TL0oXgXD35soF2qclh0ViMjcoGb aA8EQdwQ5p0/CsJZ0PMb5lUBj3Ed2PPWDAAqmkaELv7vc6rExWIT2esYHv13Lf+jKnoLR9lAy PJcchPiGbbS64I0aCQjcUIkQ== From: Markus Elfring Date: Wed, 18 Sep 2024 11:06:35 +0200 Scope-based resource management became supported for some programming interfaces by contributions of Peter Zijlstra on 2023-05-26. See also the commit 54da6a0924311c7cf5015533991e44fb8eb12773 ("locking: Introduce __cleanup() based infrastructure"). Thus add a macro call so that the attribute “__free(mpi_free)” can be applied accordingly. Signed-off-by: Markus Elfring --- V3: This suggestion was integrated into a patch series. include/linux/mpi.h | 4 ++++ 1 file changed, 4 insertions(+) -- 2.46.1 diff --git a/include/linux/mpi.h b/include/linux/mpi.h index 47be46f36435..6fbcb88ce296 100644 --- a/include/linux/mpi.h +++ b/include/linux/mpi.h @@ -19,6 +19,8 @@ #include #include +#include +#include #define BYTES_PER_MPI_LIMB (BITS_PER_LONG / 8) #define BITS_PER_MPI_LIMB BITS_PER_LONG @@ -44,6 +46,8 @@ typedef struct gcry_mpi *MPI; /*-- mpiutil.c --*/ MPI mpi_alloc(unsigned nlimbs); void mpi_free(MPI a); +DEFINE_FREE(mpi_free, MPI, if (!IS_ERR_OR_NULL(_T)) mpi_free(_T)) + int mpi_resize(MPI a, unsigned nlimbs); MPI mpi_copy(MPI a); From patchwork Sat Oct 12 15:08:02 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Markus Elfring X-Patchwork-Id: 835248 Received: from mout.web.de (mout.web.de [217.72.192.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0DC2D1946CA; Sat, 12 Oct 2024 15:08:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=217.72.192.78 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728745699; cv=none; b=nXc4+jvYhlyx6n/q0VKXh4Zn/ymvlvgltl/hlb0wxYSk8yD1mlIc+dY+yKK8zWXhLajSb1gNnO6a6K+843D7BVAJ0VWGFdXvhpFo6tyNndxAf+RuWztl8w0zQybCVLlNW0IpMlvUCYu/P2MUCuHmkHmcQyxpX+w4xK/Ob94qMek= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728745699; c=relaxed/simple; bh=V4yVz6wKBRIKfkbZbcimzf6FMITfCN32tsehdEe570o=; h=Message-ID:Date:MIME-Version:Subject:From:To:Cc:References: In-Reply-To:Content-Type; b=NhfX8yadW79ZV9Qz63ByJb9gLqvVsj7COLcT0dd1t7nTvAPsmOSsz0wbw1dNZWEssSbwQhvzIvHsTAGmmr42Ul9+U+9LXrH9zYf9Oj2kSqRZsX4bwB0hQH1u7PIZx06PYq5tD1BjInKwcY1X4bK9T71Tvzm2I6U4rhbxtkCox74= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=web.de; spf=pass smtp.mailfrom=web.de; dkim=pass (2048-bit key) header.d=web.de header.i=markus.elfring@web.de header.b=nPn6CazV; arc=none smtp.client-ip=217.72.192.78 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=web.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=web.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=web.de header.i=markus.elfring@web.de header.b="nPn6CazV" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=web.de; s=s29768273; t=1728745683; x=1729350483; i=markus.elfring@web.de; bh=iZAp6vq9/uO0eUWPyUtNjgnNySurb1U0onZR/j8rsxM=; h=X-UI-Sender-Class:Message-ID:Date:MIME-Version:Subject:From:To: Cc:References:In-Reply-To:Content-Type:Content-Transfer-Encoding: cc:content-transfer-encoding:content-type:date:from:message-id: mime-version:reply-to:subject:to; b=nPn6CazV9nXuqgdI8NdSt1yjJPyDi7BW8p0upcYsAfshUs5fTdTobPDpQNSe4QvZ kGZv4zdYJA0VniMu79aJIyZpGHXCb4fhMzpd/NNuLmP0au+pOuBEtibhFe6v1qAGD 4k+Rsghj7SrwGdxoxq+6O0T5q3k1xxpkjCYXr7cZhAzuP/4EoshfCgYd+D3yZ8MPV w/4KZ5CcIHpYikIl0z7x3WCxM+jMT5RLTgdE+YDTToiTV2B77dofjSISL55PK6Fu4 AC1gjqjDyOWaVygE2rN9wxrDpxIHF5TxofhAj9hAn1ypwHPIZM2/vxl771W3FkGAV o+WrOhD8y61L9Shh0A== X-UI-Sender-Class: 814a7b36-bfc1-4dae-8640-3722d8ec6cd6 Received: from [192.168.178.21] ([94.31.89.95]) by smtp.web.de (mrweb106 [213.165.67.124]) with ESMTPSA (Nemesis) id 1M5QmF-1t11Il4BGP-003yQ3; Sat, 12 Oct 2024 17:08:03 +0200 Message-ID: <300a0376-f003-4862-bb16-7e004733c9c1@web.de> Date: Sat, 12 Oct 2024 17:08:02 +0200 Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: [PATCH v3 2/3] lib/digsig: Use scope-based resource management for two MPI variables in digsig_verify_rsa() From: Markus Elfring To: linux-crypto@vger.kernel.org, kernel-janitors@vger.kernel.org, Andrew Morton , Herbert Xu , Peter Zijlstra Cc: LKML References: <202409180725.ZV8DCvII-lkp@intel.com> <91d10516-4ba9-4fe0-8f63-86205cc4f88c@web.de> <9ddc71e7-e98a-4fa8-b140-4035dd2874b6@web.de> Content-Language: en-GB In-Reply-To: X-Provags-ID: V03:K1:497pF5zuEW/lCuL/zjVIJTipmxMD97VJCGU3NAD1k5gAA67nX9Z EtUdySP2LPIzJz+yx2oF7bPsiU0yoW9MdT7u/wrrJ8q0cqwLDXY46VdD0Dd7ZJTIUjlnRI7 EGdmXl69sUrqM4mrufd2o2ptaliOSCZ0/w7V0pJvIjOa7e9N0zTDoxl+2LwbljnasTJ+1jI AAnJsziTw9fStm/xXv/DQ== X-Spam-Flag: NO UI-OutboundReport: notjunk:1;M01:P0:M9tx4N0BDyE=;KOrI07oC/t+naMduiVaOpUT6/lH boC6nxcGggzGxU+4WMsYjm/T4laTLzYrR8UrUytbrO4NRrSpC90W6vVXOWh6qHJHSfZEH04Hx 0+AYpYgxGpSVghdRM59D1sPsAvrPZ6YwUoIOIie5H/HPu/tPPi2yUqrJFeevkC3mVPN42h1RI uudBftq/0EUMjOKsyJynd/ylxViRgmdl5J7vvEvSmhOFJzR2Elp7L3S0JuuCmqz3sWM1ow3Ib OBHm47ZK4rJbjrXR6Hguu3yhjayOoVzav6JMBepF0sb/yZRdPAwSYQpLNR+UizISoTQJ20iDa rpp9YcfHSEuP7IKsSuunV6u9sHUdVBK5l3fv6vF1Fx/OieB9GKrZylZJ1RpyWVeG0i6MkYWC3 k/fRKMmLYyIRGMvW6r6AHG5g4XyJlMJxtwISJbuAzksJ3cFUDbEWNYzd0qQtfQnU2MieOtg2G YuazczByiG+pxzRS1ZaWHzLw2qvIh6poE2ePrfiJbiiApT6rRTvOXFAhjq4xAg19LJnPKP6DO Z9rrjF6IG5b/3XFUO7RFtiR2jmUditGwxNPGeLVPMMFv2JSZ0ZzEkUQvgj9XnTqzMLOBmAKK7 AH58pXh3YweO1owF6+mYuOcVUF6cV/gRU+fB7d6Fc0DC7+40j5p8AvLm7AYxMJIQo4cLSKkV/ jH5/Ib5MLAjFNoODJsgsFaFqfK74yzhtEmJ2V7wbb1+hYL3w9D5of0GbmzGAWV8gUsgtCGJBm cpAfaylkMnlsdCoVYOwuq1WPXRRKIZs9UfVxBlrkZWlNe8fI0jROw4hhmsZHC9m5w/HUGjKMq E8NAxkNFty9IwLslrwRG3UdA== From: Markus Elfring Date: Sat, 12 Oct 2024 14:21:28 +0200 The support for scope-based resource management was extended. * Thus use the attribute “__free(mpi_free)”. * Reduce the scopes for the local variables “nret”, “in” and “res”. * Omit two mpi_free() calls accordingly. * Update jump targets. Signed-off-by: Markus Elfring --- V3: Applications were added as requested (by Herbert Xu) for the proposed programming interface extension. lib/digsig.c | 80 ++++++++++++++++++++++++++++------------------------ 1 file changed, 43 insertions(+), 37 deletions(-) -- 2.46.1 diff --git a/lib/digsig.c b/lib/digsig.c index 04b5e55ed95f..2481120094ab 100644 --- a/lib/digsig.c +++ b/lib/digsig.c @@ -71,11 +71,11 @@ static int digsig_verify_rsa(struct key *key, int err = -EINVAL; unsigned long len; unsigned long mlen, mblen; - unsigned nret, l; + unsigned int l; int head, i; unsigned char *out1 = NULL; const char *m; - MPI in = NULL, res = NULL, pkey[2]; + MPI pkey[2]; uint8_t *p, *datap; const uint8_t *endp; const struct user_key_payload *ukp; @@ -112,7 +112,7 @@ static int digsig_verify_rsa(struct key *key, pkey[i] = mpi_read_from_buffer(datap, &remaining); if (IS_ERR(pkey[i])) { err = PTR_ERR(pkey[i]); - goto err; + goto free_keys; } datap += remaining; } @@ -122,57 +122,63 @@ static int digsig_verify_rsa(struct key *key, if (mlen == 0) { err = -EINVAL; - goto err; + goto free_keys; } err = -ENOMEM; out1 = kzalloc(mlen, GFP_KERNEL); if (!out1) - goto err; + goto free_keys; - nret = siglen; - in = mpi_read_from_buffer(sig, &nret); - if (IS_ERR(in)) { - err = PTR_ERR(in); - goto err; - } + { + unsigned int nret = siglen; + MPI in __free(mpi_free) = mpi_read_from_buffer(sig, &nret); - res = mpi_alloc(mpi_get_nlimbs(in) * 2); - if (!res) - goto err; + if (IS_ERR(in)) { + err = PTR_ERR(in); + goto in_exit; + } - err = mpi_powm(res, in, pkey[1], pkey[0]); - if (err) - goto err; + { + MPI res __free(mpi_free) = mpi_alloc(mpi_get_nlimbs(in) * 2); - if (mpi_get_nlimbs(res) * BYTES_PER_MPI_LIMB > mlen) { - err = -EINVAL; - goto err; - } + if (!res) + goto res_exit; - p = mpi_get_buffer(res, &l, NULL); - if (!p) { - err = -EINVAL; - goto err; - } + err = mpi_powm(res, in, pkey[1], pkey[0]); + if (err) + goto res_exit; - len = mlen; - head = len - l; - memset(out1, 0, head); - memcpy(out1 + head, p, l); + if (mpi_get_nlimbs(res) * BYTES_PER_MPI_LIMB > mlen) { + err = -EINVAL; + goto res_exit; + } - kfree(p); + p = mpi_get_buffer(res, &l, NULL); + if (!p) { + err = -EINVAL; + goto res_exit; + } - m = pkcs_1_v1_5_decode_emsa(out1, len, mblen, &len); + len = mlen; + head = len - l; + memset(out1, 0, head); + memcpy(out1 + head, p, l); - if (!m || len != hlen || memcmp(m, h, hlen)) - err = -EINVAL; + kfree(p); + + m = pkcs_1_v1_5_decode_emsa(out1, len, mblen, &len); + + if (!m || len != hlen || memcmp(m, h, hlen)) + err = -EINVAL; +res_exit: + } +in_exit: + } -err: - mpi_free(in); - mpi_free(res); kfree(out1); +free_keys: while (--i >= 0) mpi_free(pkey[i]); err1: