From patchwork Sun May 4 13:33:14 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Herbert Xu X-Patchwork-Id: 887637 Received: from abb.hmeau.com (abb.hmeau.com [144.6.53.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BD642A32 for ; Sun, 4 May 2025 13:33:18 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=144.6.53.87 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746365602; cv=none; b=qJkEFBAnrDv/LrGbVoQtw20pDb2PsM/cJByMcKqNQDJwhobFeJR2Ma5f2rQWBO3z4aCLsxo+/Di5y2/H+tYVsl8+HPvxNu6CYCPtPlq6etCz5KBbEegPnxa6YQ8qGDSJqyAfv5e/RkVfsrNNjKagYZ8d0jQHyDYUe++Q73HLaI8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746365602; c=relaxed/simple; bh=MgVpVTCst9hwc9gKAuAfShZLKdlzquKc21eW3AbZFyA=; h=Date:Message-Id:From:Subject:To; b=AWMn7Svz3WHYwMTyKmnmjoHKU+re3UPhziqWBk91hg0UU1+gxdsGzx3s1Z13+zOtJ6/pwbBeRfeoS/oiORaDBQb2N5Uz8b6pLLDZUOT4404IYcmLvlL2DH5B90F1eWk7MQE1P1qnShWLfA1QxBx0Z0ECEYSJ4Fhv0/hfiM+cq30= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au; spf=pass smtp.mailfrom=gondor.apana.org.au; dkim=pass (2048-bit key) header.d=hmeau.com header.i=@hmeau.com header.b=HetAzT1y; arc=none smtp.client-ip=144.6.53.87 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=hmeau.com header.i=@hmeau.com header.b="HetAzT1y" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=hmeau.com; s=formenos; h=To:Subject:From:Message-Id:Date:Sender:Reply-To:Cc:MIME-Version :Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=e0o2tw8QhpZiv3/8x5tsmRCZ35By9zi2Pr3d8qy6WJU=; b=HetAzT1yFJpGj7x8T4ZVE06cO8 g+sekR2Js3Dprw5YmCfXD8kg1/ovAh1USSdKRn97sXD45rtKndNKn6d3tyHNL3lStakme2XpAEc0g /fuKl/YI1kxOvly/c7qNhRBn5zMorhJo5IWdKQllqKXEC9M7oasSIFI1ncvBlpTE/kdzFiLbbD0Ot oZyyMy60PJQqHtzljaD77Pu/7aVl6CGesEYoTF8oqjOppeFMup0ybypaYLnH0MQjZFj9IPhu65TU0 MM5sgmbw8EECtsuDsShZmNlMTiq6kGfiTkVC9rJBe9ovREVX+fbUUwAweojR6ifbFIRr834okzQlT jRP5fc1A==; Received: from loth.rohan.me.apana.org.au ([192.168.167.2]) by formenos.hmeau.com with smtp (Exim 4.96 #2 (Debian)) id 1uBZT0-003EvE-0T; Sun, 04 May 2025 21:33:15 +0800 Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Sun, 04 May 2025 21:33:14 +0800 Date: Sun, 04 May 2025 21:33:14 +0800 Message-Id: <40527d5a34051a880c06fdcead0f566cc0e5a0ce.1746365585.git.herbert@gondor.apana.org.au> From: Herbert Xu Subject: [v2 PATCH 1/6] crypto: shash - Cap state size to HASH_MAX_STATESIZE To: Linux Crypto Mailing List Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Now that all shash algorithms have converted over to the generic export format, limit the shash state size to HASH_MAX_STATESIZE. Signed-off-by: Herbert Xu --- crypto/shash.c | 2 ++ include/crypto/hash.h | 5 ++++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/crypto/shash.c b/crypto/shash.c index c4a724e55d7a..44a6df3132ad 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -479,6 +479,8 @@ static int shash_prepare_alg(struct shash_alg *alg) if (alg->descsize > HASH_MAX_DESCSIZE) return -EINVAL; + if (alg->statesize > HASH_MAX_STATESIZE) + return -EINVAL; return 0; } diff --git a/include/crypto/hash.h b/include/crypto/hash.h index c2497c300a28..e0321b5ec363 100644 --- a/include/crypto/hash.h +++ b/include/crypto/hash.h @@ -167,8 +167,11 @@ struct shash_desc { #define HASH_MAX_DIGESTSIZE 64 +/* Worst case is sha3-224. */ +#define HASH_MAX_STATESIZE 200 + 144 + 1 + /* - * Worst case is hmac(sha-224-s390). Its context is a nested 'shash_desc' + * Worst case is hmac(sha3-224-s390). Its context is a nested 'shash_desc' * containing a 'struct s390_sha_ctx'. */ #define HASH_MAX_DESCSIZE (sizeof(struct shash_desc) + 360) From patchwork Sun May 4 13:33:16 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Herbert Xu X-Patchwork-Id: 887246 Received: from abb.hmeau.com (abb.hmeau.com [144.6.53.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D1D005258 for ; Sun, 4 May 2025 13:33:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=144.6.53.87 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746365603; cv=none; b=cjF4n7Pd2uPeWqK/cArdnJVjjeQViEGuuYyF2cArvbd6WUu8rJiZhRj7MqTtpu5rtYtfMIG/PUjn0FxrNFk1+dMuW3ba9x/SvEBMw8+/V8ne+xote6Gr9iGpivv8Mi5smh8Qg3wL6S3tX/s8K9F+9LsG276QTU4tSXPiC+J6gbU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746365603; c=relaxed/simple; bh=en3DEi/aKBieL14g79Y8TJelW6XI9U7A+Ws6i0KvwCo=; h=Date:Message-Id:In-Reply-To:References:From:Subject:To; b=VjWUZ5Ebu6MKqPqJTSOck92gilxAcEVfMosSmXjZagfPnsYyb4Qkbe2O60p5zUW7ALEhxeisJ6yGs+f8FwqcgHjzpZrm1MU9BSufnZOdjCQf2eCK+b1NNvgdjPg8SlvZsO/POvOMLqx2A6JwtXONgXIUBKft3llnaJ8fik0uzfI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au; spf=pass smtp.mailfrom=gondor.apana.org.au; dkim=pass (2048-bit key) header.d=hmeau.com header.i=@hmeau.com header.b=jJH+ji+t; arc=none smtp.client-ip=144.6.53.87 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=hmeau.com header.i=@hmeau.com header.b="jJH+ji+t" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=hmeau.com; s=formenos; h=To:Subject:From:References:In-Reply-To:Message-Id:Date:Sender: Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=cMvmYaUaZVtHzLwMxlNMTomOHOLyfsj7PZOjTF9uFEM=; b=jJH+ji+tvbQN0bm32VPMMyE6jV 5BlgUY0tLMMohj2FnehwjImxO5b1IbFuD6Ol+hS4gVQnfDblNbduAFakl6q29IUj/jFNVoA4Z/ky0 z2RiBXbL9BSTLkGGCmG9Tu/0jk5P77FXo/8UNJDwxosQehhsQZGgnt4SNcY5azKHcOtx0huqmkEkb sBby8lbLMJao92FjLn3vb31V9K5+HSFfx5QrTqdachfdQ3BGLRlH2eFlCVySlDtDcGT7lxMlygPVu pIu/cm1CGXdSLfWbBH8khSw0Iam/fjpZWxQ1/44y8BVmygW4BQVZq2b0Rlud9RjDd89gZx81/OrAP xI10MThQ==; Received: from loth.rohan.me.apana.org.au ([192.168.167.2]) by formenos.hmeau.com with smtp (Exim 4.96 #2 (Debian)) id 1uBZT2-003EvM-1X; Sun, 04 May 2025 21:33:17 +0800 Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Sun, 04 May 2025 21:33:16 +0800 Date: Sun, 04 May 2025 21:33:16 +0800 Message-Id: <643ea20fc76a882567cc627d682d6c07a563935d.1746365585.git.herbert@gondor.apana.org.au> In-Reply-To: <40527d5a34051a880c06fdcead0f566cc0e5a0ce.1746365585.git.herbert@gondor.apana.org.au> References: <40527d5a34051a880c06fdcead0f566cc0e5a0ce.1746365585.git.herbert@gondor.apana.org.au> From: Herbert Xu Subject: [v2 PATCH 2/6] crypto: shash - Mark shash algorithms as REQ_VIRT To: Linux Crypto Mailing List Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mark shash algorithms with the REQ_VIRT bit as they can handle virtual addresses as is. Signed-off-by: Herbert Xu --- crypto/shash.c | 1 + 1 file changed, 1 insertion(+) diff --git a/crypto/shash.c b/crypto/shash.c index 44a6df3132ad..dee391d47f51 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -450,6 +450,7 @@ static int shash_prepare_alg(struct shash_alg *alg) base->cra_type = &crypto_shash_type; base->cra_flags |= CRYPTO_ALG_TYPE_SHASH; + base->cra_flags |= CRYPTO_ALG_REQ_VIRT; /* * Handle missing optional functions. For each one we can either From patchwork Sun May 4 13:33:18 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Herbert Xu X-Patchwork-Id: 887636 Received: from abb.hmeau.com (abb.hmeau.com [144.6.53.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 173CFA32 for ; Sun, 4 May 2025 13:33:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=144.6.53.87 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746365605; cv=none; b=TscSv4P7CS5la0Insq3qTOOLrwyByxexe+GHaaAZh0fcxxb3WDLLeK9eDeYgXBBzix+p+goGzxmXchenOVRe682x/fUYxPes1sDn+9CS2Zge1ZTJZKqqMQM56WTyTsk0C5CF+uQPydb9NSz6nHl5ZI37T/5NMOi56ZJ1/lWGhI0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746365605; c=relaxed/simple; bh=AjpigdMvStGq/8+RKIzEswz6oKGx4FGsI1CQ24KhTc4=; h=Date:Message-Id:In-Reply-To:References:From:Subject:To; b=E7E3oCjSsQ7YLRLeg9SbGLJJUhuGCyJsEf1EBP3Scd/XzRxCyCDV9YKdq9B39WacBgZ+WoUL8eerN8bfcXouzk5KGIP5t/qqMwJWzNx3wWj/KKwrT8zyIbfheydBxwqZO6KA/FU+UJ7lGYE8fiTII5fOJBts9q+GZ1PeyrVc/E4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au; spf=pass smtp.mailfrom=gondor.apana.org.au; dkim=pass (2048-bit key) header.d=hmeau.com header.i=@hmeau.com header.b=JVt8DQqp; arc=none smtp.client-ip=144.6.53.87 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=hmeau.com header.i=@hmeau.com header.b="JVt8DQqp" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=hmeau.com; s=formenos; h=To:Subject:From:References:In-Reply-To:Message-Id:Date:Sender: Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=h6FUmZ1l0s1pz4j/U4DfDUiGPOyYIVKzlJHtsRce9JU=; b=JVt8DQqpvgVdgaMCkqP4zpCgxM POLSYmXy9uzMnscFB0/Fq7Hcpk5rR3gtvlFBJjpn11ypt5hLWE02Ee8HzmbjEJfh+RR+Ye+GaECaC AQMWpvI5RKrt1UPsHCGLIENhLXPzhcXO6H9Is7iRQ6uV8VmC3d37JvZuYiYzwBeYEwgUBivhq72rY L06epQvCsI/h6g6iq+4N1QrNjlmDbAljQ6VW/OfEpZHrxZ1FqfIgRLqrQ5+ixU9PniRgmRx8FX/+b TCjg+UxxDp2xo6xvloEZWhyAXSXjuBTwlkbbrh1HYzIUd5/3w4R1ViT0K9w0TDN/H+ZfgPDghbqxG OH237z7A==; Received: from loth.rohan.me.apana.org.au ([192.168.167.2]) by formenos.hmeau.com with smtp (Exim 4.96 #2 (Debian)) id 1uBZT4-003EvW-2a; Sun, 04 May 2025 21:33:19 +0800 Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Sun, 04 May 2025 21:33:18 +0800 Date: Sun, 04 May 2025 21:33:18 +0800 Message-Id: In-Reply-To: <40527d5a34051a880c06fdcead0f566cc0e5a0ce.1746365585.git.herbert@gondor.apana.org.au> References: <40527d5a34051a880c06fdcead0f566cc0e5a0ce.1746365585.git.herbert@gondor.apana.org.au> From: Herbert Xu Subject: [v2 PATCH 3/6] crypto: ahash - Enforce MAX_SYNC_HASH_REQSIZE for sync ahash To: Linux Crypto Mailing List Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: As sync ahash algorithms (currently there are none) are used without a fallback, ensure that they obey the MAX_SYNC_HASH_REQSIZE rule just like shash algorithms. Signed-off-by: Herbert Xu --- crypto/ahash.c | 27 ++++++++++++++++++--------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/crypto/ahash.c b/crypto/ahash.c index 57c131a13067..736e9fb5d0a4 100644 --- a/crypto/ahash.c +++ b/crypto/ahash.c @@ -760,23 +760,28 @@ static int crypto_ahash_init_tfm(struct crypto_tfm *tfm) tfm->exit = crypto_ahash_exit_tfm; - if (!alg->init_tfm) { - if (!tfm->__crt_alg->cra_init) - return 0; - + if (alg->init_tfm) + err = alg->init_tfm(hash); + else if (tfm->__crt_alg->cra_init) err = tfm->__crt_alg->cra_init(tfm); - if (err) - goto out_free_sync_hash; - + else return 0; - } - err = alg->init_tfm(hash); if (err) goto out_free_sync_hash; + if (!ahash_is_async(hash) && crypto_ahash_reqsize(hash) > + MAX_SYNC_HASH_REQSIZE) + goto out_exit_tfm; + return 0; +out_exit_tfm: + if (alg->exit_tfm) + alg->exit_tfm(hash); + else if (tfm->__crt_alg->cra_exit) + tfm->__crt_alg->cra_exit(tfm); + err = -EINVAL; out_free_sync_hash: crypto_free_ahash(fb); return err; @@ -954,6 +959,10 @@ static int ahash_prepare_alg(struct ahash_alg *alg) if (base->cra_reqsize && base->cra_reqsize < alg->halg.statesize) return -EINVAL; + if (!(base->cra_flags & CRYPTO_ALG_ASYNC) && + base->cra_reqsize > MAX_SYNC_HASH_REQSIZE) + return -EINVAL; + err = hash_prepare_alg(&alg->halg); if (err) return err; From patchwork Sun May 4 13:33:21 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Herbert Xu X-Patchwork-Id: 887245 Received: from abb.hmeau.com (abb.hmeau.com [144.6.53.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 520E55258 for ; Sun, 4 May 2025 13:33:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=144.6.53.87 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746365607; cv=none; b=oskc+M9nPsnmGQlzaMRRffhRPieUDgbRaD6IF8JW6kOhoKJZy2cmcKbiVH9fW4kqZPyuiaxNtYcOaVxYGyVTkJH2ZgSpKTFWtzOWGNuJsvb6zKLFejSACw+JYC5yV8YRbuFSWNnWyDDiS0LTKdPSUtAxIgdytMVOC/AUz0krjbQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746365607; c=relaxed/simple; bh=ccv+1Yj7LTXxMDcM6ByxvODFThdCAta09oLeroNhiA8=; h=Date:Message-Id:In-Reply-To:References:From:Subject:To; b=ub7aNe0Lrs/Zru4dYtEWXhbEJITZt+5c0A5V7rWq0bqnuCTBRsJ4ixd93EIUa34R/mguhuH2vdtIAm7A83MyARfTNuy9D6qCefM9PR3hq9Y8dR/5J+aYztY1uhzZGskQDUd2QkIUm4AEsxzJVrmrbiOAK929IfCuTnvaeMsCqF8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au; spf=pass smtp.mailfrom=gondor.apana.org.au; dkim=pass (2048-bit key) header.d=hmeau.com header.i=@hmeau.com header.b=BwJ1/nKg; arc=none smtp.client-ip=144.6.53.87 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=hmeau.com header.i=@hmeau.com header.b="BwJ1/nKg" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=hmeau.com; s=formenos; h=To:Subject:From:References:In-Reply-To:Message-Id:Date:Sender: Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=/3Tdo+OP2bu6FX/XrxAdXJ2+uIE3pk9zDESJ5TT3Ot8=; b=BwJ1/nKgv01WtVUGAI6r5uTGiw iilWdVHqo8uX5cnRJLThF3Cg9eeLshv3zoYH1OcZaoFC+uufAsCgNerVnXtIWKxH1LZUi06wF63gR BPfS+73LdG+9hVjU4/pM+GOfaAh5f8BqERZAirgIRcPMlCBhyVWlCWMhpHcAqNkx6r4wHdi5kKS4g bR2YEd+aLue5CT0PPD/ene5esw5OdRmT+kqDI1EnESwstN+2HONa8bZ1T3BkhUHlBQ2j7BNMrgGii PyVgmfOdYHCktdODbF7K08deTXVTlyfrt+HH+br8bI2jt8Mm+bjyBx94PGdQZgvcbA7NEmstaMWzJ xBK67GBA==; Received: from loth.rohan.me.apana.org.au ([192.168.167.2]) by formenos.hmeau.com with smtp (Exim 4.96 #2 (Debian)) id 1uBZT7-003Evh-0M; Sun, 04 May 2025 21:33:22 +0800 Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Sun, 04 May 2025 21:33:21 +0800 Date: Sun, 04 May 2025 21:33:21 +0800 Message-Id: In-Reply-To: <40527d5a34051a880c06fdcead0f566cc0e5a0ce.1746365585.git.herbert@gondor.apana.org.au> References: <40527d5a34051a880c06fdcead0f566cc0e5a0ce.1746365585.git.herbert@gondor.apana.org.au> From: Herbert Xu Subject: [v2 PATCH 4/6] crypto: ahash - Add core export and import To: Linux Crypto Mailing List Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Add crypto_ahash_export_core and crypto_ahash_import_core. For now they only differ from the normal export/import functions when going through shash. Signed-off-by: Herbert Xu --- crypto/ahash.c | 25 ++++++++++++++++++++++++- include/crypto/hash.h | 24 ++++++++++++++++++++++++ 2 files changed, 48 insertions(+), 1 deletion(-) diff --git a/crypto/ahash.c b/crypto/ahash.c index 736e9fb5d0a4..344bf1b43e71 100644 --- a/crypto/ahash.c +++ b/crypto/ahash.c @@ -698,6 +698,16 @@ static int ahash_def_finup(struct ahash_request *req) return ahash_def_finup_finish1(req, err); } +int crypto_ahash_export_core(struct ahash_request *req, void *out) +{ + struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); + + if (likely(tfm->using_shash)) + return crypto_shash_export_core(ahash_request_ctx(req), out); + return crypto_ahash_alg(tfm)->export(req, out); +} +EXPORT_SYMBOL_GPL(crypto_ahash_export_core); + int crypto_ahash_export(struct ahash_request *req, void *out) { struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); @@ -708,6 +718,19 @@ int crypto_ahash_export(struct ahash_request *req, void *out) } EXPORT_SYMBOL_GPL(crypto_ahash_export); +int crypto_ahash_import_core(struct ahash_request *req, const void *in) +{ + struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); + + if (likely(tfm->using_shash)) + return crypto_shash_import_core(prepare_shash_desc(req, tfm), + in); + if (crypto_ahash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) + return -ENOKEY; + return crypto_ahash_alg(tfm)->import(req, in); +} +EXPORT_SYMBOL_GPL(crypto_ahash_import_core); + int crypto_ahash_import(struct ahash_request *req, const void *in) { struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); @@ -716,7 +739,7 @@ int crypto_ahash_import(struct ahash_request *req, const void *in) return crypto_shash_import(prepare_shash_desc(req, tfm), in); if (crypto_ahash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) return -ENOKEY; - return crypto_ahash_alg(tfm)->import(req, in); + return crypto_ahash_import_core(req, in); } EXPORT_SYMBOL_GPL(crypto_ahash_import); diff --git a/include/crypto/hash.h b/include/crypto/hash.h index e0321b5ec363..1760662ad70a 100644 --- a/include/crypto/hash.h +++ b/include/crypto/hash.h @@ -506,6 +506,18 @@ int crypto_ahash_digest(struct ahash_request *req); */ int crypto_ahash_export(struct ahash_request *req, void *out); +/** + * crypto_ahash_export_core() - extract core state for message digest + * @req: reference to the ahash_request handle whose state is exported + * @out: output buffer of sufficient size that can hold the hash state + * + * Export the hash state without the partial block buffer. + * + * Context: Softirq or process context. + * Return: 0 if the export creation was successful; < 0 if an error occurred + */ +int crypto_ahash_export_core(struct ahash_request *req, void *out); + /** * crypto_ahash_import() - import message digest state * @req: reference to ahash_request handle the state is imported into @@ -519,6 +531,18 @@ int crypto_ahash_export(struct ahash_request *req, void *out); */ int crypto_ahash_import(struct ahash_request *req, const void *in); +/** + * crypto_ahash_import_core() - import core state + * @req: reference to ahash_request handle the state is imported into + * @in: buffer holding the state + * + * Import the hash state without the partial block buffer. + * + * Context: Softirq or process context. + * Return: 0 if the import was successful; < 0 if an error occurred + */ +int crypto_ahash_import_core(struct ahash_request *req, const void *in); + /** * crypto_ahash_init() - (re)initialize message digest handle * @req: ahash_request handle that already is initialized with all necessary From patchwork Sun May 4 13:33:23 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Herbert Xu X-Patchwork-Id: 887635 Received: from abb.hmeau.com (abb.hmeau.com [144.6.53.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 699E8A32 for ; Sun, 4 May 2025 13:33:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=144.6.53.87 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746365609; cv=none; b=aoKIq7M84T7IumZha880L+uxE+iuWqNViwmUc90kP3s89wJuE/48w9GB09+apveBmJL/VK7E5Ld7vaE2w9aiaevnHwqglbKLLYO1W6YJoMPVA5VdKnr/EEA8RSwFmLX9tf3Z25PukPj2csuaCpbQ2AcEmXeo5mEGdDZJi5a1cUw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746365609; c=relaxed/simple; bh=BgzhxGjnqY5LUUCLXZPGjq4nT49agr+tT+qaZ8+Twbo=; h=Date:Message-Id:In-Reply-To:References:From:Subject:To; b=eJPGNTFn6Z71wTPK5bNFyMNi+zx5rquKNR6V3CWcVYqiufbmYc4j8Xyz0dVxYtajydgzCBfdd0ujOhKYggvMNgoFmT8+gdwGCkm20+Urx3rP8zGdqHpdDrqOKJ2RbNyxhS9OiPQFwAyarc6zu09zJjWKEkVNLiXzmqxdaHYALcE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au; spf=pass smtp.mailfrom=gondor.apana.org.au; dkim=pass (2048-bit key) header.d=hmeau.com header.i=@hmeau.com header.b=PK3a2NZF; arc=none smtp.client-ip=144.6.53.87 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=hmeau.com header.i=@hmeau.com header.b="PK3a2NZF" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=hmeau.com; s=formenos; h=To:Subject:From:References:In-Reply-To:Message-Id:Date:Sender: Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=ZC1Ny0UCdTSvINmdaaizREFFvCuRoZZ3/HLuZrgw40I=; b=PK3a2NZFBQLFWWDcqrPaohZiJr LE4lXvEjd8kx07gC+FP+8W06hqZjevPIVoaUycRE91zrCwSxVyJ3fQDPLNK9QVLbaOtX25SeAIp0r c19kWvxvcAiSBkfuOOnWRgsY0cMm1SJQMPZ7V2xNpEDAs/QwzckjKXjVLNbpQny9I2B1iG5SyRIx/ +UcN8luvcHRPWBCXjf2/awNc45XkJOeXb7xhBc5ypo6h9FD0hGTgvaGcLPl0O+eS23xz/2fKdO0d9 +wsNSTq9+xOIHvvJqy8gnx4K8+HHlXpCAV3k3tQd7Pa5J5YWaPTdq9KZU5pwnUKZ3v5kFGcIvLJcK IPNqYkgw==; Received: from loth.rohan.me.apana.org.au ([192.168.167.2]) by formenos.hmeau.com with smtp (Exim 4.96 #2 (Debian)) id 1uBZT9-003Evs-1E; Sun, 04 May 2025 21:33:24 +0800 Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Sun, 04 May 2025 21:33:23 +0800 Date: Sun, 04 May 2025 21:33:23 +0800 Message-Id: <5ace4b5c14b466dfe51b1b24cb6ed304dc2bf8e5.1746365585.git.herbert@gondor.apana.org.au> In-Reply-To: <40527d5a34051a880c06fdcead0f566cc0e5a0ce.1746365585.git.herbert@gondor.apana.org.au> References: <40527d5a34051a880c06fdcead0f566cc0e5a0ce.1746365585.git.herbert@gondor.apana.org.au> From: Herbert Xu Subject: [v2 PATCH 5/6] crypto: ahash - Add HASH_REQUEST_ZERO To: Linux Crypto Mailing List Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Add a helper to zero hash stack requests that were never cloned off the stack. Signed-off-by: Herbert Xu --- include/crypto/internal/hash.h | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/include/crypto/internal/hash.h b/include/crypto/internal/hash.h index e911f32f46dc..f2bbdb74e11a 100644 --- a/include/crypto/internal/hash.h +++ b/include/crypto/internal/hash.h @@ -301,5 +301,9 @@ static inline unsigned int crypto_shash_coresize(struct crypto_shash *tfm) return crypto_shash_statesize(tfm) - crypto_shash_blocksize(tfm) - 1; } +/* This can only be used if the request was never cloned. */ +#define HASH_REQUEST_ZERO(name) \ + memzero_explicit(__##name##_req, sizeof(__##name##_req)) + #endif /* _CRYPTO_INTERNAL_HASH_H */ From patchwork Sun May 4 13:33:25 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Herbert Xu X-Patchwork-Id: 887244 Received: from abb.hmeau.com (abb.hmeau.com [144.6.53.87]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EE76217996 for ; Sun, 4 May 2025 13:33:29 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=144.6.53.87 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746365612; cv=none; b=ZytXMWpKtfXRxXLWkdGEJGdWy2XKqnpG5jLe1XrdWxkYELZ9k3ATto9mlJK3AvmRGiqCNWHoE0di6EixGEfCLZ3TzNXJdBsXurxIjFpeJDyMkpeSaNFKY08uU8tvmlF/E9cvgHUmFZemyOl6HmovWuYupFt3bc2xjGzgBV4I0M0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746365612; c=relaxed/simple; bh=AhBkyBGCZSS1tbHAqF8aatgaPdimMv7f1DcGybq1tDs=; h=Date:Message-Id:In-Reply-To:References:From:Subject:To; b=GjaDuVT1hDHTatkU0+r43p0GzSDzDPUPjzYWEf1BpqyO1Xzprbo+pscUNLTnIcsSWsiwUNfbb5vuuGgw3SvKFXp1aO+rN4cX4YtmyMrI1xJ0YNwOqV/07UU7kqHtauPchwXy2cdPa5+Jr6aPguUyy3Ux75t+nRJsPI8yewsjY8A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au; spf=pass smtp.mailfrom=gondor.apana.org.au; dkim=pass (2048-bit key) header.d=hmeau.com header.i=@hmeau.com header.b=NzEvPtZ4; arc=none smtp.client-ip=144.6.53.87 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gondor.apana.org.au Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=hmeau.com header.i=@hmeau.com header.b="NzEvPtZ4" DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=hmeau.com; s=formenos; h=To:Subject:From:References:In-Reply-To:Message-Id:Date:Sender: Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=VQKiF4E97hrhPRFDvAOT3k2r6H930Y06mq1s/XY5LYQ=; b=NzEvPtZ4KvcSBRJdfddWhEwtgL Sc2pQyHnmJ8KZZuma/ccTua7YYT8KcJ0cqwkHAndrlMbreyBhsZjrKykS1RGFseHRVqhLu/uTqija qLCQlqzy2M//16Y8K/lBZ6k40fc2HwPwKJblJ69FDsnNpYNKl8/84tFAntgC97FFSEmduWt1iF4Dl xH0m6TlB5oI5D6fyWMno7IAFliEcqK29J83piUOwy1PwfV1t++LmzYoUL9Ibh9+Ybm6406BXEevHx pY5eFW6r9gPzlEdfn6e4mWMAzPGPo73w9wLxNK4zmbRppYbdR4r7ol5hug3uz6UzXwOYyZgfBmN9O TKBJCgXQ==; Received: from loth.rohan.me.apana.org.au ([192.168.167.2]) by formenos.hmeau.com with smtp (Exim 4.96 #2 (Debian)) id 1uBZTB-003Ew3-2D; Sun, 04 May 2025 21:33:26 +0800 Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Sun, 04 May 2025 21:33:25 +0800 Date: Sun, 04 May 2025 21:33:25 +0800 Message-Id: <925947988bb2e72610c9e7fc1e889dd0c689222d.1746365585.git.herbert@gondor.apana.org.au> In-Reply-To: <40527d5a34051a880c06fdcead0f566cc0e5a0ce.1746365585.git.herbert@gondor.apana.org.au> References: <40527d5a34051a880c06fdcead0f566cc0e5a0ce.1746365585.git.herbert@gondor.apana.org.au> From: Herbert Xu Subject: [v2 PATCH 6/6] crypto: padlock-sha - Use core import and export for fallback To: Linux Crypto Mailing List Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: As padlock-sha is block-only, it needs to use core import and export on the fallback. Also call sha256_block_init instead of sha256_init although this is harmless as sha256_init doesn't write into the partial block area. Fixes: 63dc06cd12f9 ("crypto: padlock-sha - Use API partial block handling") Signed-off-by: Herbert Xu --- drivers/crypto/padlock-sha.c | 34 ++++++++++++++++++++-------------- 1 file changed, 20 insertions(+), 14 deletions(-) diff --git a/drivers/crypto/padlock-sha.c b/drivers/crypto/padlock-sha.c index c89b9c6b5f4c..329f60ad422e 100644 --- a/drivers/crypto/padlock-sha.c +++ b/drivers/crypto/padlock-sha.c @@ -42,27 +42,33 @@ static int padlock_sha1_init(struct shash_desc *desc) static int padlock_sha256_init(struct shash_desc *desc) { - struct sha256_state *sctx = padlock_shash_desc_ctx(desc); + struct crypto_sha256_state *sctx = padlock_shash_desc_ctx(desc); - sha256_init(sctx); + sha256_block_init(sctx); return 0; } static int padlock_sha_update(struct shash_desc *desc, const u8 *data, unsigned int length) { - struct padlock_sha_ctx *ctx = crypto_shash_ctx(desc->tfm); u8 *state = padlock_shash_desc_ctx(desc); - HASH_REQUEST_ON_STACK(req, ctx->fallback); - int remain; + struct crypto_shash *tfm = desc->tfm; + int err, remain; - ahash_request_set_callback(req, 0, NULL, NULL); - ahash_request_set_virt(req, data, NULL, length); - remain = crypto_ahash_import(req, state) ?: - crypto_ahash_update(req); - if (remain < 0) - return remain; - return crypto_ahash_export(req, state) ?: remain; + remain = length - round_down(length, crypto_shash_blocksize(tfm)); + { + struct padlock_sha_ctx *ctx = crypto_shash_ctx(tfm); + HASH_REQUEST_ON_STACK(req, ctx->fallback); + + ahash_request_set_callback(req, 0, NULL, NULL); + ahash_request_set_virt(req, data, NULL, length - remain); + err = crypto_ahash_import_core(req, state) ?: + crypto_ahash_update(req) ?: + crypto_ahash_export_core(req, state); + HASH_REQUEST_ZERO(req); + } + + return err ?: remain; } static int padlock_sha_export(struct shash_desc *desc, void *out) @@ -101,7 +107,7 @@ static int padlock_sha_finup(struct shash_desc *desc, const u8 *in, ahash_request_set_callback(req, 0, NULL, NULL); ahash_request_set_virt(req, in, out, count); - return crypto_ahash_import(req, padlock_shash_desc_ctx(desc)) ?: + return crypto_ahash_import_core(req, padlock_shash_desc_ctx(desc)) ?: crypto_ahash_finup(req); } @@ -165,7 +171,7 @@ static int padlock_init_tfm(struct crypto_shash *hash) return PTR_ERR(fallback_tfm); } - if (crypto_shash_statesize(hash) < + if (crypto_shash_statesize(hash) != crypto_ahash_statesize(fallback_tfm)) { crypto_free_ahash(fallback_tfm); return -EINVAL;