From patchwork Mon May 5 20:33:40 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 887617 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 67E8C26F444; Mon, 5 May 2025 20:37:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746477436; cv=none; b=RGzgI4OHFNK/qQM2bvyqcPr4gmYebeR+QACsD8DxxDwcjm1CV4ip1wjhkKk9y9D3sEwQAigBD/2ljO5rkI0B7OZkkhyo6u7rM9YNJGgX41kfDCSfMeaREGkQ6E0vXff6X6E6oKFKJLe9Zld3dU/thVhsq7WVFm6CO9UZE4bQSsM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746477436; c=relaxed/simple; bh=zLJNQbTBpTtCkwbzaJ94Y+qs9Gluucy9HpN7NqXx5bM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=GEw+N/SU5ZUzK3tkCwsa8gXf0jhvip2t5pw2VSBiG7l+MD5xgKPHayv09w6BQOUdrn6wkv6uVsUij1GQR3o8k6LEG5MpBzdKVNdykhHxNijPs3G3V7O+bNWKNEqgavsH1le3GYlWjtj1swclNwK2Hv7Nw0l3i934aocuVYCqsA4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=jc7XqS8d; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="jc7XqS8d" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A9917C4CEED; Mon, 5 May 2025 20:37:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1746477435; bh=zLJNQbTBpTtCkwbzaJ94Y+qs9Gluucy9HpN7NqXx5bM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=jc7XqS8dS/NpJkiQO2+I+i3mG1b3NSqmWPHpIBjOPrlxUcj5fjqb3bTmsykH9huLS +zwG7qI8xqnbylr1qv/qOZuCJOcFAFrZawhEb77FIhWHYsSMuJWp312NrLV9c2471m 8tcwY/85MEyAAvIcAAEiweMubtdWGxUjAhn882zXJoSsJ4qhLfEIbpMxFp81vbLuYv G3E9u9QIavNJfXMo8R4WSpM4AIszNIZNh5pMZ98SrAU/RUq5sIZg/HZ2/IbBG0P8g1 /zb7Hii3XJ9sCiJihd+gSy2EqwQBMyEGqNkYYXpEcZG4jnXVVW7jwossHl3UVVAiJZ UYzkN1SJGC/Wg== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Subject: [PATCH v3 2/7] crypto: testmgr - remove panic_on_fail Date: Mon, 5 May 2025 13:33:40 -0700 Message-ID: <20250505203345.802740-3-ebiggers@kernel.org> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250505203345.802740-1-ebiggers@kernel.org> References: <20250505203345.802740-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Eric Biggers The cryptomgr.panic_on_fail=1 kernel command-line parameter is not very useful now that the tests have been fixed to WARN on failure, since developers can just use panic_on_warn=1 instead. There's no need for a special option just for the crypto self-tests. Remove it. Signed-off-by: Eric Biggers --- crypto/testmgr.c | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index f100be516f52..1c71616ae2cf 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -43,13 +43,10 @@ MODULE_IMPORT_NS("CRYPTO_INTERNAL"); static bool notests; module_param(notests, bool, 0644); MODULE_PARM_DESC(notests, "disable crypto self-tests"); -static bool panic_on_fail; -module_param(panic_on_fail, bool, 0444); - #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS static bool noextratests; module_param(noextratests, bool, 0644); MODULE_PARM_DESC(noextratests, "disable expensive crypto self-tests"); @@ -5852,15 +5849,14 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask) rc |= alg_test_descs[j].test(alg_test_descs + j, driver, type, mask); test_done: if (rc) { - if (fips_enabled || panic_on_fail) { + if (fips_enabled) { fips_fail_notify(); - panic("alg: self-tests for %s (%s) failed in %s mode!\n", - driver, alg, - fips_enabled ? "fips" : "panic_on_fail"); + panic("alg: self-tests for %s (%s) failed in fips mode!\n", + driver, alg); } pr_warn("alg: self-tests for %s using %s failed (rc=%d)", alg, driver, rc); WARN(rc != -ENOENT, "alg: self-tests for %s using %s failed (rc=%d)", From patchwork Mon May 5 20:33:43 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 887616 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C5DF92701D7; Mon, 5 May 2025 20:37:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746477436; cv=none; b=rB4pSK45QEg53bIXdwHCzVwQ7lSD2QYRRKFBpZ38oA8FnwmpwqgIPKeOdgruYFeIyQNpbV1GKpIAoNBn7/etOPQsFplvaqcIuLBYF1WmRKWAPKjyAENQRwj2tvhvvb+spKNRfiZXyD2ZP/kR5UY0pnxxe1nEAexDsQB9deM7Dxk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746477436; c=relaxed/simple; bh=sZJXduD5Swr1H+smumPscoQKH6AGaXCzOQJ3PgpB5kQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=XPh13LpwTkh4QeUQCve/rdqMlYBzSTEy1ssfwllzrqSDjxvIDxp1mhRYzIrLTgUDjUXTOPUyCZBFx0DG86WnTsNCbWg5qmQrmRAlzGLBKT6VfoFklsvVsBEvBWLoLdkd7BFYYf/IrW9lJiAl2D3gi4iRS2REpmshxMIAIyk1arI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=F16rXTKp; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="F16rXTKp" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 547C9C4CEE4; Mon, 5 May 2025 20:37:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1746477436; bh=sZJXduD5Swr1H+smumPscoQKH6AGaXCzOQJ3PgpB5kQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=F16rXTKpgp5ndwUumEaFEudvDlQO2uuz7wNanTX+mQ9iSV0npsVu5OWfybjOPqKi7 X5YKwVqALQ1GImOqOy73znfAsqFV+SriAfKHkgGzFiHikNeTkQixuACyS884HeFZfC ZQ4J5VaEO8g4UsTD4otxr4Plpt2guhI11SaTIYl4cPb1poSWfq0oZ8W752T3p4DRfD rUNLW7NQNd54fZHUzD4ArrNeISy0Wk3ie7Y7tiKUe504E9Zn9oIJf8BDxVUDPcY4g0 ktDzuFMltgb4ZP2TFp6Ycbw1SvDF5IzkUgYuM/tdby6MjGSFGl0QordmwbwRV+hU7U mcAceHfD3L05g== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Subject: [PATCH v3 5/7] crypto: testmgr - rename noextratests to noslowtests Date: Mon, 5 May 2025 13:33:43 -0700 Message-ID: <20250505203345.802740-6-ebiggers@kernel.org> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250505203345.802740-1-ebiggers@kernel.org> References: <20250505203345.802740-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Eric Biggers Rename the noextratests module parameter to noslowtests, and replace other remaining mentions of "extra" in the code with "slow". This addresses confusion regarding the word "extra" like that seen at https://lore.kernel.org/r/6cecf2de-9aa0-f6ea-0c2d-8e974a1a820b@huawei.com/. Signed-off-by: Eric Biggers --- crypto/testmgr.c | 41 ++++++++++++++++++++--------------------- 1 file changed, 20 insertions(+), 21 deletions(-) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index a6707cda8328..fc28000c27f5 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -41,15 +41,15 @@ MODULE_IMPORT_NS("CRYPTO_INTERNAL"); static bool notests; module_param(notests, bool, 0644); -MODULE_PARM_DESC(notests, "disable crypto self-tests"); +MODULE_PARM_DESC(notests, "disable all crypto self-tests"); -static bool noextratests; -module_param(noextratests, bool, 0644); -MODULE_PARM_DESC(noextratests, "disable expensive crypto self-tests"); +static bool noslowtests; +module_param(noslowtests, bool, 0644); +MODULE_PARM_DESC(noslowtests, "disable slow crypto self-tests"); static unsigned int fuzz_iterations = 100; module_param(fuzz_iterations, uint, 0644); MODULE_PARM_DESC(fuzz_iterations, "number of fuzz test iterations"); @@ -1672,11 +1672,11 @@ static int test_hash_vec(const struct hash_testvec *vec, unsigned int vec_num, req, desc, tsgl, hashstate); if (err) return err; } - if (!noextratests) { + if (!noslowtests) { struct rnd_state rng; struct testvec_config cfg; char cfgname[TESTVEC_CONFIG_NAMELEN]; init_rnd_state(&rng); @@ -1762,11 +1762,11 @@ static int test_hash_vs_generic_impl(const char *generic_driver, char vec_name[64]; struct testvec_config *cfg; char cfgname[TESTVEC_CONFIG_NAMELEN]; int err; - if (noextratests) + if (noslowtests) return 0; init_rnd_state(&rng); if (!generic_driver) { /* Use default naming convention? */ @@ -2230,11 +2230,11 @@ static int test_aead_vec(int enc, const struct aead_testvec *vec, req, tsgls); if (err) return err; } - if (!noextratests) { + if (!noslowtests) { struct rnd_state rng; struct testvec_config cfg; char cfgname[TESTVEC_CONFIG_NAMELEN]; init_rnd_state(&rng); @@ -2250,11 +2250,11 @@ static int test_aead_vec(int enc, const struct aead_testvec *vec, } } return 0; } -struct aead_extra_tests_ctx { +struct aead_slow_tests_ctx { struct rnd_state rng; struct aead_request *req; struct crypto_aead *tfm; const struct alg_test_desc *test_desc; struct cipher_test_sglists *tsgls; @@ -2425,12 +2425,11 @@ static void generate_random_aead_testvec(struct rnd_state *rng, snprintf(name, max_namelen, "\"random: alen=%u plen=%u authsize=%u klen=%u novrfy=%d\"", vec->alen, vec->plen, authsize, vec->klen, vec->novrfy); } -static void try_to_generate_inauthentic_testvec( - struct aead_extra_tests_ctx *ctx) +static void try_to_generate_inauthentic_testvec(struct aead_slow_tests_ctx *ctx) { int i; for (i = 0; i < 10; i++) { generate_random_aead_testvec(&ctx->rng, ctx->req, &ctx->vec, @@ -2445,11 +2444,11 @@ static void try_to_generate_inauthentic_testvec( /* * Generate inauthentic test vectors (i.e. ciphertext, AAD pairs that aren't the * result of an encryption with the key) and verify that decryption fails. */ -static int test_aead_inauthentic_inputs(struct aead_extra_tests_ctx *ctx) +static int test_aead_inauthentic_inputs(struct aead_slow_tests_ctx *ctx) { unsigned int i; int err; for (i = 0; i < fuzz_iterations * 8; i++) { @@ -2480,11 +2479,11 @@ static int test_aead_inauthentic_inputs(struct aead_extra_tests_ctx *ctx) /* * Test the AEAD algorithm against the corresponding generic implementation, if * one is available. */ -static int test_aead_vs_generic_impl(struct aead_extra_tests_ctx *ctx) +static int test_aead_vs_generic_impl(struct aead_slow_tests_ctx *ctx) { struct crypto_aead *tfm = ctx->tfm; const char *algname = crypto_aead_alg(tfm)->base.cra_name; const char *driver = crypto_aead_driver_name(tfm); const char *generic_driver = ctx->test_desc->generic_driver; @@ -2584,19 +2583,19 @@ static int test_aead_vs_generic_impl(struct aead_extra_tests_ctx *ctx) crypto_free_aead(generic_tfm); aead_request_free(generic_req); return err; } -static int test_aead_extra(const struct alg_test_desc *test_desc, - struct aead_request *req, - struct cipher_test_sglists *tsgls) +static int test_aead_slow(const struct alg_test_desc *test_desc, + struct aead_request *req, + struct cipher_test_sglists *tsgls) { - struct aead_extra_tests_ctx *ctx; + struct aead_slow_tests_ctx *ctx; unsigned int i; int err; - if (noextratests) + if (noslowtests) return 0; ctx = kzalloc(sizeof(*ctx), GFP_KERNEL); if (!ctx) return -ENOMEM; @@ -2699,11 +2698,11 @@ static int alg_test_aead(const struct alg_test_desc *desc, const char *driver, err = test_aead(DECRYPT, suite, req, tsgls); if (err) goto out; - err = test_aead_extra(desc, req, tsgls); + err = test_aead_slow(desc, req, tsgls); out: free_cipher_test_sglists(tsgls); aead_request_free(req); crypto_free_aead(tfm); return err; @@ -2973,11 +2972,11 @@ static int test_skcipher_vec(int enc, const struct cipher_testvec *vec, req, tsgls); if (err) return err; } - if (!noextratests) { + if (!noslowtests) { struct rnd_state rng; struct testvec_config cfg; char cfgname[TESTVEC_CONFIG_NAMELEN]; init_rnd_state(&rng); @@ -3075,11 +3074,11 @@ static int test_skcipher_vs_generic_impl(const char *generic_driver, char vec_name[64]; struct testvec_config *cfg; char cfgname[TESTVEC_CONFIG_NAMELEN]; int err; - if (noextratests) + if (noslowtests) return 0; init_rnd_state(&rng); if (!generic_driver) { /* Use default naming convention? */ @@ -5707,11 +5706,11 @@ static void alg_check_testvec_configs(void) static void testmgr_onetime_init(void) { alg_check_test_descs_order(); alg_check_testvec_configs(); - if (!noextratests) + if (!noslowtests) pr_warn("alg: full crypto tests enabled. This is intended for developer use only.\n"); } static int alg_find_test(const char *alg) { From patchwork Mon May 5 20:33:45 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Biggers X-Patchwork-Id: 887615 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EE451270570; Mon, 5 May 2025 20:37:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746477437; cv=none; b=UfPJyOcPnL8uRdlHrKxs+1/MvCZ9D62CYBMsDFSiLLW+BXnnrEaYnnRqYZYFSwO3PCxA6Tik3wefrDRjHWAdjumQYh3Vuko8G6MNuXVgq0UPTYPgNQg1vLkXifR6i+h1fEG/jIZ10qrS2vrYcaULs6H9kuIF5rS8a5Cat0iA5xU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1746477437; c=relaxed/simple; bh=86AotSM9q0N0N6slvANNauE9kd/qOH9P5rB82f/dZKk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=AfjUS4B2qBXeRe48Dgz4IHHQEQhNDquz3WTTKeu5/HxRCJFU5N9Z/GHYu3Ef9eXre61EfNEyHubBqHhmn4qJoYhH6lqplVg/6dtuB9q+G9dDDJ0XWJU6NloexofU3qmxVvGQNN03E5b5Xh6XJBIVTov1kyTqpnI4X109n8F8U+I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Grg81EGV; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Grg81EGV" Received: by smtp.kernel.org (Postfix) with ESMTPSA id BE15EC4CEF6; Mon, 5 May 2025 20:37:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1746477436; bh=86AotSM9q0N0N6slvANNauE9kd/qOH9P5rB82f/dZKk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Grg81EGVc5okSAWPbGbDILLSEEWE1Xs7adMPzKfTDj8r7B8PwW1a5+H5QnS6OhJiu Tjnn5h8Lec/piaWwDoDJ5SRtIzhcnNr3KXGYGq7K1y7oK3u08QPsG8s+JFWyyl01Lf bmbDENx/gDyBAu+FRdLnxbZn0CMFpKAqkmAtT1UZ5+QBvMC9SWFV3gpdH44EqsX1xy JBXFK5hlyn3byoL8LsFMCl3XJWRL767hT05CZzfdj1oducznViZUZN73gGehjQDNdZ MTxEN2I5RQfxMl2bKwVdUq13LPSUrlun93I/2dgr7xSdNkTjKfyPgJNz5E997DdkKQ KOylSXDWOgi5Q== From: Eric Biggers To: linux-crypto@vger.kernel.org Cc: linux-kernel@vger.kernel.org Subject: [PATCH v3 7/7] crypto: testmgr - enable CRYPTO_MANAGER when CRYPTO_SELFTESTS Date: Mon, 5 May 2025 13:33:45 -0700 Message-ID: <20250505203345.802740-8-ebiggers@kernel.org> X-Mailer: git-send-email 2.49.0 In-Reply-To: <20250505203345.802740-1-ebiggers@kernel.org> References: <20250505203345.802740-1-ebiggers@kernel.org> Precedence: bulk X-Mailing-List: linux-crypto@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Eric Biggers crypto/testmgr.c is compiled only when CRYPTO_MANAGER is enabled. To make CRYPTO_SELFTESTS work as expected when CRYPTO_MANAGER doesn't get enabled for another reason, automatically set CRYPTO_MANAGER to the value of CRYPTO_ALGAPI when CRYPTO_SELFTESTS is enabled. Signed-off-by: Eric Biggers --- crypto/Kconfig | 5 +++-- crypto/algapi.c | 3 +-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/crypto/Kconfig b/crypto/Kconfig index f160537a5550..24955eb56045 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -147,14 +147,15 @@ config CRYPTO_HKDF select CRYPTO_SHA512 if CRYPTO_SELFTESTS select CRYPTO_HASH2 config CRYPTO_MANAGER tristate + default CRYPTO_ALGAPI if CRYPTO_SELFTESTS select CRYPTO_MANAGER2 help - Create default cryptographic template instantiations such as - cbc(aes). + This provides the support for instantiating templates such as + cbc(aes), and the support for the crypto self-tests. config CRYPTO_MANAGER2 def_tristate CRYPTO_MANAGER || (CRYPTO_MANAGER!=n && CRYPTO_ALGAPI=y) select CRYPTO_ACOMP2 select CRYPTO_AEAD2 diff --git a/crypto/algapi.c b/crypto/algapi.c index 9030a30c89e8..25b5519e3b71 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -272,12 +272,11 @@ static void crypto_alg_finish_registration(struct crypto_alg *alg, static struct crypto_larval *crypto_alloc_test_larval(struct crypto_alg *alg) { struct crypto_larval *larval; - if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER) || - !IS_ENABLED(CONFIG_CRYPTO_SELFTESTS) || + if (!IS_ENABLED(CONFIG_CRYPTO_SELFTESTS) || (alg->cra_flags & CRYPTO_ALG_INTERNAL)) return NULL; /* No self-test needed */ larval = crypto_larval_alloc(alg->cra_name, alg->cra_flags | CRYPTO_ALG_TESTED, 0);