From: Herbert Xu <herbert@gondor.apana.org.au> Date: Wed, 27 Aug 2008 10:18:36 +1000 Subject: [CRYPTO] api - Use test infrastructure Message-id: E1KY8k8-0002He-00@gondolin.me.apana.org.au O-Subject: [PATCH 14/19] crypto: api - Use test infrastructure Bugzilla: 446522 RHEL5 bugzilla #446522 crypto: api - Use test infrastructure This patch makes use of the new testing infrastructure by requiring algorithms to pass a run-time test before they're made available to users. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> diff --git a/crypto/Makefile b/crypto/Makefile index 54217ef..23e36b9 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -5,7 +5,7 @@ proc-crypto-$(CONFIG_PROC_FS) = proc.o obj-$(CONFIG_CRYPTO) += api.o scatterwalk.o cipher.o digest.o compress.o \ - $(proc-crypto-y) + testmgr_digest.o $(proc-crypto-y) crypto_algapi-objs := algapi.o ncipher.o nscatterwalk.o obj-$(CONFIG_CRYPTO_ALGAPI) += crypto_algapi.o @@ -25,7 +25,6 @@ obj-$(CONFIG_CRYPTO_HASH) += crypto_hash.o obj-$(CONFIG_CRYPTO_API) += crypto_api.o obj-$(CONFIG_CRYPTO_MANAGER) += cryptomgr.o obj-$(CONFIG_CRYPTO_MANAGER) += testmgr.o -obj-$(CONFIG_CRYPTO_MANAGER) += testmgr_digest.o obj-$(CONFIG_CRYPTO_HMAC) += hmac_old.o obj-$(CONFIG_CRYPTO_NHMAC) += hmac.o obj-$(CONFIG_CRYPTO_XCBC) += xcbc.o diff --git a/crypto/algapi.c b/crypto/algapi.c index f600431..23b5bc8 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -21,6 +21,8 @@ #include "ninternal.h" +static void crypto_remove_final(struct list_head *list); + static LIST_HEAD(crypto_template_list); void crypto_larval_error(const char *name, u32 type, u32 mask) @@ -128,23 +130,97 @@ static void crypto_remove_spawns(struct list_head *spawns, } } -static int __crypto_register_alg(struct ncrypto_alg *alg, - struct list_head *list) +static struct crypto_larval *__crypto_register_alg(struct ncrypto_alg *alg) { struct ncrypto_alg *q; + struct crypto_larval *larval; int ret = -EAGAIN; if (crypto_is_dead(alg)) - goto out; + goto err; INIT_LIST_HEAD(&alg->cra_users); + /* No cheating! */ + alg->cra_flags &= ~NCRYPTO_ALG_TESTED; + ret = -EEXIST; atomic_set(&alg->cra_refcnt, 1); list_for_each_entry(q, &ncrypto_alg_list, cra_list) { if (q == alg) - goto out; + goto err; + + if (crypto_is_larval(q)) { + if (!strcmp(alg->cra_driver_name, q->cra_driver_name)) + goto err; + continue; + } + + if (!strcmp(q->cra_driver_name, alg->cra_name) || + !strcmp(q->cra_name, alg->cra_driver_name)) + goto err; + } + + larval = crypto_larval_alloc(alg->cra_name, + alg->cra_flags | NCRYPTO_ALG_TESTED, 0); + if (IS_ERR(larval)) + goto out; + + ret = -ENOENT; + larval->adult = crypto_mod_get(alg); + if (!larval->adult) + goto free_larval; + + atomic_set(&larval->alg.cra_refcnt, 1); + memcpy(larval->alg.cra_driver_name, alg->cra_driver_name, + CRYPTO_MAX_ALG_NAME); + larval->alg.cra_priority = alg->cra_priority; + + list_add(&alg->cra_list, &ncrypto_alg_list); + list_add(&larval->alg.cra_list, &ncrypto_alg_list); + +out: + return larval; + +free_larval: + kfree(larval); +err: + larval = ERR_PTR(ret); + goto out; +} + +void crypto_alg_tested(const char *name, int err) +{ + struct crypto_larval *test; + struct ncrypto_alg *alg; + struct ncrypto_alg *q; + LIST_HEAD(list); + + down_write(&ncrypto_alg_sem); + list_for_each_entry(q, &ncrypto_alg_list, cra_list) { + if (!crypto_is_larval(q)) + continue; + + test = (struct crypto_larval *)q; + + if (!strcmp(q->cra_driver_name, name)) + goto found; + } + + printk(KERN_ERR "alg: Unexpected test result for %s: %d\n", name, err); + goto unlock; + +found: + alg = test->adult; + if (err || list_empty(&alg->cra_list)) + goto complete; + + alg->cra_flags |= NCRYPTO_ALG_TESTED; + + list_for_each_entry(q, &ncrypto_alg_list, cra_list) { + if (q == alg) + continue; if (crypto_is_moribund(q)) continue; @@ -180,17 +256,18 @@ static int __crypto_register_alg(struct ncrypto_alg *alg, q->cra_priority > alg->cra_priority) continue; - crypto_remove_spawns(&q->cra_users, list, alg->cra_flags); + crypto_remove_spawns(&q->cra_users, &list, alg->cra_flags); } - - list_add(&alg->cra_list, &ncrypto_alg_list); - crypto_notify(CRYPTO_MSG_ALG_REGISTER, alg); - ret = 0; +complete: + complete_all(&test->completion); -out: - return ret; +unlock: + up_write(&ncrypto_alg_sem); + + crypto_remove_final(&list); } +EXPORT_SYMBOL_GPL(crypto_alg_tested); static void crypto_remove_final(struct list_head *list) { @@ -203,9 +280,29 @@ static void crypto_remove_final(struct list_head *list) } } +static void crypto_wait_for_test(struct crypto_larval *larval) +{ + int err; + + err = crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER, larval->adult); + if (err != NOTIFY_STOP) { + if (unlikely(err != NOTIFY_DONE)) { + WARN_ON(1); + goto out; + } + crypto_alg_tested(larval->alg.cra_driver_name, 0); + } + + err = wait_for_completion_interruptible(&larval->completion); + WARN_ON(err); + +out: + crypto_larval_kill(&larval->alg); +} + int ncrypto_register_alg(struct ncrypto_alg *alg) { - LIST_HEAD(list); + struct crypto_larval *larval; int err; err = crypto_check_alg(alg); @@ -213,11 +310,14 @@ int ncrypto_register_alg(struct ncrypto_alg *alg) return err; down_write(&ncrypto_alg_sem); - err = __crypto_register_alg(alg, &list); + larval = __crypto_register_alg(alg); up_write(&ncrypto_alg_sem); - crypto_remove_final(&list); - return err; + if (IS_ERR(larval)) + return PTR_ERR(larval); + + crypto_wait_for_test(larval); + return 0; } EXPORT_SYMBOL_GPL(ncrypto_register_alg); @@ -335,8 +435,8 @@ EXPORT_SYMBOL_GPL(crypto_lookup_template); int crypto_register_instance(struct crypto_template *tmpl, struct crypto_instance *inst) { - LIST_HEAD(list); - int err = -EINVAL; + struct crypto_larval *larval; + int err; err = crypto_check_alg(&inst->alg); if (err) @@ -346,8 +446,8 @@ int crypto_register_instance(struct crypto_template *tmpl, down_write(&ncrypto_alg_sem); - err = __crypto_register_alg(&inst->alg, &list); - if (err) + larval = __crypto_register_alg(&inst->alg); + if (IS_ERR(larval)) goto unlock; hlist_add_head(&inst->list, &tmpl->instances); @@ -356,7 +456,12 @@ int crypto_register_instance(struct crypto_template *tmpl, unlock: up_write(&ncrypto_alg_sem); - crypto_remove_final(&list); + err = PTR_ERR(larval); + if (IS_ERR(larval)) + goto err; + + crypto_wait_for_test(larval); + err = 0; err: return err; diff --git a/crypto/api.c b/crypto/api.c index a1920d5..aa3552f 100644 --- a/crypto/api.c +++ b/crypto/api.c @@ -21,6 +21,7 @@ #include <linux/errno.h> #include <linux/kernel.h> #include <linux/kmod.h> +#include <linux/mutex.h> #include <linux/rwsem.h> #include <linux/slab.h> #include <linux/string.h> @@ -257,6 +258,8 @@ int crypto_register_alg(struct crypto_alg *alg) { int ret; struct crypto_alg *q; + char name[CRYPTO_MAX_ALG_NAME]; + DEFINE_MUTEX(test_lock); if (alg->cra_alignmask & (alg->cra_alignmask + 1)) return -EINVAL; @@ -274,6 +277,11 @@ int crypto_register_alg(struct crypto_alg *alg) if (unlikely(ret)) return ret; + memcpy(name, alg->cra_name, CRYPTO_MAX_ALG_NAME); + memcpy(alg->cra_name, "untested", sizeof("untested")); + + mutex_lock(&test_lock); + down_write(&crypto_alg_sem); list_for_each_entry(q, &crypto_alg_list, cra_list) { @@ -286,6 +294,22 @@ int crypto_register_alg(struct crypto_alg *alg) list_add(&alg->cra_list, &crypto_alg_list); out: up_write(&crypto_alg_sem); + + if (ret) + goto out2; + + switch (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) { + case CRYPTO_ALG_TYPE_DIGEST: + ret = digest_test(alg->cra_driver_name, name); + break; + } + + if (ret) + crypto_unregister_alg(alg); + +out2: + memcpy(alg->cra_name, name, CRYPTO_MAX_ALG_NAME); + mutex_unlock(&test_lock); return ret; } diff --git a/crypto/crypto_api.c b/crypto/crypto_api.c index a7fd196..1f9a034 100644 --- a/crypto/crypto_api.c +++ b/crypto/crypto_api.c @@ -57,6 +57,11 @@ void crypto_mod_put(struct ncrypto_alg *alg) } EXPORT_SYMBOL_GPL(crypto_mod_put); +static inline int crypto_is_test_larval(struct crypto_larval *larval) +{ + return larval->alg.cra_driver_name[0]; +} + struct ncrypto_alg *__crypto_alg_lookup(const char *name, u32 type, u32 mask) { struct ncrypto_alg *q, *alg = NULL; @@ -72,6 +77,7 @@ struct ncrypto_alg *__crypto_alg_lookup(const char *name, u32 type, u32 mask) continue; if (crypto_is_larval(q) && + !crypto_is_test_larval((struct crypto_larval *)q) && ((struct crypto_larval *)q)->mask != mask) continue; @@ -106,10 +112,8 @@ static void crypto_larval_destroy(struct ncrypto_alg *alg) kfree(larval); } -static struct ncrypto_alg *crypto_larval_alloc(const char *name, u32 type, - u32 mask) +struct crypto_larval *crypto_larval_alloc(const char *name, u32 type, u32 mask) { - struct ncrypto_alg *alg; struct crypto_larval *larval; larval = kzalloc(sizeof(*larval), GFP_KERNEL); @@ -121,10 +125,25 @@ static struct ncrypto_alg *crypto_larval_alloc(const char *name, u32 type, larval->alg.cra_priority = -1; larval->alg.cra_destroy = crypto_larval_destroy; - atomic_set(&larval->alg.cra_refcnt, 2); strlcpy(larval->alg.cra_name, name, CRYPTO_MAX_ALG_NAME); init_completion(&larval->completion); + return larval; +} +EXPORT_SYMBOL_GPL(crypto_larval_alloc); + +static struct ncrypto_alg *crypto_larval_add(const char *name, u32 type, + u32 mask) +{ + struct ncrypto_alg *alg; + struct crypto_larval *larval; + + larval = crypto_larval_alloc(name, type, mask); + if (IS_ERR(larval)) + return ERR_PTR(PTR_ERR((larval))); + + atomic_set(&larval->alg.cra_refcnt, 2); + down_write(&ncrypto_alg_sem); alg = __crypto_alg_lookup(name, type, mask); if (!alg) { @@ -154,14 +173,23 @@ EXPORT_SYMBOL_GPL(crypto_larval_kill); static struct ncrypto_alg *crypto_larval_wait(struct ncrypto_alg *alg) { struct crypto_larval *larval = (void *)alg; + long timeout; + + timeout = wait_for_completion_interruptible_timeout( + &larval->completion, 60 * HZ); - wait_for_completion_interruptible_timeout(&larval->completion, 60 * HZ); alg = larval->adult; - if (alg) { - if (!crypto_mod_get(alg)) - alg = ERR_PTR(-EAGAIN); - } else + if (timeout < 0) + alg = ERR_PTR(-EINTR); + else if (!timeout) + alg = ERR_PTR(-ETIMEDOUT); + else if (!alg) alg = ERR_PTR(-ENOENT); + else if (crypto_is_test_larval(larval) && + !(alg->cra_flags & NCRYPTO_ALG_TESTED)) + alg = ERR_PTR(-EAGAIN); + else if (!crypto_mod_get(alg)) + alg = ERR_PTR(-EAGAIN); crypto_mod_put(&larval->alg); return alg; @@ -194,25 +222,41 @@ struct ncrypto_alg *crypto_larval_lookup(const char *name, u32 type, u32 mask) if (alg) return crypto_is_larval(alg) ? crypto_larval_wait(alg) : alg; - return crypto_larval_alloc(name, type, mask); + return crypto_larval_add(name, type, mask); } EXPORT_SYMBOL_GPL(crypto_larval_lookup); +int crypto_probing_notify(unsigned long val, void *v) +{ + int ok; + + ok = blocking_notifier_call_chain(&crypto_chain, val, v); + if (ok == NOTIFY_DONE) { + request_module("cryptomgr"); + request_module("testmgr"); + ok = blocking_notifier_call_chain(&crypto_chain, val, v); + } + + return ok; +} +EXPORT_SYMBOL_GPL(crypto_probing_notify); + struct ncrypto_alg *ncrypto_alg_mod_lookup(const char *name, u32 type, u32 mask) { struct ncrypto_alg *alg; struct ncrypto_alg *larval; int ok; + if (!(mask & NCRYPTO_ALG_TESTED)) { + type |= NCRYPTO_ALG_TESTED; + mask |= NCRYPTO_ALG_TESTED; + } + larval = crypto_larval_lookup(name, type, mask); if (IS_ERR(larval) || !crypto_is_larval(larval)) return larval; - ok = crypto_notify(CRYPTO_MSG_ALG_REQUEST, larval); - if (ok == NOTIFY_DONE) { - request_module("cryptomgr"); - ok = crypto_notify(CRYPTO_MSG_ALG_REQUEST, larval); - } + ok = crypto_probing_notify(CRYPTO_MSG_ALG_REQUEST, larval); if (ok == NOTIFY_STOP) alg = crypto_larval_wait(larval); diff --git a/crypto/cryptomgr.c b/crypto/cryptomgr.c index 24072ae..9f60a49 100644 --- a/crypto/cryptomgr.c +++ b/crypto/cryptomgr.c @@ -45,6 +45,9 @@ struct cryptomgr_param { char larval[CRYPTO_MAX_ALG_NAME]; char template[CRYPTO_MAX_ALG_NAME]; + + u32 otype; + u32 omask; }; static int cryptomgr_probe(void *data) @@ -76,8 +79,7 @@ out: module_put_and_exit(0); err: - crypto_larval_error(param->larval, param->type.data.type, - param->type.data.mask); + crypto_larval_error(param->larval, param->otype, param->omask); goto out; } @@ -169,13 +171,16 @@ static int cryptomgr_schedule_probe(struct crypto_larval *larval) param->type.attr.rta_len = sizeof(param->type); param->type.attr.rta_type = CRYPTOA_TYPE; - param->type.data.type = larval->alg.cra_flags; - param->type.data.mask = larval->mask; + param->type.data.type = larval->alg.cra_flags & ~NCRYPTO_ALG_TESTED; + param->type.data.mask = larval->mask & ~NCRYPTO_ALG_TESTED; param->tb[0] = ¶m->type.attr; + param->otype = larval->alg.cra_flags; + param->omask = larval->mask; + memcpy(param->larval, larval->alg.cra_name, CRYPTO_MAX_ALG_NAME); - thread = kthread_run(cryptomgr_probe, param, "cryptomgr"); + thread = kthread_run(cryptomgr_probe, param, "cryptomgr_probe"); if (IS_ERR(thread)) goto err_free_param; diff --git a/crypto/ninternal.h b/crypto/ninternal.h index cb47aff..07d729c 100644 --- a/crypto/ninternal.h +++ b/crypto/ninternal.h @@ -43,9 +43,11 @@ struct ncrypto_alg *__crypto_alg_lookup(const char *name, u32 type, u32 mask); struct ncrypto_alg *ncrypto_alg_mod_lookup(const char *name, u32 type, u32 mask); +struct crypto_larval *crypto_larval_alloc(const char *name, u32 type, u32 mask); void crypto_larval_kill(struct ncrypto_alg *alg); struct ncrypto_alg *crypto_larval_lookup(const char *name, u32 type, u32 mask); void crypto_larval_error(const char *name, u32 type, u32 mask); +void crypto_alg_tested(const char *name, int err); void crypto_shoot_alg(struct ncrypto_alg *alg); struct ncrypto_tfm *__crypto_alloc_tfm(struct ncrypto_alg *alg, u32 type, @@ -56,6 +58,7 @@ int crypto_register_instance(struct crypto_template *tmpl, int crypto_register_notifier(struct notifier_block *nb); int crypto_unregister_notifier(struct notifier_block *nb); +int crypto_probing_notify(unsigned long val, void *v); static inline void ncrypto_alg_put(struct ncrypto_alg *alg) { @@ -88,9 +91,9 @@ static inline int crypto_is_moribund(struct ncrypto_alg *alg) return alg->cra_flags & (NCRYPTO_ALG_DEAD | NCRYPTO_ALG_DYING); } -static inline int crypto_notify(unsigned long val, void *v) +static inline void crypto_notify(unsigned long val, void *v) { - return blocking_notifier_call_chain(&crypto_chain, val, v); + blocking_notifier_call_chain(&crypto_chain, val, v); } #endif /* _CRYPTO_NINTERNAL_H */ diff --git a/crypto/testmgr.c b/crypto/testmgr.c index d803118..1c93fc7 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -19,6 +19,7 @@ #include <linux/err.h> #include <linux/init.h> +#include <linux/kthread.h> #include <linux/module.h> #include <linux/scatterlist.h> #include <linux/slab.h> @@ -94,6 +95,12 @@ struct alg_test_desc { } suite; }; +struct crypto_test_param { + char driver[CRYPTO_MAX_ALG_NAME]; + char alg[CRYPTO_MAX_ALG_NAME]; + u32 type; +}; + static unsigned int IDX[8] = { IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 }; static char *xbuf[XBUFSIZE]; @@ -1216,8 +1223,76 @@ int alg_test(const char *driver, const char *alg, u32 type, u32 mask) } EXPORT_SYMBOL_GPL(alg_test); +static int cryptomgr_test(void *data) +{ + struct crypto_test_param *param = data; + u32 type = param->type; + int err = 0; + + if (!((type ^ NCRYPTO_ALG_TYPE_BLKCIPHER) & + NCRYPTO_ALG_TYPE_BLKCIPHER_MASK) && !(type & NCRYPTO_ALG_GENIV)) + goto skiptest; + + if ((type & NCRYPTO_ALG_TYPE_MASK) == NCRYPTO_ALG_TYPE_CIPHER) + goto skiptest; + + err = alg_test(param->driver, param->alg, 0, NCRYPTO_ALG_TESTED); + +skiptest: + crypto_alg_tested(param->driver, err); + + kfree(param); + module_put_and_exit(0); +} + +static int cryptomgr_schedule_test(struct ncrypto_alg *alg) +{ + struct task_struct *thread; + struct crypto_test_param *param; + + if (!try_module_get(THIS_MODULE)) + goto err; + + param = kzalloc(sizeof(*param), GFP_KERNEL); + if (!param) + goto err_put_module; + + memcpy(param->driver, alg->cra_driver_name, sizeof(param->driver)); + memcpy(param->alg, alg->cra_name, sizeof(param->alg)); + param->type = alg->cra_flags; + + thread = kthread_run(cryptomgr_test, param, "cryptomgr_test"); + if (IS_ERR(thread)) + goto err_free_param; + + return NOTIFY_STOP; + +err_free_param: + kfree(param); +err_put_module: + module_put(THIS_MODULE); +err: + return NOTIFY_OK; +} + +static int testmgr_notify(struct notifier_block *this, unsigned long msg, + void *data) +{ + switch (msg) { + case CRYPTO_MSG_ALG_REGISTER: + return cryptomgr_schedule_test(data); + } + + return NOTIFY_DONE; +} + +static struct notifier_block testmgr_notifier = { + .notifier_call = testmgr_notify, +}; + static int __init testmgr_init(void) { + int err = -ENOMEM; int i; for (i = 0; i < XBUFSIZE; i++) { @@ -1232,6 +1307,10 @@ static int __init testmgr_init(void) goto err_free_axbuf; } + err = crypto_register_notifier(&testmgr_notifier); + if (err) + goto err_free_axbuf; + return 0; err_free_axbuf: @@ -1241,13 +1320,17 @@ err_free_xbuf: for (i = 0; i < XBUFSIZE && xbuf[i]; i++) free_page((unsigned long)xbuf[i]); - return -ENOMEM; + return err; } static void __exit testmgr_exit(void) { + int err; int i; + err = crypto_unregister_notifier(&testmgr_notifier); + BUG_ON(err); + for (i = 0; i < XBUFSIZE; i++) free_page((unsigned long)axbuf[i]); for (i = 0; i < XBUFSIZE; i++) diff --git a/include/linux/ncrypto.h b/include/linux/ncrypto.h index 920d768..d19f1f5 100644 --- a/include/linux/ncrypto.h +++ b/include/linux/ncrypto.h @@ -55,6 +55,14 @@ #define NCRYPTO_ALG_GENIV 0x00000200 /* + * Set if the algorithm has passed automated run-time testing. Note that + * if there is no run-time testing for a given algorithm it is considered + * to have passed. + */ + +#define NCRYPTO_ALG_TESTED 0x00000400 + +/* * The macro CRYPTO_MINALIGN_ATTR (along with the void * type in the actual * declaration) is used to ensure that the crypto_tfm context structure is * aligned correctly for the given architecture so that there are no alignment