Commits · 1cdaf895c99d319c0007d0b62818cf85fc4b087f · Upstream / linux-stable

18 Apr, 2019 1 commit

crypto: run initcalls for generic implementations earlier · c4741b23

Eric Biggers authored 6 years ago

Use subsys_initcall for registration of all templates and generic
algorithm implementations, rather than module_init. Then change
cryptomgr to use arch_initcall, to place it before the subsys_initcalls.

This is needed so that when both a generic and optimized implementation
of an algorithm are built into the kernel (not loadable modules), the
generic implementation is registered before the optimized one.
Otherwise, the self-tests for the optimized implementation are unable to
allocate the generic implementation for the new comparison fuzz tests.

Note that on arm, a side effect of this change is that self-tests for
generic implementations may run before the unaligned access handler has
been installed. So, unaligned accesses will crash the kernel. This is
arguably a good thing as it makes it easier to detect that type of bug.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

c4741b23

08 Apr, 2019 1 commit

crypto: crct10dif-generic - fix use via crypto_shash_digest() · 307508d1

Eric Biggers authored 6 years ago

The ->digest() method of crct10dif-generic reads the current CRC value
from the shash_desc context.  But this value is uninitialized, causing
crypto_shash_digest() to compute the wrong result.  Fix it.

Probably this wasn't noticed before because lib/crc-t10dif.c only uses
crypto_shash_update(), not crypto_shash_digest().  Likewise,
crypto_shash_digest() is not yet tested by the crypto self-tests because
those only test the ahash API which only uses shash init/update/final.

This bug was detected by my patches that improve testmgr to fuzz
algorithms against their generic implementation.

Fixes: 2d31e518

 ("crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework")
Cc: <stable@vger.kernel.org> # v3.11+
Cc: Tim Chen <tim.c.chen@linux.intel.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

307508d1

13 Sep, 2016 1 commit

crypto: squash lines for simple wrapper functions · 36e09e1f

Masahiro Yamada authored 8 years ago


Remove unneeded variables and assignments.
Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

36e09e1f

13 Jan, 2015 1 commit

crypto: add missing crypto module aliases · 3e14dcf7

Mathias Krause authored 10 years ago

Commit 5d26a105 ("crypto: prefix module autoloading with "crypto-"")
changed the automatic module loading when requesting crypto algorithms
to prefix all module requests with "crypto-". This requires all crypto
modules to have a crypto specific module alias even if their file name
would otherwise match the requested crypto algorithm.

Even though commit 5d26a105 added those aliases for a vast amount of
modules, it was missing a few. Add the required MODULE_ALIAS_CRYPTO
annotations to those files to make them get loaded automatically, again.
This fixes, e.g., requesting 'ecb(blowfish-generic)', which used to work
with kernels v3.18 and below.

Also change MODULE_ALIAS() lines to MODULE_ALIAS_CRYPTO(). The former
won't work for crypto modules any more.

Fixes: 5d26a105

 ("crypto: prefix module autoloading with "crypto-"")
Cc: Kees Cook <keescook@chromium.org>
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

3e14dcf7

24 Nov, 2014 1 commit

crypto: prefix module autoloading with "crypto-" · 5d26a105

Kees Cook authored 10 years ago

This prefixes all crypto module loading with "crypto-" so we never run
the risk of exposing module auto-loading to userspace via a crypto API,
as demonstrated by Mathias Krause:

https://lkml.org/lkml/2013/3/4/70

Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

5d26a105

12 Sep, 2013 1 commit

crypto: crct10dif - Add fallback for broken initrds · 26052f9b

Herbert Xu authored 11 years ago


Unfortunately, even with a softdep some distros fail to include
the necessary modules in the initrd.  Therefore this patch adds
a fallback path to restore existing behaviour where we cannot
load the new crypto crct10dif algorithm.

In order to do this, the underlying crct10dif has been split out
from the crypto implementation so that it can be used on the
fallback path.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

26052f9b

07 Sep, 2013 1 commit

Reinstate "crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework" · 68411521

Herbert Xu authored 11 years ago

This patch reinstates commits
	67822649
	39761214
	0b95a7f8
	31d93962
	2d31e518



Now that module softdeps are in the kernel we can use that to resolve
the boot issue which cause the revert.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

68411521

24 Jul, 2013 1 commit

Revert "crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework" · e70308ec

Herbert Xu authored 11 years ago

This reverts commits
    67822649
    39761214
    0b95a7f8
    31d93962
    2d31e518



Unfortunately this change broke boot on some systems that used an
initrd which does not include the newly created crct10dif modules.
As these modules are required by sd_mod under certain configurations
this is a serious problem.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

e70308ec

20 May, 2013 1 commit

crypto: crct10dif - Wrap crc_t10dif function all to use crypto transform framework · 2d31e518

Tim Chen authored 12 years ago


When CRC T10 DIF is calculated using the crypto transform framework, we
wrap the crc_t10dif function call to utilize it.  This allows us to
take advantage of any accelerated CRC T10 DIF transform that is
plugged into the crypto framework.
Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

2d31e518