Message ID | ZGc7hCaDrnEFG8Lr@gondor.apana.org.au |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp1090059vqo; Fri, 19 May 2023 02:06:33 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ4kU6TLR7z4F+aaCb0+b0a2C+/EDL9djKFY2lvhbiZgPnS1+9YgSvCbKYXuOKemxyEiJu7r X-Received: by 2002:a05:6a21:394b:b0:102:748:2f03 with SMTP id ac11-20020a056a21394b00b0010207482f03mr1351649pzc.51.1684487193147; Fri, 19 May 2023 02:06:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1684487193; cv=none; d=google.com; s=arc-20160816; b=nUCD2+GWLPQKrHQ3ODka+TwrGIcNLBbsSTIHLashjUaLvIhxHw0BmmWUoOKhRv5rAs +r/azrVKvzQ66h3Qc0JKng7meNexqFkCEonyhBId4qkayY6U/6kBDSNlo8WWzov1cimY aPEjkiLGBqJHJNhnwj5a0Gni36dKArdrGgTF2Pf4XSQDxY3MO1BDjmbpPy7Cdx+5OzIY clw0Zy6VfL6JSBtmnyOjG5jIL/CtgX5zXr6zBezMEx8VA6AUPxpgl8DytKqXRW5MJciJ SuPWHNQv/ATz/eOlNw2MHz8xgD6fto2vbK+vSnQQ2gtxX0HVrCeMhcc3JuM3T55/u7eU xddA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=VI2M8NBxYImeBrFfjJvlOBr3dyY/ScXzx6drfiEUtw0=; b=ZZf0qhGmawDwsdTFPXJJF3zXw91IZOotMRgoxAtv3zRRsoEEFD00Pahx88dhLv4mDy XRhTdpdYrVaez+BJQizBRira+bkmM037mIi1tIpr1hnD1c2a+oLCWCaZ1XtLd/udtSJD lQ1hycyiWMpdTagbmzcR4xFR5KBRUS9+L91Pc3AwWtiGqJjxG9mwkgjX+41uzifThYO+ 1uVyepttntA5ROdZokLinsCyKvNWUv7vIvlV059KwGF90EE3Dh86I9Vm1yNJ+P9T4BOq sHWxsNSEmbBCjn2D3oymP4EUf88T1AUmOENtPSSMhJS8gi41SwVt4Y9eACpnjrmHCca2 UwjA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j7-20020a633c07000000b00530e32c93besi3253628pga.881.2023.05.19.02.06.17; Fri, 19 May 2023 02:06:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229599AbjESJFo (ORCPT <rfc822;cscallsign@gmail.com> + 99 others); Fri, 19 May 2023 05:05:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51616 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229876AbjESJFm (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Fri, 19 May 2023 05:05:42 -0400 Received: from 167-179-156-38.a7b39c.syd.nbn.aussiebb.net (167-179-156-38.a7b39c.syd.nbn.aussiebb.net [167.179.156.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 653FE1723; Fri, 19 May 2023 02:05:15 -0700 (PDT) Received: from loth.rohan.me.apana.org.au ([192.168.167.2]) by formenos.hmeau.com with smtp (Exim 4.94.2 #2 (Debian)) id 1pzw1s-00AoNA-Ne; Fri, 19 May 2023 17:04:05 +0800 Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Fri, 19 May 2023 17:04:04 +0800 Date: Fri, 19 May 2023 17:04:04 +0800 From: Herbert Xu <herbert@gondor.apana.org.au> To: Ard Biesheuvel <ardb@kernel.org> Cc: Dmitry Safonov <dima@arista.com>, Linux Crypto Mailing List <linux-crypto@vger.kernel.org>, linux-kernel@vger.kernel.org, David Ahern <dsahern@kernel.org>, Eric Dumazet <edumazet@google.com>, Paolo Abeni <pabeni@redhat.com>, Jakub Kicinski <kuba@kernel.org>, "David S. Miller" <davem@davemloft.net>, Andy Lutomirski <luto@amacapital.net>, Bob Gilligan <gilligan@arista.com>, Dan Carpenter <error27@gmail.com>, David Laight <David.Laight@aculab.com>, Dmitry Safonov <0x7f454c46@gmail.com>, Eric Biggers <ebiggers@kernel.org>, "Eric W. Biederman" <ebiederm@xmission.com>, Francesco Ruggeri <fruggeri05@gmail.com>, Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>, Ivan Delalande <colona@arista.com>, Leonard Crestez <cdleonard@gmail.com>, Salam Noureddine <noureddine@arista.com>, netdev@vger.kernel.org Subject: [PATCH] crypto: shash - Allow cloning on algorithms with no init_tfm Message-ID: <ZGc7hCaDrnEFG8Lr@gondor.apana.org.au> References: <ZGcyuyjJwZhdYS/G@gondor.apana.org.au> <E1pzvTZ-00AnMQ-5M@formenos.hmeau.com> <CAMj1kXGwS03zUBTGb7jmk1-6r+=a-HH+A-S9ZFTYRyJSzN0Xcg@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <CAMj1kXGwS03zUBTGb7jmk1-6r+=a-HH+A-S9ZFTYRyJSzN0Xcg@mail.gmail.com> X-Spam-Status: No, score=2.7 required=5.0 tests=BAYES_00,HELO_DYNAMIC_IPADDR2, RDNS_DYNAMIC,SPF_HELO_NONE,SPF_PASS,TVD_RCVD_IP,T_SCC_BODY_TEXT_LINE, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.6 X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1766312843276400024?= X-GMAIL-MSGID: =?utf-8?q?1766312843276400024?= |
Series |
crypto: shash - Allow cloning on algorithms with no init_tfm
|
|
Commit Message
Herbert Xu
May 19, 2023, 9:04 a.m. UTC
On Fri, May 19, 2023 at 10:54:11AM +0200, Ard Biesheuvel wrote: > > Does this imply that the cmac-aes-ce and cmac-aes-neon implementations > for arm64 need a similar treatment? Good catch. Since these don't have init functions we can deal with them at a higher level: ---8<--- Some shash algorithms are so simple that they don't have an init_tfm function. These can be cloned trivially. Check this before failing in crypto_clone_shash. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Comments
On Fri, 19 May 2023 at 11:04, Herbert Xu <herbert@gondor.apana.org.au> wrote: > > On Fri, May 19, 2023 at 10:54:11AM +0200, Ard Biesheuvel wrote: > > > > Does this imply that the cmac-aes-ce and cmac-aes-neon implementations > > for arm64 need a similar treatment? > > Good catch. Since these don't have init functions we can deal > with them at a higher level: > > ---8<--- > Some shash algorithms are so simple that they don't have an init_tfm > function. These can be cloned trivially. Check this before failing > in crypto_clone_shash. > OK. So IIUC, cloning a keyless hash just shares the TFM and bumps the refcount, but here we must actually allocate a new TFM referring to the same algo, and this new TFM needs its key to be set before use, as it doesn't inherit it from the clonee, right? And this works in the same way as cloning an instance of the generic HMAC template, as this will just clone the inner shash too, and will also leave the key unset. If so, Acked-by: Ard Biesheuvel <ardb@kernel.org> If not, could you explain it to me again? :-) > Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> > > diff --git a/crypto/shash.c b/crypto/shash.c > index 717b42df3495..1fadb6b59bdc 100644 > --- a/crypto/shash.c > +++ b/crypto/shash.c > @@ -597,7 +597,7 @@ struct crypto_shash *crypto_clone_shash(struct crypto_shash *hash) > return hash; > } > > - if (!alg->clone_tfm) > + if (!alg->clone_tfm && (alg->init_tfm || alg->base.cra_init)) > return ERR_PTR(-ENOSYS); > > nhash = crypto_clone_tfm(&crypto_shash_type, tfm); > @@ -606,10 +606,12 @@ struct crypto_shash *crypto_clone_shash(struct crypto_shash *hash) > > nhash->descsize = hash->descsize; > > - err = alg->clone_tfm(nhash, hash); > - if (err) { > - crypto_free_shash(nhash); > - return ERR_PTR(err); > + if (alg->clone_tfm) { > + err = alg->clone_tfm(nhash, hash); > + if (err) { > + crypto_free_shash(nhash); > + return ERR_PTR(err); > + } > } > > return nhash; > -- > Email: Herbert Xu <herbert@gondor.apana.org.au> > Home Page: http://gondor.apana.org.au/~herbert/ > PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On Fri, May 19, 2023 at 11:31:30AM +0200, Ard Biesheuvel wrote: > > OK. So IIUC, cloning a keyless hash just shares the TFM and bumps the > refcount, but here we must actually allocate a new TFM referring to > the same algo, and this new TFM needs its key to be set before use, as > it doesn't inherit it from the clonee, right? And this works in the > same way as cloning an instance of the generic HMAC template, as this > will just clone the inner shash too, and will also leave the key > unset. Yes that's pretty much it. Cloning a tfm is basically exactly the same as allocating a tfm, except that instead of going through the init_tfm code-path it executes clone_tfm instead (thus allowing any internal data structures to either be shared or allocated with GFP_ATOMIC). The key will be unset just like a freshly allocated tfm. > If so, > > Acked-by: Ard Biesheuvel <ardb@kernel.org> Thanks,
diff --git a/crypto/shash.c b/crypto/shash.c index 717b42df3495..1fadb6b59bdc 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -597,7 +597,7 @@ struct crypto_shash *crypto_clone_shash(struct crypto_shash *hash) return hash; } - if (!alg->clone_tfm) + if (!alg->clone_tfm && (alg->init_tfm || alg->base.cra_init)) return ERR_PTR(-ENOSYS); nhash = crypto_clone_tfm(&crypto_shash_type, tfm); @@ -606,10 +606,12 @@ struct crypto_shash *crypto_clone_shash(struct crypto_shash *hash) nhash->descsize = hash->descsize; - err = alg->clone_tfm(nhash, hash); - if (err) { - crypto_free_shash(nhash); - return ERR_PTR(err); + if (alg->clone_tfm) { + err = alg->clone_tfm(nhash, hash); + if (err) { + crypto_free_shash(nhash); + return ERR_PTR(err); + } } return nhash;