From: Eric Biggers <ebiggers@kernel.org>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: linux-crypto@vger.kernel.org,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
Johannes Berg <johannes@sipsolutions.net>
Subject: Re: [PATCH v3 3/7] net/lib80211: move WEP handling to ARC4 library code
Date: Tue, 11 Jun 2019 10:59:53 -0700 [thread overview]
Message-ID: <20190611175952.GC66728@gmail.com> (raw)
In-Reply-To: <20190611134750.2974-4-ard.biesheuvel@linaro.org>
On Tue, Jun 11, 2019 at 03:47:46PM +0200, Ard Biesheuvel wrote:
> The crypto API abstraction is not very useful for invoking ciphers
> directly, especially in the case of arc4, which only has a generic
> implementation in C. So let's invoke the library code directly.
>
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> net/wireless/Kconfig | 1 +
> net/wireless/lib80211_crypt_wep.c | 49 +++++---------------
> 2 files changed, 13 insertions(+), 37 deletions(-)
>
> diff --git a/net/wireless/Kconfig b/net/wireless/Kconfig
> index 6310ddede220..6d9c48cea07e 100644
> --- a/net/wireless/Kconfig
> +++ b/net/wireless/Kconfig
> @@ -213,6 +213,7 @@ config LIB80211
>
> config LIB80211_CRYPT_WEP
> tristate
> + select CRYPTO_LIB_ARC4
>
> config LIB80211_CRYPT_CCMP
> tristate
> diff --git a/net/wireless/lib80211_crypt_wep.c b/net/wireless/lib80211_crypt_wep.c
> index 20c1ad63ad44..9a4e4653fe64 100644
> --- a/net/wireless/lib80211_crypt_wep.c
> +++ b/net/wireless/lib80211_crypt_wep.c
> @@ -11,6 +11,7 @@
> */
>
> #include <linux/err.h>
> +#include <linux/fips.h>
> #include <linux/module.h>
> #include <linux/init.h>
> #include <linux/slab.h>
> @@ -22,7 +23,7 @@
>
> #include <net/lib80211.h>
>
> -#include <linux/crypto.h>
> +#include <crypto/arc4.h>
> #include <linux/crc32.h>
>
> MODULE_AUTHOR("Jouni Malinen");
> @@ -35,51 +36,30 @@ struct lib80211_wep_data {
> u8 key[WEP_KEY_LEN + 1];
> u8 key_len;
> u8 key_idx;
> - struct crypto_cipher *tx_tfm;
> - struct crypto_cipher *rx_tfm;
> + struct arc4_ctx tx_ctx;
> + struct arc4_ctx rx_ctx;
> };
>
> static void *lib80211_wep_init(int keyidx)
> {
> struct lib80211_wep_data *priv;
>
> + if (fips_enabled)
> + return NULL;
> +
> priv = kzalloc(sizeof(*priv), GFP_ATOMIC);
> if (priv == NULL)
> - goto fail;
> + return NULL;
> priv->key_idx = keyidx;
>
> - priv->tx_tfm = crypto_alloc_cipher("arc4", 0, 0);
> - if (IS_ERR(priv->tx_tfm)) {
> - priv->tx_tfm = NULL;
> - goto fail;
> - }
> -
> - priv->rx_tfm = crypto_alloc_cipher("arc4", 0, 0);
> - if (IS_ERR(priv->rx_tfm)) {
> - priv->rx_tfm = NULL;
> - goto fail;
> - }
> /* start WEP IV from a random value */
> get_random_bytes(&priv->iv, 4);
>
> return priv;
> -
> - fail:
> - if (priv) {
> - crypto_free_cipher(priv->tx_tfm);
> - crypto_free_cipher(priv->rx_tfm);
> - kfree(priv);
> - }
> - return NULL;
> }
>
> static void lib80211_wep_deinit(void *priv)
> {
> - struct lib80211_wep_data *_priv = priv;
> - if (_priv) {
> - crypto_free_cipher(_priv->tx_tfm);
> - crypto_free_cipher(_priv->rx_tfm);
> - }
> kfree(priv);
> }
How about changing lib80211_wep_deinit() to use kzfree()? As a result of
changing to the ARC4 library, the arc4_ctx is no longer zeroed. Of course it's
not any worse than it was before since the raw key is already in
lib80211_wep_data too, but it really ought to be kzfree()...
- Eric
next prev parent reply other threads:[~2019-06-11 17:59 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-11 13:47 [PATCH v3 0/7] crypto: rc4 cleanup Ard Biesheuvel
2019-06-11 13:47 ` [PATCH v3 1/7] crypto: arc4 - refactor arc4 core code into separate library Ard Biesheuvel
2019-06-11 13:47 ` [PATCH v3 2/7] net/mac80211: move WEP handling to ARC4 library interface Ard Biesheuvel
2019-06-11 13:51 ` Johannes Berg
2019-06-11 13:53 ` Ard Biesheuvel
2019-06-11 13:55 ` Johannes Berg
2019-06-11 13:56 ` Ard Biesheuvel
2019-06-11 13:58 ` Johannes Berg
2019-06-11 17:54 ` Eric Biggers
2019-06-11 13:47 ` [PATCH v3 3/7] net/lib80211: move WEP handling to ARC4 library code Ard Biesheuvel
2019-06-11 17:59 ` Eric Biggers [this message]
2019-06-11 13:47 ` [PATCH v3 4/7] net/lib80211: move TKIP " Ard Biesheuvel
2019-06-11 13:47 ` [PATCH v3 5/7] crypto: arc4 - remove cipher implementation Ard Biesheuvel
2019-06-11 17:39 ` Eric Biggers
2019-06-12 15:33 ` Eric Biggers
2019-06-12 15:39 ` Ard Biesheuvel
2019-06-11 13:47 ` [PATCH v3 6/7] ppp: mppe: switch to RC4 library interface Ard Biesheuvel
2019-06-11 13:47 ` Ard Biesheuvel
2019-06-11 18:08 ` Eric Biggers
2019-06-11 18:08 ` Eric Biggers
2019-06-11 13:47 ` [PATCH v3 7/7] fs: cifs: " Ard Biesheuvel
2019-06-11 18:17 ` Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190611175952.GC66728@gmail.com \
--to=ebiggers@kernel.org \
--cc=ard.biesheuvel@linaro.org \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=johannes@sipsolutions.net \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.