From: Eric Biggers <ebiggers@kernel.org>
To: Gilad Ben-Yossef <gilad@benyossef.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
Mike Snitzer <snitzer@redhat.com>,
linux-kernel@vger.kernel.org, linux-raid@vger.kernel.org,
Song Liu <song@kernel.org>,
dm-devel@redhat.com, linux-crypto@vger.kernel.org,
"David S. Miller" <davem@davemloft.net>,
Alasdair Kergon <agk@redhat.com>, Ofir Drang <ofir.drang@arm.com>
Subject: Re: [dm-devel] [PATCH 1/4] crypto: add eboiv as a crypto API template
Date: Mon, 26 Oct 2020 11:26:28 -0700 [thread overview]
Message-ID: <20201026182628.GI858@sol.localdomain> (raw)
In-Reply-To: <20201026182448.GH858@sol.localdomain>
On Mon, Oct 26, 2020 at 11:24:50AM -0700, Eric Biggers wrote:
> > +static int eboiv_create(struct crypto_template *tmpl, struct rtattr **tb)
> > +{
> > + struct crypto_attr_type *algt;
> > + const char *inner_cipher_name;
> > + struct skcipher_instance *skcipher_inst = NULL;
> > + struct crypto_instance *inst;
> > + struct crypto_alg *base, *block_base;
> > + struct eboiv_instance_ctx *ictx;
> > + struct skcipher_alg *skcipher_alg = NULL;
> > + int ivsize;
> > + u32 mask;
> > + int err;
> > +
> > + algt = crypto_get_attr_type(tb);
> > + if (IS_ERR(algt))
> > + return PTR_ERR(algt);
>
> Need to check that the algorithm is being instantiated as skcipher.
> crypto_check_attr_type() should be used.
>
> > +
> > + inner_cipher_name = crypto_attr_alg_name(tb[1]);
> > + if (IS_ERR(inner_cipher_name))
> > + return PTR_ERR(inner_cipher_name);
>
> The result of crypto_attr_alg_name() can be passed directly to
> crypto_grab_skcipher().
>
> > + mask = crypto_algt_inherited_mask(algt);
> > +
> > + skcipher_inst = kzalloc(sizeof(*skcipher_inst) + sizeof(*ictx), GFP_KERNEL);
> > + if (!skcipher_inst)
> > + return -ENOMEM;
> > +
> > + inst = skcipher_crypto_instance(skcipher_inst);
> > + base = &skcipher_inst->alg.base;
> > + ictx = crypto_instance_ctx(inst);
> > +
> > + /* Symmetric cipher, e.g., "cbc(aes)" */
> > + err = crypto_grab_skcipher(&ictx->skcipher_spawn, inst, inner_cipher_name, 0, mask);
> > + if (err)
> > + goto out_free_inst;
> > +
> > + skcipher_alg = crypto_spawn_skcipher_alg(&ictx->skcipher_spawn);
> > + block_base = &skcipher_alg->base;
> > + ivsize = crypto_skcipher_alg_ivsize(skcipher_alg);
> > +
> > + if (ivsize != block_base->cra_blocksize)
> > + goto out_drop_skcipher;
>
> Shouldn't it be verified that the underlying algorithm is actually cbc?
>
> > + skcipher_inst->alg.chunksize = crypto_skcipher_alg_chunksize(skcipher_alg);
> > + skcipher_inst->alg.walksize = crypto_skcipher_alg_walksize(skcipher_alg);
>
> Setting these isn't necessary.
>
> > +
> > + skcipher_inst->free = eboiv_skcipher_free_instance;
> > +
> > + err = skcipher_register_instance(tmpl, skcipher_inst);
> > +
> > + if (err)
> > + goto out_drop_skcipher;
> > +
> > + return 0;
> > +
> > +out_drop_skcipher:
> > + crypto_drop_skcipher(&ictx->skcipher_spawn);
> > +out_free_inst:
> > + kfree(skcipher_inst);
> > + return err;
> > +}
>
> eboiv_skcipher_free_instance() can be called on the error path.
Here's the version of eboiv_create() I recommend (untested):
static int eboiv_create(struct crypto_template *tmpl, struct rtattr **tb)
{
struct skcipher_instance *inst;
struct eboiv_instance_ctx *ictx;
struct skcipher_alg *alg;
u32 mask;
int err;
err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_SKCIPHER, &mask);
if (err)
return err;
inst = kzalloc(sizeof(*inst) + sizeof(*ictx), GFP_KERNEL);
if (!inst)
return -ENOMEM;
ictx = skcipher_instance_ctx(inst);
err = crypto_grab_skcipher(&ictx->skcipher_spawn,
skcipher_crypto_instance(inst),
crypto_attr_alg_name(tb[1]), 0, mask);
if (err)
goto err_free_inst;
alg = crypto_spawn_skcipher_alg(&ictx->skcipher_spawn);
err = -EINVAL;
if (strncmp(alg->base.cra_name, "cbc(", 4) ||
crypto_skcipher_alg_ivsize(alg) != alg->base.cra_blocksize)
goto err_free_inst;
err = -ENAMETOOLONG;
if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, "eboiv(%s)",
alg->base.cra_name) >= CRYPTO_MAX_ALG_NAME)
goto err_free_inst;
if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME,
"eboiv(%s)", alg->base.cra_driver_name) >=
CRYPTO_MAX_ALG_NAME)
goto err_free_inst;
inst->alg.base.cra_blocksize = alg->base.cra_blocksize;
inst->alg.base.cra_ctxsize = sizeof(struct eboiv_tfm_ctx);
inst->alg.base.cra_alignmask = alg->base.cra_alignmask;
inst->alg.base.cra_priority = alg->base.cra_priority;
inst->alg.setkey = eboiv_skcipher_setkey;
inst->alg.encrypt = eboiv_skcipher_encrypt;
inst->alg.decrypt = eboiv_skcipher_decrypt;
inst->alg.init = eboiv_skcipher_init_tfm;
inst->alg.exit = eboiv_skcipher_exit_tfm;
inst->alg.min_keysize = crypto_skcipher_alg_min_keysize(alg);
inst->alg.max_keysize = crypto_skcipher_alg_max_keysize(alg);
inst->alg.ivsize = crypto_skcipher_alg_ivsize(alg);
inst->free = eboiv_skcipher_free_instance;
err = skcipher_register_instance(tmpl, inst);
if (err) {
err_free_inst:
eboiv_skcipher_free_instance(inst);
}
return err;
}
--
dm-devel mailing list
dm-devel@redhat.com
https://www.redhat.com/mailman/listinfo/dm-devel
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: Gilad Ben-Yossef <gilad@benyossef.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
Song Liu <song@kernel.org>, Alasdair Kergon <agk@redhat.com>,
Mike Snitzer <snitzer@redhat.com>,
dm-devel@redhat.com, Ofir Drang <ofir.drang@arm.com>,
linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-raid@vger.kernel.org
Subject: Re: [PATCH 1/4] crypto: add eboiv as a crypto API template
Date: Mon, 26 Oct 2020 11:26:28 -0700 [thread overview]
Message-ID: <20201026182628.GI858@sol.localdomain> (raw)
In-Reply-To: <20201026182448.GH858@sol.localdomain>
On Mon, Oct 26, 2020 at 11:24:50AM -0700, Eric Biggers wrote:
> > +static int eboiv_create(struct crypto_template *tmpl, struct rtattr **tb)
> > +{
> > + struct crypto_attr_type *algt;
> > + const char *inner_cipher_name;
> > + struct skcipher_instance *skcipher_inst = NULL;
> > + struct crypto_instance *inst;
> > + struct crypto_alg *base, *block_base;
> > + struct eboiv_instance_ctx *ictx;
> > + struct skcipher_alg *skcipher_alg = NULL;
> > + int ivsize;
> > + u32 mask;
> > + int err;
> > +
> > + algt = crypto_get_attr_type(tb);
> > + if (IS_ERR(algt))
> > + return PTR_ERR(algt);
>
> Need to check that the algorithm is being instantiated as skcipher.
> crypto_check_attr_type() should be used.
>
> > +
> > + inner_cipher_name = crypto_attr_alg_name(tb[1]);
> > + if (IS_ERR(inner_cipher_name))
> > + return PTR_ERR(inner_cipher_name);
>
> The result of crypto_attr_alg_name() can be passed directly to
> crypto_grab_skcipher().
>
> > + mask = crypto_algt_inherited_mask(algt);
> > +
> > + skcipher_inst = kzalloc(sizeof(*skcipher_inst) + sizeof(*ictx), GFP_KERNEL);
> > + if (!skcipher_inst)
> > + return -ENOMEM;
> > +
> > + inst = skcipher_crypto_instance(skcipher_inst);
> > + base = &skcipher_inst->alg.base;
> > + ictx = crypto_instance_ctx(inst);
> > +
> > + /* Symmetric cipher, e.g., "cbc(aes)" */
> > + err = crypto_grab_skcipher(&ictx->skcipher_spawn, inst, inner_cipher_name, 0, mask);
> > + if (err)
> > + goto out_free_inst;
> > +
> > + skcipher_alg = crypto_spawn_skcipher_alg(&ictx->skcipher_spawn);
> > + block_base = &skcipher_alg->base;
> > + ivsize = crypto_skcipher_alg_ivsize(skcipher_alg);
> > +
> > + if (ivsize != block_base->cra_blocksize)
> > + goto out_drop_skcipher;
>
> Shouldn't it be verified that the underlying algorithm is actually cbc?
>
> > + skcipher_inst->alg.chunksize = crypto_skcipher_alg_chunksize(skcipher_alg);
> > + skcipher_inst->alg.walksize = crypto_skcipher_alg_walksize(skcipher_alg);
>
> Setting these isn't necessary.
>
> > +
> > + skcipher_inst->free = eboiv_skcipher_free_instance;
> > +
> > + err = skcipher_register_instance(tmpl, skcipher_inst);
> > +
> > + if (err)
> > + goto out_drop_skcipher;
> > +
> > + return 0;
> > +
> > +out_drop_skcipher:
> > + crypto_drop_skcipher(&ictx->skcipher_spawn);
> > +out_free_inst:
> > + kfree(skcipher_inst);
> > + return err;
> > +}
>
> eboiv_skcipher_free_instance() can be called on the error path.
Here's the version of eboiv_create() I recommend (untested):
static int eboiv_create(struct crypto_template *tmpl, struct rtattr **tb)
{
struct skcipher_instance *inst;
struct eboiv_instance_ctx *ictx;
struct skcipher_alg *alg;
u32 mask;
int err;
err = crypto_check_attr_type(tb, CRYPTO_ALG_TYPE_SKCIPHER, &mask);
if (err)
return err;
inst = kzalloc(sizeof(*inst) + sizeof(*ictx), GFP_KERNEL);
if (!inst)
return -ENOMEM;
ictx = skcipher_instance_ctx(inst);
err = crypto_grab_skcipher(&ictx->skcipher_spawn,
skcipher_crypto_instance(inst),
crypto_attr_alg_name(tb[1]), 0, mask);
if (err)
goto err_free_inst;
alg = crypto_spawn_skcipher_alg(&ictx->skcipher_spawn);
err = -EINVAL;
if (strncmp(alg->base.cra_name, "cbc(", 4) ||
crypto_skcipher_alg_ivsize(alg) != alg->base.cra_blocksize)
goto err_free_inst;
err = -ENAMETOOLONG;
if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, "eboiv(%s)",
alg->base.cra_name) >= CRYPTO_MAX_ALG_NAME)
goto err_free_inst;
if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME,
"eboiv(%s)", alg->base.cra_driver_name) >=
CRYPTO_MAX_ALG_NAME)
goto err_free_inst;
inst->alg.base.cra_blocksize = alg->base.cra_blocksize;
inst->alg.base.cra_ctxsize = sizeof(struct eboiv_tfm_ctx);
inst->alg.base.cra_alignmask = alg->base.cra_alignmask;
inst->alg.base.cra_priority = alg->base.cra_priority;
inst->alg.setkey = eboiv_skcipher_setkey;
inst->alg.encrypt = eboiv_skcipher_encrypt;
inst->alg.decrypt = eboiv_skcipher_decrypt;
inst->alg.init = eboiv_skcipher_init_tfm;
inst->alg.exit = eboiv_skcipher_exit_tfm;
inst->alg.min_keysize = crypto_skcipher_alg_min_keysize(alg);
inst->alg.max_keysize = crypto_skcipher_alg_max_keysize(alg);
inst->alg.ivsize = crypto_skcipher_alg_ivsize(alg);
inst->free = eboiv_skcipher_free_instance;
err = skcipher_register_instance(tmpl, inst);
if (err) {
err_free_inst:
eboiv_skcipher_free_instance(inst);
}
return err;
}
next prev parent reply other threads:[~2020-10-26 18:28 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-26 13:04 [dm-devel] [PATCH 0/4] crypto: switch to crypto API for EBOIV generation Gilad Ben-Yossef
2020-10-26 13:04 ` Gilad Ben-Yossef
2020-10-26 13:04 ` [dm-devel] [PATCH 1/4] crypto: add eboiv as a crypto API template Gilad Ben-Yossef
2020-10-26 13:04 ` Gilad Ben-Yossef
2020-10-26 18:24 ` [dm-devel] " Eric Biggers
2020-10-26 18:24 ` Eric Biggers
2020-10-26 18:26 ` Eric Biggers [this message]
2020-10-26 18:26 ` Eric Biggers
2020-10-27 6:53 ` [dm-devel] " Gilad Ben-Yossef
2020-10-27 6:53 ` Gilad Ben-Yossef
2020-10-26 13:04 ` [dm-devel] [PATCH 2/4] crypto: add eboiv(cbc(aes)) test vectors Gilad Ben-Yossef
2020-10-26 13:04 ` Gilad Ben-Yossef
2020-10-26 13:04 ` [dm-devel] [PATCH 3/4] dm crypt: switch to EBOIV crypto API template Gilad Ben-Yossef
2020-10-26 13:04 ` Gilad Ben-Yossef
2020-10-26 17:52 ` [dm-devel] " Eric Biggers
2020-10-26 17:52 ` Eric Biggers
2020-10-26 18:29 ` [dm-devel] " Milan Broz
2020-10-26 18:29 ` Milan Broz
2020-10-26 18:39 ` [dm-devel] " Eric Biggers
2020-10-26 18:39 ` Eric Biggers
2020-10-26 18:41 ` [dm-devel] " Herbert Xu
2020-10-26 18:41 ` Herbert Xu
2020-10-26 18:44 ` [dm-devel] " Herbert Xu
2020-10-26 18:44 ` Herbert Xu
2020-10-28 11:41 ` [dm-devel] " Gilad Ben-Yossef
2020-10-28 11:41 ` Gilad Ben-Yossef
2020-10-29 3:54 ` [dm-devel] " Herbert Xu
2020-10-29 3:54 ` Herbert Xu
2020-10-26 19:04 ` [dm-devel] " Milan Broz
2020-10-26 19:04 ` Milan Broz
2020-10-27 6:59 ` [dm-devel] " Gilad Ben-Yossef
2020-10-27 6:59 ` Gilad Ben-Yossef
2020-10-27 13:05 ` [dm-devel] " Milan Broz
2020-10-27 13:05 ` Milan Broz
2020-10-26 18:19 ` [dm-devel] " kernel test robot
2020-10-26 18:19 ` kernel test robot
2020-10-26 18:19 ` kernel test robot
2020-10-26 13:04 ` [dm-devel] [PATCH 4/4] crypto: ccree: re-introduce ccree eboiv support Gilad Ben-Yossef
2020-10-26 13:04 ` Gilad Ben-Yossef
2020-10-26 21:47 ` [dm-devel] " kernel test robot
2020-10-26 21:47 ` kernel test robot
2020-10-26 21:47 ` kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201026182628.GI858@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=agk@redhat.com \
--cc=davem@davemloft.net \
--cc=dm-devel@redhat.com \
--cc=gilad@benyossef.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-raid@vger.kernel.org \
--cc=ofir.drang@arm.com \
--cc=snitzer@redhat.com \
--cc=song@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.