From: Eric Biggers <ebiggers@kernel.org>
To: Elena Petrova <lenaptr@google.com>
Cc: linux-crypto@vger.kernel.org,
"Stephan Müller" <smueller@chronox.de>,
"Ard Biesheuvel" <ardb@kernel.org>,
"Jeffrey Vander Stoep" <jeffv@google.com>
Subject: Re: [PATCH v6] crypto: af_alg - add extra parameters for DRBG interface
Date: Tue, 8 Sep 2020 21:35:54 -0700 [thread overview]
Message-ID: <20200909043554.GA8311@sol.localdomain> (raw)
In-Reply-To: <20200908170403.2625295-1-lenaptr@google.com>
On Tue, Sep 08, 2020 at 06:04:03PM +0100, Elena Petrova wrote:
> Extend the user-space RNG interface:
> 1. Add entropy input via ALG_SET_DRBG_ENTROPY setsockopt option;
> 2. Add additional data input via sendmsg syscall.
>
> This allows DRBG to be tested with test vectors, for example for the
> purpose of CAVP testing, which otherwise isn't possible.
>
> To prevent erroneous use of entropy input, it is hidden under
> CRYPTO_USER_API_RNG_CAVP config option and requires CAP_SYS_ADMIN to
> succeed.
>
> Signed-off-by: Elena Petrova <lenaptr@google.com>
> Acked-by: Stephan Müller <smueller@chronox.de>
This doesn't compile for me. Can you rebase this onto the latest
"master" branch from
https://git.kernel.org/pub/scm/linux/kernel/git/herbert/cryptodev-2.6.git?
> +static void rng_reset_addtl(struct rng_ctx *ctx)
> {
> - struct sock *sk = sock->sk;
> - struct alg_sock *ask = alg_sk(sk);
> - struct rng_ctx *ctx = ask->private;
> - int err;
> + kzfree(ctx->addtl);
> + ctx->addtl = NULL;
> + ctx->addtl_len = 0;
> +}
kzfree() has been renamed to kfree_sensitive(); see commit 453431a54934
("mm, treewide: rename kzfree() to kfree_sensitive()").
So please use kfree_sensitive() rather than kzfree(), in all three places.
Note, kzfree() won't actually cause a compilation error since it's still
#define'd to kfree_sensitive(). But that #define probably will go away soon.
> +static int rng_test_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
> +{
> + int err;
> + struct alg_sock *ask = alg_sk(sock->sk);
> + struct rng_ctx *ctx = ask->private;
> +
> + lock_sock(sock->sk);
> + if (len > MAXSIZE)
> + len = MAXSIZE;
Since this function only supports providing the additional data all at once, not
incrementally, shouldn't it return an error code if the length is too long,
rather than truncate the length?
> + /*
> + * Non NULL pctx->entropy means that CAVP test has been initiated on
> + * this socket, replace proto_ops algif_rng_ops with algif_rng_test_ops.
> + */
> + if (pctx->entropy)
> + sk->sk_socket->ops = algif_rng_test_ops;
This means that providing additional data on a "request socket" via sendmsg will
only work if ALG_SET_DRBG_ENTROPY was used on the "algorithm socket" earlier.
If that's intentional, it needs to be mentioned in the documentation.
> static const struct af_alg_type algif_type_rng = {
> @@ -169,6 +319,9 @@ static const struct af_alg_type algif_type_rng = {
> .release = rng_release,
> .accept = rng_accept_parent,
> .setkey = rng_setkey,
> +#if IS_ENABLED(CONFIG_CRYPTO_USER_API_RNG_CAVP)
> + .setentropy = rng_setentropy,
> +#endif
Since CRYPTO_USER_API_RNG_CAVP is now a bool rather than a tristate, this should
use '#ifdef CONFIG_CRYPTO_USER_API_RNG_CAVP' instead of
'IS_ENABLED(CONFIG_CRYPTO_USER_API_RNG_CAVP)'.
- Eric
next prev parent reply other threads:[~2020-09-09 4:35 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-13 16:48 [PATCH 0/1] crypto: af_alg - add extra parameters for DRBG interface Elena Petrova
2020-07-13 16:48 ` [PATCH 1/1] " Elena Petrova
2020-07-13 17:10 ` Eric Biggers
2020-07-16 14:23 ` Elena Petrova
2020-07-16 16:40 ` [PATCH v2] " Elena Petrova
2020-07-20 17:35 ` Stephan Mueller
2020-07-21 12:55 ` Elena Petrova
2020-07-21 13:18 ` Stephan Mueller
2020-07-28 16:16 ` Elena Petrova
2020-07-20 17:42 ` Stephan Müller
2020-07-22 15:59 ` Eric Biggers
2020-07-28 15:51 ` [PATCH v3] " Elena Petrova
2020-07-28 17:36 ` Eric Biggers
2020-07-29 15:45 ` [PATCH v4] " Elena Petrova
2020-07-29 19:26 ` Stephan Müller
2020-07-31 7:23 ` Herbert Xu
2020-08-03 14:48 ` Elena Petrova
2020-08-03 15:10 ` Stephan Mueller
2020-08-03 15:30 ` Elena Petrova
2020-08-04 2:18 ` Herbert Xu
2020-07-13 17:25 ` [PATCH 1/1] " Eric Biggers
2020-07-31 7:26 ` Herbert Xu
2020-08-13 16:00 ` Elena Petrova
2020-08-13 16:01 ` [PATCH v4] " Elena Petrova
2020-08-13 16:04 ` Elena Petrova
2020-08-13 16:08 ` [PATCH v5] " Elena Petrova
2020-08-13 19:32 ` Eric Biggers
2020-08-21 4:24 ` Herbert Xu
2020-09-08 17:04 ` [PATCH v6] " Elena Petrova
2020-09-09 4:35 ` Eric Biggers [this message]
2020-09-09 18:29 ` [PATCH v7] " Elena Petrova
2020-09-09 21:00 ` Eric Biggers
2020-09-16 11:07 ` [PATCH v8] " Elena Petrova
2020-09-18 6:43 ` Herbert Xu
2020-09-18 15:42 ` [PATCH v9] " Elena Petrova
2020-09-25 8:16 ` Herbert Xu
2020-09-08 17:23 ` [PATCH v5] " Elena Petrova
2020-09-08 17:18 ` Elena Petrova
2020-07-14 5:17 ` [PATCH 0/1] " Stephan Mueller
2020-07-14 15:23 ` Elena Petrova
2020-07-14 15:34 ` Stephan Mueller
2020-07-16 14:41 ` Elena Petrova
2020-07-16 14:49 ` Stephan Mueller
2020-07-16 14:59 ` Stephan Mueller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200909043554.GA8311@sol.localdomain \
--to=ebiggers@kernel.org \
--cc=ardb@kernel.org \
--cc=jeffv@google.com \
--cc=lenaptr@google.com \
--cc=linux-crypto@vger.kernel.org \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox