* [PATCH RFC 040/104] crypto: fips140: convert crypto/cipher.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:51 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO --source crypto/cipher.c --header include/crypto/internal/cipher.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/cipher.c | 16 ++++++++--------
crypto/fips140-api.c | 14 ++++++++++++++
include/crypto/internal/cipher.h | 20 +++++++++++++-------
3 files changed, 35 insertions(+), 15 deletions(-)
diff --git a/crypto/cipher.c b/crypto/cipher.c
index 1fe62bf79656..7aeb577ac388 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -39,7 +39,7 @@ static int setkey_unaligned(struct crypto_cipher *tfm, const u8 *key,
}
-int crypto_cipher_setkey(struct crypto_cipher *tfm,
+int CRYPTO_API(crypto_cipher_setkey)(struct crypto_cipher *tfm,
const u8 *key, unsigned int keylen)
{
struct cipher_alg *cia = crypto_cipher_alg(tfm);
@@ -53,7 +53,7 @@ int crypto_cipher_setkey(struct crypto_cipher *tfm,
return cia->cia_setkey(crypto_cipher_tfm(tfm), key, keylen);
}
-EXPORT_SYMBOL_NS_GPL(crypto_cipher_setkey, "CRYPTO_INTERNAL");
+DEFINE_CRYPTO_API(crypto_cipher_setkey);
static inline void cipher_crypt_one(struct crypto_cipher *tfm,
u8 *dst, const u8 *src, bool enc)
@@ -76,21 +76,21 @@ static inline void cipher_crypt_one(struct crypto_cipher *tfm,
}
}
-void crypto_cipher_encrypt_one(struct crypto_cipher *tfm,
+void CRYPTO_API(crypto_cipher_encrypt_one)(struct crypto_cipher *tfm,
u8 *dst, const u8 *src)
{
cipher_crypt_one(tfm, dst, src, true);
}
-EXPORT_SYMBOL_NS_GPL(crypto_cipher_encrypt_one, "CRYPTO_INTERNAL");
+DEFINE_CRYPTO_API(crypto_cipher_encrypt_one);
-void crypto_cipher_decrypt_one(struct crypto_cipher *tfm,
+void CRYPTO_API(crypto_cipher_decrypt_one)(struct crypto_cipher *tfm,
u8 *dst, const u8 *src)
{
cipher_crypt_one(tfm, dst, src, false);
}
-EXPORT_SYMBOL_NS_GPL(crypto_cipher_decrypt_one, "CRYPTO_INTERNAL");
+DEFINE_CRYPTO_API(crypto_cipher_decrypt_one);
-struct crypto_cipher *crypto_clone_cipher(struct crypto_cipher *cipher)
+struct crypto_cipher *CRYPTO_API(crypto_clone_cipher)(struct crypto_cipher *cipher)
{
struct crypto_tfm *tfm = crypto_cipher_tfm(cipher);
struct crypto_alg *alg = tfm->__crt_alg;
@@ -116,4 +116,4 @@ struct crypto_cipher *crypto_clone_cipher(struct crypto_cipher *cipher)
return ncipher;
}
-EXPORT_SYMBOL_GPL(crypto_clone_cipher);
+DEFINE_CRYPTO_API(crypto_clone_cipher);
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index df1dfcd5cf22..c05fc645a5b6 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -313,3 +313,17 @@ DEFINE_CRYPTO_API_STUB(crypto_authenc_extractkeys);
#endif
+/*
+ * crypto/cipher.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO)
+
+#include <crypto/internal/cipher.h>
+
+DEFINE_CRYPTO_API_STUB(crypto_cipher_setkey);
+DEFINE_CRYPTO_API_STUB(crypto_cipher_encrypt_one);
+DEFINE_CRYPTO_API_STUB(crypto_cipher_decrypt_one);
+DEFINE_CRYPTO_API_STUB(crypto_clone_cipher);
+
+#endif
+
diff --git a/include/crypto/internal/cipher.h b/include/crypto/internal/cipher.h
index 5030f6d2df31..13c48b20879c 100644
--- a/include/crypto/internal/cipher.h
+++ b/include/crypto/internal/cipher.h
@@ -11,6 +11,7 @@
#ifndef _CRYPTO_INTERNAL_CIPHER_H
#define _CRYPTO_INTERNAL_CIPHER_H
+#include <crypto/api.h>
#include <crypto/algapi.h>
struct crypto_cipher {
@@ -149,8 +150,9 @@ static inline void crypto_cipher_clear_flags(struct crypto_cipher *tfm,
*
* Return: 0 if the setting of the key was successful; < 0 if an error occurred
*/
-int crypto_cipher_setkey(struct crypto_cipher *tfm,
- const u8 *key, unsigned int keylen);
+DECLARE_CRYPTO_API(crypto_cipher_setkey, int,
+ (struct crypto_cipher *tfm, const u8 *key, unsigned int keylen),
+ (tfm, key, keylen));
/**
* crypto_cipher_encrypt_one() - encrypt one block of plaintext
@@ -161,8 +163,9 @@ int crypto_cipher_setkey(struct crypto_cipher *tfm,
* Invoke the encryption operation of one block. The caller must ensure that
* the plaintext and ciphertext buffers are at least one block in size.
*/
-void crypto_cipher_encrypt_one(struct crypto_cipher *tfm,
- u8 *dst, const u8 *src);
+DECLARE_CRYPTO_API(crypto_cipher_encrypt_one, void,
+ (struct crypto_cipher *tfm, u8 *dst, const u8 *src),
+ (tfm, dst, src));
/**
* crypto_cipher_decrypt_one() - decrypt one block of ciphertext
@@ -173,10 +176,13 @@ void crypto_cipher_encrypt_one(struct crypto_cipher *tfm,
* Invoke the decryption operation of one block. The caller must ensure that
* the plaintext and ciphertext buffers are at least one block in size.
*/
-void crypto_cipher_decrypt_one(struct crypto_cipher *tfm,
- u8 *dst, const u8 *src);
+DECLARE_CRYPTO_API(crypto_cipher_decrypt_one, void,
+ (struct crypto_cipher *tfm, u8 *dst, const u8 *src),
+ (tfm, dst, src));
-struct crypto_cipher *crypto_clone_cipher(struct crypto_cipher *cipher);
+DECLARE_CRYPTO_API(crypto_clone_cipher, struct crypto_cipher *,
+ (struct crypto_cipher *cipher),
+ (cipher));
struct crypto_cipher_spawn {
struct crypto_spawn base;
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 039/104] crypto: fips140: convert crypto/ccm.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:51 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_CCM --source crypto/ccm.c
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/ccm.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/ccm.c b/crypto/ccm.c
index 2ae929ffdef8..e76946e05b5e 100644
--- a/crypto/ccm.c
+++ b/crypto/ccm.c
@@ -929,8 +929,8 @@ static void __exit crypto_ccm_module_exit(void)
ARRAY_SIZE(crypto_ccm_tmpls));
}
-module_init(crypto_ccm_module_init);
-module_exit(crypto_ccm_module_exit);
+crypto_module_init(crypto_ccm_module_init);
+crypto_module_exit(crypto_ccm_module_exit);
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Counter with CBC MAC");
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 038/104] crypto: fips140: convert crypto/cbc.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:51 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_CBC --source crypto/cbc.c
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/cbc.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/cbc.c b/crypto/cbc.c
index ed3df6246765..03ee7008ab12 100644
--- a/crypto/cbc.c
+++ b/crypto/cbc.c
@@ -179,8 +179,8 @@ static void __exit crypto_cbc_module_exit(void)
crypto_unregister_template(&crypto_cbc_tmpl);
}
-module_init(crypto_cbc_module_init);
-module_exit(crypto_cbc_module_exit);
+crypto_module_init(crypto_cbc_module_init);
+crypto_module_exit(crypto_cbc_module_exit);
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("CBC block cipher mode of operation");
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 037/104] crypto: fips140: convert crypto/authencesn.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:51 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_AUTHENC --source crypto/authencesn.c
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/authencesn.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/authencesn.c b/crypto/authencesn.c
index d1bf0fda3f2e..caed4eaec6a6 100644
--- a/crypto/authencesn.c
+++ b/crypto/authencesn.c
@@ -433,8 +433,8 @@ static void __exit crypto_authenc_esn_module_exit(void)
crypto_unregister_template(&crypto_authenc_esn_tmpl);
}
-module_init(crypto_authenc_esn_module_init);
-module_exit(crypto_authenc_esn_module_exit);
+crypto_module_init(crypto_authenc_esn_module_init);
+crypto_module_exit(crypto_authenc_esn_module_exit);
MODULE_LICENSE("GPL");
MODULE_AUTHOR("Steffen Klassert <steffen.klassert@secunet.com>");
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 036/104] crypto: fips140: convert crypto/authenc.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:51 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_AUTHENC --source crypto/authenc.c --header include/crypto/authenc.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/authenc.c | 8 ++++----
crypto/fips140-api.c | 11 +++++++++++
include/crypto/authenc.h | 6 ++++--
3 files changed, 19 insertions(+), 6 deletions(-)
diff --git a/crypto/authenc.c b/crypto/authenc.c
index a723769c8777..4fcb42a66e80 100644
--- a/crypto/authenc.c
+++ b/crypto/authenc.c
@@ -41,7 +41,7 @@ static void authenc_request_complete(struct aead_request *req, int err)
aead_request_complete(req, err);
}
-int crypto_authenc_extractkeys(struct crypto_authenc_keys *keys, const u8 *key,
+int CRYPTO_API(crypto_authenc_extractkeys)(struct crypto_authenc_keys *keys, const u8 *key,
unsigned int keylen)
{
struct rtattr *rta = (struct rtattr *)key;
@@ -77,7 +77,7 @@ int crypto_authenc_extractkeys(struct crypto_authenc_keys *keys, const u8 *key,
return 0;
}
-EXPORT_SYMBOL_GPL(crypto_authenc_extractkeys);
+DEFINE_CRYPTO_API(crypto_authenc_extractkeys);
static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key,
unsigned int keylen)
@@ -421,8 +421,8 @@ static void __exit crypto_authenc_module_exit(void)
crypto_unregister_template(&crypto_authenc_tmpl);
}
-module_init(crypto_authenc_module_init);
-module_exit(crypto_authenc_module_exit);
+crypto_module_init(crypto_authenc_module_init);
+crypto_module_exit(crypto_authenc_module_exit);
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Simple AEAD wrapper for IPsec");
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index f5cf473f1f25..df1dfcd5cf22 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -302,3 +302,14 @@ DEFINE_CRYPTO_API_STUB(crypto_destroy_alg);
#endif
+/*
+ * crypto/authenc.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_AUTHENC)
+
+#include <crypto/authenc.h>
+
+DEFINE_CRYPTO_API_STUB(crypto_authenc_extractkeys);
+
+#endif
+
diff --git a/include/crypto/authenc.h b/include/crypto/authenc.h
index 15a9caa2354a..2f01a570e899 100644
--- a/include/crypto/authenc.h
+++ b/include/crypto/authenc.h
@@ -7,6 +7,7 @@
#ifndef _CRYPTO_AUTHENC_H
#define _CRYPTO_AUTHENC_H
+#include <crypto/api.h>
#include <linux/types.h>
enum {
@@ -26,8 +27,9 @@ struct crypto_authenc_keys {
unsigned int enckeylen;
};
-int crypto_authenc_extractkeys(struct crypto_authenc_keys *keys, const u8 *key,
- unsigned int keylen);
+DECLARE_CRYPTO_API(crypto_authenc_extractkeys, int,
+ (struct crypto_authenc_keys *keys, const u8 *key, unsigned int keylen),
+ (keys, key, keylen));
int crypto_krb5enc_extractkeys(struct crypto_authenc_keys *keys, const u8 *key,
unsigned int keylen);
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 035/104] crypto: fips140: convert crypto/api.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:51 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO --source crypto/api.c --header include/linux/crypto.h include/crypto/algapi.h crypto/internal.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/api.c | 76 ++++++++++++++++++++---------------------
crypto/fips140-api.c | 35 +++++++++++++++++++
crypto/internal.h | 62 +++++++++++++++++++++------------
include/crypto/algapi.h | 4 ++-
include/linux/crypto.h | 23 +++++++++----
5 files changed, 133 insertions(+), 67 deletions(-)
diff --git a/crypto/api.c b/crypto/api.c
index 5724d62e9d07..7ddc99599590 100644
--- a/crypto/api.c
+++ b/crypto/api.c
@@ -40,20 +40,20 @@ static struct crypto_alg *crypto_larval_wait(struct crypto_alg *alg,
static struct crypto_alg *crypto_alg_lookup(const char *name, u32 type,
u32 mask);
-struct crypto_alg *crypto_mod_get(struct crypto_alg *alg)
+struct crypto_alg *CRYPTO_API(crypto_mod_get)(struct crypto_alg *alg)
{
return try_module_get(alg->cra_module) ? crypto_alg_get(alg) : NULL;
}
-EXPORT_SYMBOL_GPL(crypto_mod_get);
+DEFINE_CRYPTO_API(crypto_mod_get);
-void crypto_mod_put(struct crypto_alg *alg)
+void CRYPTO_API(crypto_mod_put)(struct crypto_alg *alg)
{
struct module *module = alg->cra_module;
crypto_alg_put(alg);
module_put(module);
}
-EXPORT_SYMBOL_GPL(crypto_mod_put);
+DEFINE_CRYPTO_API(crypto_mod_put);
static struct crypto_alg *__crypto_alg_lookup(const char *name, u32 type,
u32 mask)
@@ -100,7 +100,7 @@ static void crypto_larval_destroy(struct crypto_alg *alg)
kfree(larval);
}
-struct crypto_larval *crypto_larval_alloc(const char *name, u32 type, u32 mask)
+struct crypto_larval *CRYPTO_API(crypto_larval_alloc)(const char *name, u32 type, u32 mask)
{
struct crypto_larval *larval;
@@ -120,7 +120,7 @@ struct crypto_larval *crypto_larval_alloc(const char *name, u32 type, u32 mask)
return larval;
}
-EXPORT_SYMBOL_GPL(crypto_larval_alloc);
+DEFINE_CRYPTO_API(crypto_larval_alloc);
static struct crypto_alg *crypto_larval_add(const char *name, u32 type,
u32 mask)
@@ -168,14 +168,14 @@ static void crypto_larval_kill(struct crypto_larval *larval)
crypto_alg_put(&larval->alg);
}
-void crypto_schedule_test(struct crypto_larval *larval)
+void CRYPTO_API(crypto_schedule_test)(struct crypto_larval *larval)
{
int err;
err = crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER, larval->adult);
WARN_ON_ONCE(err != NOTIFY_STOP);
}
-EXPORT_SYMBOL_GPL(crypto_schedule_test);
+DEFINE_CRYPTO_API(crypto_schedule_test);
static void crypto_start_test(struct crypto_larval *larval)
{
@@ -320,7 +320,7 @@ static struct crypto_alg *crypto_larval_lookup(const char *name, u32 type,
return alg;
}
-int crypto_probing_notify(unsigned long val, void *v)
+int CRYPTO_API(crypto_probing_notify)(unsigned long val, void *v)
{
int ok;
@@ -332,9 +332,9 @@ int crypto_probing_notify(unsigned long val, void *v)
return ok;
}
-EXPORT_SYMBOL_GPL(crypto_probing_notify);
+DEFINE_CRYPTO_API(crypto_probing_notify);
-struct crypto_alg *crypto_alg_mod_lookup(const char *name, u32 type, u32 mask)
+struct crypto_alg *CRYPTO_API(crypto_alg_mod_lookup)(const char *name, u32 type, u32 mask)
{
struct crypto_alg *alg;
struct crypto_alg *larval;
@@ -365,7 +365,7 @@ struct crypto_alg *crypto_alg_mod_lookup(const char *name, u32 type, u32 mask)
crypto_larval_kill(container_of(larval, struct crypto_larval, alg));
return alg;
}
-EXPORT_SYMBOL_GPL(crypto_alg_mod_lookup);
+DEFINE_CRYPTO_API(crypto_alg_mod_lookup);
static void crypto_exit_ops(struct crypto_tfm *tfm)
{
@@ -396,15 +396,15 @@ static unsigned int crypto_ctxsize(struct crypto_alg *alg, u32 type, u32 mask)
return len;
}
-void crypto_shoot_alg(struct crypto_alg *alg)
+void CRYPTO_API(crypto_shoot_alg)(struct crypto_alg *alg)
{
down_write(&crypto_alg_sem);
alg->cra_flags |= CRYPTO_ALG_DYING;
up_write(&crypto_alg_sem);
}
-EXPORT_SYMBOL_GPL(crypto_shoot_alg);
+DEFINE_CRYPTO_API(crypto_shoot_alg);
-struct crypto_tfm *__crypto_alloc_tfmgfp(struct crypto_alg *alg, u32 type,
+struct crypto_tfm *CRYPTO_API(__crypto_alloc_tfmgfp)(struct crypto_alg *alg, u32 type,
u32 mask, gfp_t gfp)
{
struct crypto_tfm *tfm;
@@ -434,14 +434,14 @@ struct crypto_tfm *__crypto_alloc_tfmgfp(struct crypto_alg *alg, u32 type,
out:
return tfm;
}
-EXPORT_SYMBOL_GPL(__crypto_alloc_tfmgfp);
+DEFINE_CRYPTO_API(__crypto_alloc_tfmgfp);
-struct crypto_tfm *__crypto_alloc_tfm(struct crypto_alg *alg, u32 type,
+struct crypto_tfm *CRYPTO_API(__crypto_alloc_tfm)(struct crypto_alg *alg, u32 type,
u32 mask)
{
return __crypto_alloc_tfmgfp(alg, type, mask, GFP_KERNEL);
}
-EXPORT_SYMBOL_GPL(__crypto_alloc_tfm);
+DEFINE_CRYPTO_API(__crypto_alloc_tfm);
/*
* crypto_alloc_base - Locate algorithm and allocate transform
@@ -465,7 +465,7 @@ EXPORT_SYMBOL_GPL(__crypto_alloc_tfm);
*
* In case of error the return value is an error pointer.
*/
-struct crypto_tfm *crypto_alloc_base(const char *alg_name, u32 type, u32 mask)
+struct crypto_tfm *CRYPTO_API(crypto_alloc_base)(const char *alg_name, u32 type, u32 mask)
{
struct crypto_tfm *tfm;
int err;
@@ -497,7 +497,7 @@ struct crypto_tfm *crypto_alloc_base(const char *alg_name, u32 type, u32 mask)
return ERR_PTR(err);
}
-EXPORT_SYMBOL_GPL(crypto_alloc_base);
+DEFINE_CRYPTO_API(crypto_alloc_base);
static void *crypto_alloc_tfmmem(struct crypto_alg *alg,
const struct crypto_type *frontend, int node,
@@ -523,7 +523,7 @@ static void *crypto_alloc_tfmmem(struct crypto_alg *alg,
return mem;
}
-void *crypto_create_tfm_node(struct crypto_alg *alg,
+void *CRYPTO_API(crypto_create_tfm_node)(struct crypto_alg *alg,
const struct crypto_type *frontend,
int node)
{
@@ -557,9 +557,9 @@ void *crypto_create_tfm_node(struct crypto_alg *alg,
out:
return mem;
}
-EXPORT_SYMBOL_GPL(crypto_create_tfm_node);
+DEFINE_CRYPTO_API(crypto_create_tfm_node);
-void *crypto_clone_tfm(const struct crypto_type *frontend,
+void *CRYPTO_API(crypto_clone_tfm)(const struct crypto_type *frontend,
struct crypto_tfm *otfm)
{
struct crypto_alg *alg = otfm->__crt_alg;
@@ -583,9 +583,9 @@ void *crypto_clone_tfm(const struct crypto_type *frontend,
out:
return mem;
}
-EXPORT_SYMBOL_GPL(crypto_clone_tfm);
+DEFINE_CRYPTO_API(crypto_clone_tfm);
-struct crypto_alg *crypto_find_alg(const char *alg_name,
+struct crypto_alg *CRYPTO_API(crypto_find_alg)(const char *alg_name,
const struct crypto_type *frontend,
u32 type, u32 mask)
{
@@ -598,7 +598,7 @@ struct crypto_alg *crypto_find_alg(const char *alg_name,
return crypto_alg_mod_lookup(alg_name, type, mask);
}
-EXPORT_SYMBOL_GPL(crypto_find_alg);
+DEFINE_CRYPTO_API(crypto_find_alg);
/*
* crypto_alloc_tfm_node - Locate algorithm and allocate transform
@@ -623,7 +623,7 @@ EXPORT_SYMBOL_GPL(crypto_find_alg);
* In case of error the return value is an error pointer.
*/
-void *crypto_alloc_tfm_node(const char *alg_name,
+void *CRYPTO_API(crypto_alloc_tfm_node)(const char *alg_name,
const struct crypto_type *frontend, u32 type, u32 mask,
int node)
{
@@ -657,7 +657,7 @@ void *crypto_alloc_tfm_node(const char *alg_name,
return ERR_PTR(err);
}
-EXPORT_SYMBOL_GPL(crypto_alloc_tfm_node);
+DEFINE_CRYPTO_API(crypto_alloc_tfm_node);
/*
* crypto_destroy_tfm - Free crypto transform
@@ -667,7 +667,7 @@ EXPORT_SYMBOL_GPL(crypto_alloc_tfm_node);
* This function frees up the transform and any associated resources,
* then drops the refcount on the associated algorithm.
*/
-void crypto_destroy_tfm(void *mem, struct crypto_tfm *tfm)
+void CRYPTO_API(crypto_destroy_tfm)(void *mem, struct crypto_tfm *tfm)
{
struct crypto_alg *alg;
@@ -684,9 +684,9 @@ void crypto_destroy_tfm(void *mem, struct crypto_tfm *tfm)
crypto_mod_put(alg);
kfree_sensitive(mem);
}
-EXPORT_SYMBOL_GPL(crypto_destroy_tfm);
+DEFINE_CRYPTO_API(crypto_destroy_tfm);
-int crypto_has_alg(const char *name, u32 type, u32 mask)
+int CRYPTO_API(crypto_has_alg)(const char *name, u32 type, u32 mask)
{
int ret = 0;
struct crypto_alg *alg = crypto_alg_mod_lookup(name, type, mask);
@@ -698,9 +698,9 @@ int crypto_has_alg(const char *name, u32 type, u32 mask)
return ret;
}
-EXPORT_SYMBOL_GPL(crypto_has_alg);
+DEFINE_CRYPTO_API(crypto_has_alg);
-void crypto_req_done(void *data, int err)
+void CRYPTO_API(crypto_req_done)(void *data, int err)
{
struct crypto_wait *wait = data;
@@ -710,18 +710,18 @@ void crypto_req_done(void *data, int err)
wait->err = err;
complete(&wait->completion);
}
-EXPORT_SYMBOL_GPL(crypto_req_done);
+DEFINE_CRYPTO_API(crypto_req_done);
-void crypto_destroy_alg(struct crypto_alg *alg)
+void CRYPTO_API(crypto_destroy_alg)(struct crypto_alg *alg)
{
if (alg->cra_type && alg->cra_type->destroy)
alg->cra_type->destroy(alg);
if (alg->cra_destroy)
alg->cra_destroy(alg);
}
-EXPORT_SYMBOL_GPL(crypto_destroy_alg);
+DEFINE_CRYPTO_API(crypto_destroy_alg);
-struct crypto_async_request *crypto_request_clone(
+struct crypto_async_request *CRYPTO_API(crypto_request_clone)(
struct crypto_async_request *req, size_t total, gfp_t gfp)
{
struct crypto_tfm *tfm = req->tfm;
@@ -736,7 +736,7 @@ struct crypto_async_request *crypto_request_clone(
nreq->flags &= ~CRYPTO_TFM_REQ_ON_STACK;
return nreq;
}
-EXPORT_SYMBOL_GPL(crypto_request_clone);
+DEFINE_CRYPTO_API(crypto_request_clone);
MODULE_DESCRIPTION("Cryptographic core API");
MODULE_LICENSE("GPL");
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 1c7907b5e1dc..f5cf473f1f25 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -267,3 +267,38 @@ DEFINE_CRYPTO_API_STUB(crypto_type_has_alg);
#endif
+/*
+ * crypto/api.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO)
+
+#include <linux/crypto.h>
+
+DEFINE_CRYPTO_API_STUB(crypto_req_done);
+DEFINE_CRYPTO_API_STUB(crypto_has_alg);
+DEFINE_CRYPTO_API_STUB(crypto_alloc_base);
+DEFINE_CRYPTO_API_STUB(crypto_destroy_tfm);
+DEFINE_CRYPTO_API_STUB(crypto_request_clone);
+
+#include <crypto/algapi.h>
+
+DEFINE_CRYPTO_API_STUB(crypto_mod_put);
+
+#include <crypto/internal.h>
+
+DEFINE_CRYPTO_API_STUB(crypto_mod_get);
+DEFINE_CRYPTO_API_STUB(crypto_alg_mod_lookup);
+DEFINE_CRYPTO_API_STUB(crypto_larval_alloc);
+DEFINE_CRYPTO_API_STUB(crypto_schedule_test);
+DEFINE_CRYPTO_API_STUB(crypto_shoot_alg);
+DEFINE_CRYPTO_API_STUB(__crypto_alloc_tfmgfp);
+DEFINE_CRYPTO_API_STUB(__crypto_alloc_tfm);
+DEFINE_CRYPTO_API_STUB(crypto_create_tfm_node);
+DEFINE_CRYPTO_API_STUB(crypto_clone_tfm);
+DEFINE_CRYPTO_API_STUB(crypto_find_alg);
+DEFINE_CRYPTO_API_STUB(crypto_alloc_tfm_node);
+DEFINE_CRYPTO_API_STUB(crypto_probing_notify);
+DEFINE_CRYPTO_API_STUB(crypto_destroy_alg);
+
+#endif
+
diff --git a/crypto/internal.h b/crypto/internal.h
index d823931fd0e2..700280457bf6 100644
--- a/crypto/internal.h
+++ b/crypto/internal.h
@@ -110,11 +110,19 @@ static inline unsigned int crypto_compress_ctxsize(struct crypto_alg *alg)
return alg->cra_ctxsize;
}
-struct crypto_alg *crypto_mod_get(struct crypto_alg *alg);
-struct crypto_alg *crypto_alg_mod_lookup(const char *name, u32 type, u32 mask);
-
-struct crypto_larval *crypto_larval_alloc(const char *name, u32 type, u32 mask);
-void crypto_schedule_test(struct crypto_larval *larval);
+DECLARE_CRYPTO_API(crypto_mod_get, struct crypto_alg *,
+ (struct crypto_alg *alg),
+ (alg));
+DECLARE_CRYPTO_API(crypto_alg_mod_lookup, struct crypto_alg *,
+ (const char *name, u32 type, u32 mask),
+ (name, type, mask));
+
+DECLARE_CRYPTO_API(crypto_larval_alloc, struct crypto_larval *,
+ (const char *name, u32 type, u32 mask),
+ (name, type, mask));
+DECLARE_CRYPTO_API(crypto_schedule_test, void,
+ (struct crypto_larval *larval),
+ (larval));
DECLARE_CRYPTO_API(crypto_alg_tested, void,
(struct crypto_alg *alg, int err),
(alg, err));
@@ -125,15 +133,21 @@ DECLARE_CRYPTO_API(crypto_remove_spawns, void,
DECLARE_CRYPTO_API(crypto_remove_final, void,
(struct list_head *list),
(list));
-void crypto_shoot_alg(struct crypto_alg *alg);
-struct crypto_tfm *__crypto_alloc_tfmgfp(struct crypto_alg *alg, u32 type,
- u32 mask, gfp_t gfp);
-struct crypto_tfm *__crypto_alloc_tfm(struct crypto_alg *alg, u32 type,
- u32 mask);
-void *crypto_create_tfm_node(struct crypto_alg *alg,
- const struct crypto_type *frontend, int node);
-void *crypto_clone_tfm(const struct crypto_type *frontend,
- struct crypto_tfm *otfm);
+DECLARE_CRYPTO_API(crypto_shoot_alg, void,
+ (struct crypto_alg *alg),
+ (alg));
+DECLARE_CRYPTO_API(__crypto_alloc_tfmgfp, struct crypto_tfm *,
+ (struct crypto_alg *alg, u32 type, u32 mask, gfp_t gfp),
+ (alg, type, mask, gfp));
+DECLARE_CRYPTO_API(__crypto_alloc_tfm, struct crypto_tfm *,
+ (struct crypto_alg *alg, u32 type, u32 mask),
+ (alg, type, mask));
+DECLARE_CRYPTO_API(crypto_create_tfm_node, void *,
+ (struct crypto_alg *alg, const struct crypto_type *frontend, int node),
+ (alg, frontend, node));
+DECLARE_CRYPTO_API(crypto_clone_tfm, void *,
+ (const struct crypto_type *frontend, struct crypto_tfm *otfm),
+ (frontend, otfm));
static inline void *crypto_create_tfm(struct crypto_alg *alg,
const struct crypto_type *frontend)
@@ -141,13 +155,13 @@ static inline void *crypto_create_tfm(struct crypto_alg *alg,
return crypto_create_tfm_node(alg, frontend, NUMA_NO_NODE);
}
-struct crypto_alg *crypto_find_alg(const char *alg_name,
- const struct crypto_type *frontend,
- u32 type, u32 mask);
+DECLARE_CRYPTO_API(crypto_find_alg, struct crypto_alg *,
+ (const char *alg_name, const struct crypto_type *frontend, u32 type, u32 mask),
+ (alg_name, frontend, type, mask));
-void *crypto_alloc_tfm_node(const char *alg_name,
- const struct crypto_type *frontend, u32 type, u32 mask,
- int node);
+DECLARE_CRYPTO_API(crypto_alloc_tfm_node, void *,
+ (const char *alg_name, const struct crypto_type *frontend, u32 type, u32 mask, int node),
+ (alg_name, frontend, type, mask, node));
static inline void *crypto_alloc_tfm(const char *alg_name,
const struct crypto_type *frontend, u32 type, u32 mask)
@@ -155,7 +169,9 @@ static inline void *crypto_alloc_tfm(const char *alg_name,
return crypto_alloc_tfm_node(alg_name, frontend, type, mask, NUMA_NO_NODE);
}
-int crypto_probing_notify(unsigned long val, void *v);
+DECLARE_CRYPTO_API(crypto_probing_notify, int,
+ (unsigned long val, void *v),
+ (val, v));
DECLARE_CRYPTO_API(crypto_alg_extsize, unsigned int,
(struct crypto_alg *alg),
@@ -171,7 +187,9 @@ static inline struct crypto_alg *crypto_alg_get(struct crypto_alg *alg)
return alg;
}
-void crypto_destroy_alg(struct crypto_alg *alg);
+DECLARE_CRYPTO_API(crypto_destroy_alg, void,
+ (struct crypto_alg *alg),
+ (alg));
static inline void crypto_alg_put(struct crypto_alg *alg)
{
diff --git a/include/crypto/algapi.h b/include/crypto/algapi.h
index 9d7505b7f029..9844f3b0cb0a 100644
--- a/include/crypto/algapi.h
+++ b/include/crypto/algapi.h
@@ -133,7 +133,9 @@ DECLARE_CRYPTO_API(crypto_unregister_algs, void,
(struct crypto_alg *algs, int count),
(algs, count));
-void crypto_mod_put(struct crypto_alg *alg);
+DECLARE_CRYPTO_API(crypto_mod_put, void,
+ (struct crypto_alg *alg),
+ (alg));
DECLARE_CRYPTO_API(crypto_register_template, int,
(struct crypto_template *tmpl),
diff --git a/include/linux/crypto.h b/include/linux/crypto.h
index 737e53a642d4..e4b356a3b27d 100644
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -12,6 +12,7 @@
#ifndef _LINUX_CRYPTO_H
#define _LINUX_CRYPTO_H
+#include <crypto/api.h>
#include <linux/completion.h>
#include <linux/errno.h>
#include <linux/refcount_types.h>
@@ -384,7 +385,9 @@ struct crypto_wait {
/*
* Async ops completion helper functioons
*/
-void crypto_req_done(void *req, int err);
+DECLARE_CRYPTO_API(crypto_req_done, void,
+ (void *req, int err),
+ (req, err));
static inline int crypto_wait_req(int err, struct crypto_wait *wait)
{
@@ -408,7 +411,9 @@ static inline void crypto_init_wait(struct crypto_wait *wait)
/*
* Algorithm query interface.
*/
-int crypto_has_alg(const char *name, u32 type, u32 mask);
+DECLARE_CRYPTO_API(crypto_has_alg, int,
+ (const char *name, u32 type, u32 mask),
+ (name, type, mask));
/*
* Transforms: user-instantiated objects which encapsulate algorithms
@@ -436,8 +441,12 @@ struct crypto_tfm {
* Transform user interface.
*/
-struct crypto_tfm *crypto_alloc_base(const char *alg_name, u32 type, u32 mask);
-void crypto_destroy_tfm(void *mem, struct crypto_tfm *tfm);
+DECLARE_CRYPTO_API(crypto_alloc_base, struct crypto_tfm *,
+ (const char *alg_name, u32 type, u32 mask),
+ (alg_name, type, mask));
+DECLARE_CRYPTO_API(crypto_destroy_tfm, void,
+ (void *mem, struct crypto_tfm *tfm),
+ (mem, tfm));
static inline void crypto_free_tfm(struct crypto_tfm *tfm)
{
@@ -522,8 +531,10 @@ static inline void crypto_request_set_tfm(struct crypto_async_request *req,
req->flags &= ~CRYPTO_TFM_REQ_ON_STACK;
}
-struct crypto_async_request *crypto_request_clone(
- struct crypto_async_request *req, size_t total, gfp_t gfp);
+DECLARE_CRYPTO_API(crypto_request_clone, struct crypto_async_request *,
+ (
+ struct crypto_async_request *req, size_t total, gfp_t gfp),
+ (req, total, gfp));
static inline void crypto_stack_request_init(struct crypto_async_request *req,
struct crypto_tfm *tfm)
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 034/104] crypto: fips140: convert crypto/algboss.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:51 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_MANAGER2 --source crypto/algboss.c
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/algboss.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/algboss.c b/crypto/algboss.c
index 2599c54a49ff..9d540ab27e9e 100644
--- a/crypto/algboss.c
+++ b/crypto/algboss.c
@@ -235,8 +235,8 @@ static void __exit cryptomgr_exit(void)
BUG_ON(err);
}
-module_init(cryptomgr_init);
-module_exit(cryptomgr_exit);
+crypto_module_init(cryptomgr_init);
+crypto_module_exit(cryptomgr_exit);
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Crypto Algorithm Manager");
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 032/104] crypto: fips140: convert crypto/akcipher.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:51 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_AKCIPHER2 --source crypto/akcipher.c --header include/crypto/akcipher.h include/crypto/internal/akcipher.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/akcipher.c | 28 ++++++++++++++--------------
crypto/fips140-api.c | 20 ++++++++++++++++++++
include/crypto/akcipher.h | 18 ++++++++++--------
include/crypto/internal/akcipher.h | 21 ++++++++++++++-------
4 files changed, 58 insertions(+), 29 deletions(-)
diff --git a/crypto/akcipher.c b/crypto/akcipher.c
index a36f50c83827..1cfc6c7bfbae 100644
--- a/crypto/akcipher.c
+++ b/crypto/akcipher.c
@@ -100,21 +100,21 @@ static const struct crypto_type crypto_akcipher_type = {
.algsize = offsetof(struct akcipher_alg, base),
};
-int crypto_grab_akcipher(struct crypto_akcipher_spawn *spawn,
+int CRYPTO_API(crypto_grab_akcipher)(struct crypto_akcipher_spawn *spawn,
struct crypto_instance *inst,
const char *name, u32 type, u32 mask)
{
spawn->base.frontend = &crypto_akcipher_type;
return crypto_grab_spawn(&spawn->base, inst, name, type, mask);
}
-EXPORT_SYMBOL_GPL(crypto_grab_akcipher);
+DEFINE_CRYPTO_API(crypto_grab_akcipher);
-struct crypto_akcipher *crypto_alloc_akcipher(const char *alg_name, u32 type,
+struct crypto_akcipher *CRYPTO_API(crypto_alloc_akcipher)(const char *alg_name, u32 type,
u32 mask)
{
return crypto_alloc_tfm(alg_name, &crypto_akcipher_type, type, mask);
}
-EXPORT_SYMBOL_GPL(crypto_alloc_akcipher);
+DEFINE_CRYPTO_API(crypto_alloc_akcipher);
static void akcipher_prepare_alg(struct akcipher_alg *alg)
{
@@ -136,7 +136,7 @@ static int akcipher_default_set_key(struct crypto_akcipher *tfm,
return -ENOSYS;
}
-int crypto_register_akcipher(struct akcipher_alg *alg)
+int CRYPTO_API(crypto_register_akcipher)(struct akcipher_alg *alg)
{
struct crypto_alg *base = &alg->base;
@@ -150,15 +150,15 @@ int crypto_register_akcipher(struct akcipher_alg *alg)
akcipher_prepare_alg(alg);
return crypto_register_alg(base);
}
-EXPORT_SYMBOL_GPL(crypto_register_akcipher);
+DEFINE_CRYPTO_API(crypto_register_akcipher);
-void crypto_unregister_akcipher(struct akcipher_alg *alg)
+void CRYPTO_API(crypto_unregister_akcipher)(struct akcipher_alg *alg)
{
crypto_unregister_alg(&alg->base);
}
-EXPORT_SYMBOL_GPL(crypto_unregister_akcipher);
+DEFINE_CRYPTO_API(crypto_unregister_akcipher);
-int akcipher_register_instance(struct crypto_template *tmpl,
+int CRYPTO_API(akcipher_register_instance)(struct crypto_template *tmpl,
struct akcipher_instance *inst)
{
if (WARN_ON(!inst->free))
@@ -166,7 +166,7 @@ int akcipher_register_instance(struct crypto_template *tmpl,
akcipher_prepare_alg(&inst->alg);
return crypto_register_instance(tmpl, akcipher_crypto_instance(inst));
}
-EXPORT_SYMBOL_GPL(akcipher_register_instance);
+DEFINE_CRYPTO_API(akcipher_register_instance);
static int crypto_akcipher_sync_prep(struct crypto_akcipher_sync_data *data)
{
@@ -215,7 +215,7 @@ static int crypto_akcipher_sync_post(struct crypto_akcipher_sync_data *data,
return err;
}
-int crypto_akcipher_sync_encrypt(struct crypto_akcipher *tfm,
+int CRYPTO_API(crypto_akcipher_sync_encrypt)(struct crypto_akcipher *tfm,
const void *src, unsigned int slen,
void *dst, unsigned int dlen)
{
@@ -231,9 +231,9 @@ int crypto_akcipher_sync_encrypt(struct crypto_akcipher *tfm,
crypto_akcipher_sync_post(&data,
crypto_akcipher_encrypt(data.req));
}
-EXPORT_SYMBOL_GPL(crypto_akcipher_sync_encrypt);
+DEFINE_CRYPTO_API(crypto_akcipher_sync_encrypt);
-int crypto_akcipher_sync_decrypt(struct crypto_akcipher *tfm,
+int CRYPTO_API(crypto_akcipher_sync_decrypt)(struct crypto_akcipher *tfm,
const void *src, unsigned int slen,
void *dst, unsigned int dlen)
{
@@ -250,7 +250,7 @@ int crypto_akcipher_sync_decrypt(struct crypto_akcipher *tfm,
crypto_akcipher_decrypt(data.req)) ?:
data.dlen;
}
-EXPORT_SYMBOL_GPL(crypto_akcipher_sync_decrypt);
+DEFINE_CRYPTO_API(crypto_akcipher_sync_decrypt);
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Generic public key cipher type");
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 530195c057eb..3c3445523803 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -203,3 +203,23 @@ DEFINE_CRYPTO_API_STUB(crypto_hash_digest);
#endif
+/*
+ * crypto/akcipher.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_AKCIPHER2)
+
+#include <crypto/akcipher.h>
+
+DEFINE_CRYPTO_API_STUB(crypto_alloc_akcipher);
+DEFINE_CRYPTO_API_STUB(crypto_akcipher_sync_encrypt);
+DEFINE_CRYPTO_API_STUB(crypto_akcipher_sync_decrypt);
+
+#include <crypto/internal/akcipher.h>
+
+DEFINE_CRYPTO_API_STUB(crypto_grab_akcipher);
+DEFINE_CRYPTO_API_STUB(crypto_register_akcipher);
+DEFINE_CRYPTO_API_STUB(crypto_unregister_akcipher);
+DEFINE_CRYPTO_API_STUB(akcipher_register_instance);
+
+#endif
+
diff --git a/include/crypto/akcipher.h b/include/crypto/akcipher.h
index cdf7da74bf2f..d6ae05da0811 100644
--- a/include/crypto/akcipher.h
+++ b/include/crypto/akcipher.h
@@ -8,6 +8,7 @@
#ifndef _CRYPTO_AKCIPHER_H
#define _CRYPTO_AKCIPHER_H
+#include <crypto/api.h>
#include <linux/atomic.h>
#include <linux/crypto.h>
@@ -116,8 +117,9 @@ struct akcipher_alg {
* Return: allocated handle in case of success; IS_ERR() is true in case
* of an error, PTR_ERR() returns the error code.
*/
-struct crypto_akcipher *crypto_alloc_akcipher(const char *alg_name, u32 type,
- u32 mask);
+DECLARE_CRYPTO_API(crypto_alloc_akcipher, struct crypto_akcipher *,
+ (const char *alg_name, u32 type, u32 mask),
+ (alg_name, type, mask));
static inline struct crypto_tfm *crypto_akcipher_tfm(
struct crypto_akcipher *tfm)
@@ -310,9 +312,9 @@ static inline int crypto_akcipher_decrypt(struct akcipher_request *req)
*
* Return: zero on success; error code in case of error
*/
-int crypto_akcipher_sync_encrypt(struct crypto_akcipher *tfm,
- const void *src, unsigned int slen,
- void *dst, unsigned int dlen);
+DECLARE_CRYPTO_API(crypto_akcipher_sync_encrypt, int,
+ (struct crypto_akcipher *tfm, const void *src, unsigned int slen, void *dst, unsigned int dlen),
+ (tfm, src, slen, dst, dlen));
/**
* crypto_akcipher_sync_decrypt() - Invoke public key decrypt operation
@@ -328,9 +330,9 @@ int crypto_akcipher_sync_encrypt(struct crypto_akcipher *tfm,
*
* Return: Output length on success; error code in case of error
*/
-int crypto_akcipher_sync_decrypt(struct crypto_akcipher *tfm,
- const void *src, unsigned int slen,
- void *dst, unsigned int dlen);
+DECLARE_CRYPTO_API(crypto_akcipher_sync_decrypt, int,
+ (struct crypto_akcipher *tfm, const void *src, unsigned int slen, void *dst, unsigned int dlen),
+ (tfm, src, slen, dst, dlen));
/**
* crypto_akcipher_set_pub_key() - Invoke set public key operation
diff --git a/include/crypto/internal/akcipher.h b/include/crypto/internal/akcipher.h
index 14ee62bc52b6..5ea9c6cbce04 100644
--- a/include/crypto/internal/akcipher.h
+++ b/include/crypto/internal/akcipher.h
@@ -7,6 +7,8 @@
*/
#ifndef _CRYPTO_AKCIPHER_INT_H
#define _CRYPTO_AKCIPHER_INT_H
+
+#include <crypto/api.h>
#include <crypto/akcipher.h>
#include <crypto/algapi.h>
@@ -100,9 +102,9 @@ static inline void *akcipher_instance_ctx(struct akcipher_instance *inst)
return crypto_instance_ctx(akcipher_crypto_instance(inst));
}
-int crypto_grab_akcipher(struct crypto_akcipher_spawn *spawn,
- struct crypto_instance *inst,
- const char *name, u32 type, u32 mask);
+DECLARE_CRYPTO_API(crypto_grab_akcipher, int,
+ (struct crypto_akcipher_spawn *spawn, struct crypto_instance *inst, const char *name, u32 type, u32 mask),
+ (spawn, inst, name, type, mask));
static inline struct crypto_akcipher *crypto_spawn_akcipher(
struct crypto_akcipher_spawn *spawn)
@@ -130,7 +132,9 @@ static inline struct akcipher_alg *crypto_spawn_akcipher_alg(
*
* Return: zero on success; error code in case of error
*/
-int crypto_register_akcipher(struct akcipher_alg *alg);
+DECLARE_CRYPTO_API(crypto_register_akcipher, int,
+ (struct akcipher_alg *alg),
+ (alg));
/**
* crypto_unregister_akcipher() -- Unregister public key algorithm
@@ -139,7 +143,9 @@ int crypto_register_akcipher(struct akcipher_alg *alg);
*
* @alg: algorithm definition
*/
-void crypto_unregister_akcipher(struct akcipher_alg *alg);
+DECLARE_CRYPTO_API(crypto_unregister_akcipher, void,
+ (struct akcipher_alg *alg),
+ (alg));
/**
* akcipher_register_instance() -- Unregister public key template instance
@@ -150,6 +156,7 @@ void crypto_unregister_akcipher(struct akcipher_alg *alg);
* @tmpl: the template from which the algorithm was created
* @inst: the template instance
*/
-int akcipher_register_instance(struct crypto_template *tmpl,
- struct akcipher_instance *inst);
+DECLARE_CRYPTO_API(akcipher_register_instance, int,
+ (struct crypto_template *tmpl, struct akcipher_instance *inst),
+ (tmpl, inst));
#endif
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 031/104] crypto: fips140: convert crypto/ahash.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:51 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_HASH2 --source crypto/ahash.c --header include/crypto/internal/hash.h include/crypto/hash.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/ahash.c | 108 ++++++++++++++++-----------------
crypto/fips140-api.c | 40 ++++++++++++
include/crypto/hash.h | 52 +++++++++++-----
include/crypto/internal/hash.h | 65 ++++++++++++++------
4 files changed, 177 insertions(+), 88 deletions(-)
diff --git a/crypto/ahash.c b/crypto/ahash.c
index a227793d2c5b..f344a43a3f89 100644
--- a/crypto/ahash.c
+++ b/crypto/ahash.c
@@ -99,7 +99,7 @@ static int hash_walk_new_entry(struct crypto_hash_walk *walk)
return hash_walk_next(walk);
}
-int crypto_hash_walk_first(struct ahash_request *req,
+int CRYPTO_API(crypto_hash_walk_first)(struct ahash_request *req,
struct crypto_hash_walk *walk)
{
walk->total = req->nbytes;
@@ -120,9 +120,9 @@ int crypto_hash_walk_first(struct ahash_request *req,
return hash_walk_new_entry(walk);
}
-EXPORT_SYMBOL_GPL(crypto_hash_walk_first);
+DEFINE_CRYPTO_API(crypto_hash_walk_first);
-int crypto_hash_walk_done(struct crypto_hash_walk *walk, int err)
+int CRYPTO_API(crypto_hash_walk_done)(struct crypto_hash_walk *walk, int err)
{
if ((walk->flags & CRYPTO_AHASH_REQ_VIRT))
return err;
@@ -148,7 +148,7 @@ int crypto_hash_walk_done(struct crypto_hash_walk *walk, int err)
return hash_walk_new_entry(walk);
}
-EXPORT_SYMBOL_GPL(crypto_hash_walk_done);
+DEFINE_CRYPTO_API(crypto_hash_walk_done);
/*
* For an ahash tfm that is using an shash algorithm (instead of an ahash
@@ -168,7 +168,7 @@ static inline struct shash_desc *prepare_shash_desc(struct ahash_request *req,
return desc;
}
-int shash_ahash_update(struct ahash_request *req, struct shash_desc *desc)
+int CRYPTO_API(shash_ahash_update)(struct ahash_request *req, struct shash_desc *desc)
{
struct crypto_hash_walk walk;
int nbytes;
@@ -179,9 +179,9 @@ int shash_ahash_update(struct ahash_request *req, struct shash_desc *desc)
return nbytes;
}
-EXPORT_SYMBOL_GPL(shash_ahash_update);
+DEFINE_CRYPTO_API(shash_ahash_update);
-int shash_ahash_finup(struct ahash_request *req, struct shash_desc *desc)
+int CRYPTO_API(shash_ahash_finup)(struct ahash_request *req, struct shash_desc *desc)
{
struct crypto_hash_walk walk;
int nbytes;
@@ -200,9 +200,9 @@ int shash_ahash_finup(struct ahash_request *req, struct shash_desc *desc)
return nbytes;
}
-EXPORT_SYMBOL_GPL(shash_ahash_finup);
+DEFINE_CRYPTO_API(shash_ahash_finup);
-int shash_ahash_digest(struct ahash_request *req, struct shash_desc *desc)
+int CRYPTO_API(shash_ahash_digest)(struct ahash_request *req, struct shash_desc *desc)
{
unsigned int nbytes = req->nbytes;
struct scatterlist *sg;
@@ -239,7 +239,7 @@ int shash_ahash_digest(struct ahash_request *req, struct shash_desc *desc)
kunmap_local(data);
return err;
}
-EXPORT_SYMBOL_GPL(shash_ahash_digest);
+DEFINE_CRYPTO_API(shash_ahash_digest);
static void crypto_exit_ahash_using_shash(struct crypto_tfm *tfm)
{
@@ -287,7 +287,7 @@ static void ahash_set_needkey(struct crypto_ahash *tfm, struct ahash_alg *alg)
crypto_ahash_set_flags(tfm, CRYPTO_TFM_NEED_KEY);
}
-int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key,
+int CRYPTO_API(crypto_ahash_setkey)(struct crypto_ahash *tfm, const u8 *key,
unsigned int keylen)
{
if (likely(tfm->using_shash)) {
@@ -317,7 +317,7 @@ int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key,
crypto_ahash_clear_flags(tfm, CRYPTO_TFM_NEED_KEY);
return 0;
}
-EXPORT_SYMBOL_GPL(crypto_ahash_setkey);
+DEFINE_CRYPTO_API(crypto_ahash_setkey);
static int ahash_do_req_chain(struct ahash_request *req,
int (*const *op)(struct ahash_request *req))
@@ -368,7 +368,7 @@ static int ahash_do_req_chain(struct ahash_request *req,
}
}
-int crypto_ahash_init(struct ahash_request *req)
+int CRYPTO_API(crypto_ahash_init)(struct ahash_request *req)
{
struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
@@ -386,7 +386,7 @@ int crypto_ahash_init(struct ahash_request *req)
}
return crypto_ahash_alg(tfm)->init(req);
}
-EXPORT_SYMBOL_GPL(crypto_ahash_init);
+DEFINE_CRYPTO_API(crypto_ahash_init);
static void ahash_save_req(struct ahash_request *req, crypto_completion_t cplt)
{
@@ -440,7 +440,7 @@ static void ahash_update_done(void *data, int err)
ahash_op_done(data, err, ahash_update_finish);
}
-int crypto_ahash_update(struct ahash_request *req)
+int CRYPTO_API(crypto_ahash_update)(struct ahash_request *req)
{
struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
bool nonzero = crypto_ahash_final_nonzero(tfm);
@@ -489,7 +489,7 @@ int crypto_ahash_update(struct ahash_request *req)
return ahash_update_finish(req, err);
}
-EXPORT_SYMBOL_GPL(crypto_ahash_update);
+DEFINE_CRYPTO_API(crypto_ahash_update);
static int ahash_finup_finish(struct ahash_request *req, int err)
{
@@ -521,7 +521,7 @@ static void ahash_finup_done(void *data, int err)
ahash_op_done(data, err, ahash_finup_finish);
}
-int crypto_ahash_finup(struct ahash_request *req)
+int CRYPTO_API(crypto_ahash_finup)(struct ahash_request *req)
{
struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
int bs = crypto_ahash_blocksize(tfm);
@@ -561,9 +561,9 @@ int crypto_ahash_finup(struct ahash_request *req)
return ahash_finup_finish(req, err);
}
-EXPORT_SYMBOL_GPL(crypto_ahash_finup);
+DEFINE_CRYPTO_API(crypto_ahash_finup);
-int crypto_ahash_digest(struct ahash_request *req)
+int CRYPTO_API(crypto_ahash_digest)(struct ahash_request *req)
{
struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
@@ -575,7 +575,7 @@ int crypto_ahash_digest(struct ahash_request *req)
return -ENOKEY;
return ahash_do_req_chain(req, &crypto_ahash_alg(tfm)->digest);
}
-EXPORT_SYMBOL_GPL(crypto_ahash_digest);
+DEFINE_CRYPTO_API(crypto_ahash_digest);
static void ahash_def_finup_done2(void *data, int err)
{
@@ -624,7 +624,7 @@ static int ahash_def_finup(struct ahash_request *req)
return ahash_def_finup_finish1(req, err);
}
-int crypto_ahash_export_core(struct ahash_request *req, void *out)
+int CRYPTO_API(crypto_ahash_export_core)(struct ahash_request *req, void *out)
{
struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
@@ -632,9 +632,9 @@ int crypto_ahash_export_core(struct ahash_request *req, void *out)
return crypto_shash_export_core(ahash_request_ctx(req), out);
return crypto_ahash_alg(tfm)->export_core(req, out);
}
-EXPORT_SYMBOL_GPL(crypto_ahash_export_core);
+DEFINE_CRYPTO_API(crypto_ahash_export_core);
-int crypto_ahash_export(struct ahash_request *req, void *out)
+int CRYPTO_API(crypto_ahash_export)(struct ahash_request *req, void *out)
{
struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
@@ -650,9 +650,9 @@ int crypto_ahash_export(struct ahash_request *req, void *out)
}
return crypto_ahash_alg(tfm)->export(req, out);
}
-EXPORT_SYMBOL_GPL(crypto_ahash_export);
+DEFINE_CRYPTO_API(crypto_ahash_export);
-int crypto_ahash_import_core(struct ahash_request *req, const void *in)
+int CRYPTO_API(crypto_ahash_import_core)(struct ahash_request *req, const void *in)
{
struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
@@ -663,9 +663,9 @@ int crypto_ahash_import_core(struct ahash_request *req, const void *in)
return -ENOKEY;
return crypto_ahash_alg(tfm)->import_core(req, in);
}
-EXPORT_SYMBOL_GPL(crypto_ahash_import_core);
+DEFINE_CRYPTO_API(crypto_ahash_import_core);
-int crypto_ahash_import(struct ahash_request *req, const void *in)
+int CRYPTO_API(crypto_ahash_import)(struct ahash_request *req, const void *in)
{
struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
@@ -681,7 +681,7 @@ int crypto_ahash_import(struct ahash_request *req, const void *in)
}
return crypto_ahash_alg(tfm)->import(req, in);
}
-EXPORT_SYMBOL_GPL(crypto_ahash_import);
+DEFINE_CRYPTO_API(crypto_ahash_import);
static void crypto_ahash_exit_tfm(struct crypto_tfm *tfm)
{
@@ -816,29 +816,29 @@ static const struct crypto_type crypto_ahash_type = {
.algsize = offsetof(struct ahash_alg, halg.base),
};
-int crypto_grab_ahash(struct crypto_ahash_spawn *spawn,
+int CRYPTO_API(crypto_grab_ahash)(struct crypto_ahash_spawn *spawn,
struct crypto_instance *inst,
const char *name, u32 type, u32 mask)
{
spawn->base.frontend = &crypto_ahash_type;
return crypto_grab_spawn(&spawn->base, inst, name, type, mask);
}
-EXPORT_SYMBOL_GPL(crypto_grab_ahash);
+DEFINE_CRYPTO_API(crypto_grab_ahash);
-struct crypto_ahash *crypto_alloc_ahash(const char *alg_name, u32 type,
+struct crypto_ahash *CRYPTO_API(crypto_alloc_ahash)(const char *alg_name, u32 type,
u32 mask)
{
return crypto_alloc_tfm(alg_name, &crypto_ahash_type, type, mask);
}
-EXPORT_SYMBOL_GPL(crypto_alloc_ahash);
+DEFINE_CRYPTO_API(crypto_alloc_ahash);
-int crypto_has_ahash(const char *alg_name, u32 type, u32 mask)
+int CRYPTO_API(crypto_has_ahash)(const char *alg_name, u32 type, u32 mask)
{
return crypto_type_has_alg(alg_name, &crypto_ahash_type, type, mask);
}
-EXPORT_SYMBOL_GPL(crypto_has_ahash);
+DEFINE_CRYPTO_API(crypto_has_ahash);
-bool crypto_hash_alg_has_setkey(struct hash_alg_common *halg)
+bool CRYPTO_API(crypto_hash_alg_has_setkey)(struct hash_alg_common *halg)
{
struct crypto_alg *alg = &halg->base;
@@ -847,9 +847,9 @@ bool crypto_hash_alg_has_setkey(struct hash_alg_common *halg)
return __crypto_ahash_alg(alg)->setkey != ahash_nosetkey;
}
-EXPORT_SYMBOL_GPL(crypto_hash_alg_has_setkey);
+DEFINE_CRYPTO_API(crypto_hash_alg_has_setkey);
-struct crypto_ahash *crypto_clone_ahash(struct crypto_ahash *hash)
+struct crypto_ahash *CRYPTO_API(crypto_clone_ahash)(struct crypto_ahash *hash)
{
struct hash_alg_common *halg = crypto_hash_alg_common(hash);
struct crypto_tfm *tfm = crypto_ahash_tfm(hash);
@@ -917,7 +917,7 @@ struct crypto_ahash *crypto_clone_ahash(struct crypto_ahash *hash)
crypto_free_ahash(nhash);
return ERR_PTR(err);
}
-EXPORT_SYMBOL_GPL(crypto_clone_ahash);
+DEFINE_CRYPTO_API(crypto_clone_ahash);
static int ahash_default_export_core(struct ahash_request *req, void *out)
{
@@ -981,7 +981,7 @@ static int ahash_prepare_alg(struct ahash_alg *alg)
return 0;
}
-int crypto_register_ahash(struct ahash_alg *alg)
+int CRYPTO_API(crypto_register_ahash)(struct ahash_alg *alg)
{
struct crypto_alg *base = &alg->halg.base;
int err;
@@ -992,15 +992,15 @@ int crypto_register_ahash(struct ahash_alg *alg)
return crypto_register_alg(base);
}
-EXPORT_SYMBOL_GPL(crypto_register_ahash);
+DEFINE_CRYPTO_API(crypto_register_ahash);
-void crypto_unregister_ahash(struct ahash_alg *alg)
+void CRYPTO_API(crypto_unregister_ahash)(struct ahash_alg *alg)
{
crypto_unregister_alg(&alg->halg.base);
}
-EXPORT_SYMBOL_GPL(crypto_unregister_ahash);
+DEFINE_CRYPTO_API(crypto_unregister_ahash);
-int crypto_register_ahashes(struct ahash_alg *algs, int count)
+int CRYPTO_API(crypto_register_ahashes)(struct ahash_alg *algs, int count)
{
int i, ret;
@@ -1018,18 +1018,18 @@ int crypto_register_ahashes(struct ahash_alg *algs, int count)
return ret;
}
-EXPORT_SYMBOL_GPL(crypto_register_ahashes);
+DEFINE_CRYPTO_API(crypto_register_ahashes);
-void crypto_unregister_ahashes(struct ahash_alg *algs, int count)
+void CRYPTO_API(crypto_unregister_ahashes)(struct ahash_alg *algs, int count)
{
int i;
for (i = count - 1; i >= 0; --i)
crypto_unregister_ahash(&algs[i]);
}
-EXPORT_SYMBOL_GPL(crypto_unregister_ahashes);
+DEFINE_CRYPTO_API(crypto_unregister_ahashes);
-int ahash_register_instance(struct crypto_template *tmpl,
+int CRYPTO_API(ahash_register_instance)(struct crypto_template *tmpl,
struct ahash_instance *inst)
{
int err;
@@ -1043,9 +1043,9 @@ int ahash_register_instance(struct crypto_template *tmpl,
return crypto_register_instance(tmpl, ahash_crypto_instance(inst));
}
-EXPORT_SYMBOL_GPL(ahash_register_instance);
+DEFINE_CRYPTO_API(ahash_register_instance);
-void ahash_request_free(struct ahash_request *req)
+void CRYPTO_API(ahash_request_free)(struct ahash_request *req)
{
if (unlikely(!req))
return;
@@ -1057,9 +1057,9 @@ void ahash_request_free(struct ahash_request *req)
ahash_request_zero(req);
}
-EXPORT_SYMBOL_GPL(ahash_request_free);
+DEFINE_CRYPTO_API(ahash_request_free);
-int crypto_hash_digest(struct crypto_ahash *tfm, const u8 *data,
+int CRYPTO_API(crypto_hash_digest)(struct crypto_ahash *tfm, const u8 *data,
unsigned int len, u8 *out)
{
HASH_REQUEST_ON_STACK(req, crypto_ahash_fb(tfm));
@@ -1073,14 +1073,14 @@ int crypto_hash_digest(struct crypto_ahash *tfm, const u8 *data,
return err;
}
-EXPORT_SYMBOL_GPL(crypto_hash_digest);
+DEFINE_CRYPTO_API(crypto_hash_digest);
-void ahash_free_singlespawn_instance(struct ahash_instance *inst)
+void CRYPTO_API(ahash_free_singlespawn_instance)(struct ahash_instance *inst)
{
crypto_drop_spawn(ahash_instance_ctx(inst));
kfree(inst);
}
-EXPORT_SYMBOL_GPL(ahash_free_singlespawn_instance);
+DEFINE_CRYPTO_API(ahash_free_singlespawn_instance);
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Asynchronous cryptographic hash type");
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 88858a1f9915..530195c057eb 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -163,3 +163,43 @@ DEFINE_CRYPTO_API_STUB(crypto_aes_set_key);
#endif
+/*
+ * crypto/ahash.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_HASH2)
+
+#include <crypto/internal/hash.h>
+
+DEFINE_CRYPTO_API_STUB(crypto_hash_walk_done);
+DEFINE_CRYPTO_API_STUB(crypto_hash_walk_first);
+DEFINE_CRYPTO_API_STUB(crypto_register_ahash);
+DEFINE_CRYPTO_API_STUB(crypto_unregister_ahash);
+DEFINE_CRYPTO_API_STUB(crypto_register_ahashes);
+DEFINE_CRYPTO_API_STUB(crypto_unregister_ahashes);
+DEFINE_CRYPTO_API_STUB(ahash_register_instance);
+DEFINE_CRYPTO_API_STUB(ahash_free_singlespawn_instance);
+DEFINE_CRYPTO_API_STUB(crypto_hash_alg_has_setkey);
+DEFINE_CRYPTO_API_STUB(crypto_grab_ahash);
+DEFINE_CRYPTO_API_STUB(shash_ahash_update);
+DEFINE_CRYPTO_API_STUB(shash_ahash_finup);
+DEFINE_CRYPTO_API_STUB(shash_ahash_digest);
+DEFINE_CRYPTO_API_STUB(crypto_ahash_export_core);
+DEFINE_CRYPTO_API_STUB(crypto_ahash_import_core);
+
+#include <crypto/hash.h>
+
+DEFINE_CRYPTO_API_STUB(crypto_alloc_ahash);
+DEFINE_CRYPTO_API_STUB(crypto_clone_ahash);
+DEFINE_CRYPTO_API_STUB(crypto_has_ahash);
+DEFINE_CRYPTO_API_STUB(crypto_ahash_setkey);
+DEFINE_CRYPTO_API_STUB(crypto_ahash_finup);
+DEFINE_CRYPTO_API_STUB(crypto_ahash_digest);
+DEFINE_CRYPTO_API_STUB(crypto_ahash_export);
+DEFINE_CRYPTO_API_STUB(crypto_ahash_import);
+DEFINE_CRYPTO_API_STUB(crypto_ahash_init);
+DEFINE_CRYPTO_API_STUB(crypto_ahash_update);
+DEFINE_CRYPTO_API_STUB(ahash_request_free);
+DEFINE_CRYPTO_API_STUB(crypto_hash_digest);
+
+#endif
+
diff --git a/include/crypto/hash.h b/include/crypto/hash.h
index bbaeae705ef0..c9d6ee97360e 100644
--- a/include/crypto/hash.h
+++ b/include/crypto/hash.h
@@ -8,6 +8,7 @@
#ifndef _CRYPTO_HASH_H
#define _CRYPTO_HASH_H
+#include <crypto/api.h>
#include <linux/crypto.h>
#include <linux/scatterlist.h>
#include <linux/slab.h>
@@ -307,10 +308,13 @@ static inline struct crypto_ahash *__crypto_ahash_cast(struct crypto_tfm *tfm)
* Return: allocated cipher handle in case of success; IS_ERR() is true in case
* of an error, PTR_ERR() returns the error code.
*/
-struct crypto_ahash *crypto_alloc_ahash(const char *alg_name, u32 type,
- u32 mask);
+DECLARE_CRYPTO_API(crypto_alloc_ahash, struct crypto_ahash *,
+ (const char *alg_name, u32 type, u32 mask),
+ (alg_name, type, mask));
-struct crypto_ahash *crypto_clone_ahash(struct crypto_ahash *tfm);
+DECLARE_CRYPTO_API(crypto_clone_ahash, struct crypto_ahash *,
+ (struct crypto_ahash *tfm),
+ (tfm));
static inline struct crypto_tfm *crypto_ahash_tfm(struct crypto_ahash *tfm)
{
@@ -338,7 +342,9 @@ static inline void crypto_free_ahash(struct crypto_ahash *tfm)
* Return: true when the ahash is known to the kernel crypto API; false
* otherwise
*/
-int crypto_has_ahash(const char *alg_name, u32 type, u32 mask);
+DECLARE_CRYPTO_API(crypto_has_ahash, int,
+ (const char *alg_name, u32 type, u32 mask),
+ (alg_name, type, mask));
static inline const char *crypto_ahash_alg_name(struct crypto_ahash *tfm)
{
@@ -464,8 +470,9 @@ static inline void *ahash_request_ctx(struct ahash_request *req)
*
* Return: 0 if the setting of the key was successful; < 0 if an error occurred
*/
-int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key,
- unsigned int keylen);
+DECLARE_CRYPTO_API(crypto_ahash_setkey, int,
+ (struct crypto_ahash *tfm, const u8 *key, unsigned int keylen),
+ (tfm, key, keylen));
/**
* crypto_ahash_finup() - update and finalize message digest
@@ -478,7 +485,9 @@ int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key,
*
* Return: see crypto_ahash_final()
*/
-int crypto_ahash_finup(struct ahash_request *req);
+DECLARE_CRYPTO_API(crypto_ahash_finup, int,
+ (struct ahash_request *req),
+ (req));
/**
* crypto_ahash_final() - calculate message digest
@@ -512,7 +521,9 @@ static inline int crypto_ahash_final(struct ahash_request *req)
*
* Return: see crypto_ahash_final()
*/
-int crypto_ahash_digest(struct ahash_request *req);
+DECLARE_CRYPTO_API(crypto_ahash_digest, int,
+ (struct ahash_request *req),
+ (req));
/**
* crypto_ahash_export() - extract current message digest state
@@ -525,7 +536,9 @@ int crypto_ahash_digest(struct ahash_request *req);
*
* Return: 0 if the export was successful; < 0 if an error occurred
*/
-int crypto_ahash_export(struct ahash_request *req, void *out);
+DECLARE_CRYPTO_API(crypto_ahash_export, int,
+ (struct ahash_request *req, void *out),
+ (req, out));
/**
* crypto_ahash_import() - import message digest state
@@ -538,7 +551,9 @@ int crypto_ahash_export(struct ahash_request *req, void *out);
*
* Return: 0 if the import was successful; < 0 if an error occurred
*/
-int crypto_ahash_import(struct ahash_request *req, const void *in);
+DECLARE_CRYPTO_API(crypto_ahash_import, int,
+ (struct ahash_request *req, const void *in),
+ (req, in));
/**
* crypto_ahash_init() - (re)initialize message digest handle
@@ -551,7 +566,9 @@ int crypto_ahash_import(struct ahash_request *req, const void *in);
*
* Return: see crypto_ahash_final()
*/
-int crypto_ahash_init(struct ahash_request *req);
+DECLARE_CRYPTO_API(crypto_ahash_init, int,
+ (struct ahash_request *req),
+ (req));
/**
* crypto_ahash_update() - add data to message digest for processing
@@ -564,7 +581,9 @@ int crypto_ahash_init(struct ahash_request *req);
*
* Return: see crypto_ahash_final()
*/
-int crypto_ahash_update(struct ahash_request *req);
+DECLARE_CRYPTO_API(crypto_ahash_update, int,
+ (struct ahash_request *req),
+ (req));
/**
* DOC: Asynchronous Hash Request Handle
@@ -622,7 +641,9 @@ static inline struct ahash_request *ahash_request_alloc_noprof(
* ahash_request_free() - zeroize and free the request data structure
* @req: request data structure cipher handle to be freed
*/
-void ahash_request_free(struct ahash_request *req);
+DECLARE_CRYPTO_API(ahash_request_free, void,
+ (struct ahash_request *req),
+ (req));
static inline void ahash_request_zero(struct ahash_request *req)
{
@@ -913,8 +934,9 @@ int crypto_shash_digest(struct shash_desc *desc, const u8 *data,
int crypto_shash_tfm_digest(struct crypto_shash *tfm, const u8 *data,
unsigned int len, u8 *out);
-int crypto_hash_digest(struct crypto_ahash *tfm, const u8 *data,
- unsigned int len, u8 *out);
+DECLARE_CRYPTO_API(crypto_hash_digest, int,
+ (struct crypto_ahash *tfm, const u8 *data, unsigned int len, u8 *out),
+ (tfm, data, len, out));
/**
* crypto_shash_export() - extract operational state for message digest
diff --git a/include/crypto/internal/hash.h b/include/crypto/internal/hash.h
index e39456de57e4..c3f9ca511cf5 100644
--- a/include/crypto/internal/hash.h
+++ b/include/crypto/internal/hash.h
@@ -8,6 +8,7 @@
#ifndef _CRYPTO_INTERNAL_HASH_H
#define _CRYPTO_INTERNAL_HASH_H
+#include <crypto/api.h>
#include <crypto/algapi.h>
#include <crypto/hash.h>
@@ -75,26 +76,42 @@ struct crypto_shash_spawn {
struct crypto_spawn base;
};
-int crypto_hash_walk_done(struct crypto_hash_walk *walk, int err);
-int crypto_hash_walk_first(struct ahash_request *req,
- struct crypto_hash_walk *walk);
+DECLARE_CRYPTO_API(crypto_hash_walk_done, int,
+ (struct crypto_hash_walk *walk, int err),
+ (walk, err));
+DECLARE_CRYPTO_API(crypto_hash_walk_first, int,
+ (struct ahash_request *req, struct crypto_hash_walk *walk),
+ (req, walk));
static inline int crypto_hash_walk_last(struct crypto_hash_walk *walk)
{
return !(walk->entrylen | walk->total);
}
-int crypto_register_ahash(struct ahash_alg *alg);
-void crypto_unregister_ahash(struct ahash_alg *alg);
-int crypto_register_ahashes(struct ahash_alg *algs, int count);
-void crypto_unregister_ahashes(struct ahash_alg *algs, int count);
-int ahash_register_instance(struct crypto_template *tmpl,
- struct ahash_instance *inst);
-void ahash_free_singlespawn_instance(struct ahash_instance *inst);
+DECLARE_CRYPTO_API(crypto_register_ahash, int,
+ (struct ahash_alg *alg),
+ (alg));
+DECLARE_CRYPTO_API(crypto_unregister_ahash, void,
+ (struct ahash_alg *alg),
+ (alg));
+DECLARE_CRYPTO_API(crypto_register_ahashes, int,
+ (struct ahash_alg *algs, int count),
+ (algs, count));
+DECLARE_CRYPTO_API(crypto_unregister_ahashes, void,
+ (struct ahash_alg *algs, int count),
+ (algs, count));
+DECLARE_CRYPTO_API(ahash_register_instance, int,
+ (struct crypto_template *tmpl, struct ahash_instance *inst),
+ (tmpl, inst));
+DECLARE_CRYPTO_API(ahash_free_singlespawn_instance, void,
+ (struct ahash_instance *inst),
+ (inst));
bool crypto_shash_alg_has_setkey(struct shash_alg *alg);
-bool crypto_hash_alg_has_setkey(struct hash_alg_common *halg);
+DECLARE_CRYPTO_API(crypto_hash_alg_has_setkey, bool,
+ (struct hash_alg_common *halg),
+ (halg));
static inline bool crypto_shash_alg_needs_key(struct shash_alg *alg)
{
@@ -114,9 +131,9 @@ static inline bool crypto_hash_no_export_core(struct crypto_ahash *tfm)
CRYPTO_AHASH_ALG_NO_EXPORT_CORE;
}
-int crypto_grab_ahash(struct crypto_ahash_spawn *spawn,
- struct crypto_instance *inst,
- const char *name, u32 type, u32 mask);
+DECLARE_CRYPTO_API(crypto_grab_ahash, int,
+ (struct crypto_ahash_spawn *spawn, struct crypto_instance *inst, const char *name, u32 type, u32 mask),
+ (spawn, inst, name, type, mask));
static inline void crypto_drop_ahash(struct crypto_ahash_spawn *spawn)
{
@@ -152,9 +169,15 @@ static inline struct shash_alg *crypto_spawn_shash_alg(
return __crypto_shash_alg(spawn->base.alg);
}
-int shash_ahash_update(struct ahash_request *req, struct shash_desc *desc);
-int shash_ahash_finup(struct ahash_request *req, struct shash_desc *desc);
-int shash_ahash_digest(struct ahash_request *req, struct shash_desc *desc);
+DECLARE_CRYPTO_API(shash_ahash_update, int,
+ (struct ahash_request *req, struct shash_desc *desc),
+ (req, desc));
+DECLARE_CRYPTO_API(shash_ahash_finup, int,
+ (struct ahash_request *req, struct shash_desc *desc),
+ (req, desc));
+DECLARE_CRYPTO_API(shash_ahash_digest, int,
+ (struct ahash_request *req, struct shash_desc *desc),
+ (req, desc));
static inline void *crypto_ahash_ctx(struct crypto_ahash *tfm)
{
@@ -357,7 +380,9 @@ static inline unsigned int crypto_shash_coresize(struct crypto_shash *tfm)
* Context: Softirq or process context.
* Return: 0 if the export creation was successful; < 0 if an error occurred
*/
-int crypto_ahash_export_core(struct ahash_request *req, void *out);
+DECLARE_CRYPTO_API(crypto_ahash_export_core, int,
+ (struct ahash_request *req, void *out),
+ (req, out));
/**
* crypto_ahash_import_core() - import core state
@@ -369,7 +394,9 @@ int crypto_ahash_export_core(struct ahash_request *req, void *out);
* Context: Softirq or process context.
* Return: 0 if the import was successful; < 0 if an error occurred
*/
-int crypto_ahash_import_core(struct ahash_request *req, const void *in);
+DECLARE_CRYPTO_API(crypto_ahash_import_core, int,
+ (struct ahash_request *req, const void *in),
+ (req, in));
/**
* crypto_shash_export_core() - extract core state for message digest
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 030/104] crypto: fips140: convert crypto/aes_generic.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:51 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_AES --source crypto/aes_generic.c --header include/crypto/aes.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/aes_generic.c | 8 ++++----
crypto/fips140-api.c | 11 +++++++++++
include/crypto/aes.h | 5 +++--
3 files changed, 18 insertions(+), 6 deletions(-)
diff --git a/crypto/aes_generic.c b/crypto/aes_generic.c
index 85d2e78c8ef2..b3bf792f82f2 100644
--- a/crypto/aes_generic.c
+++ b/crypto/aes_generic.c
@@ -1133,14 +1133,14 @@ EXPORT_SYMBOL_GPL(crypto_it_tab);
*
* Return: 0 on success; -EINVAL on failure (only happens for bad key lengths)
*/
-int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
+int CRYPTO_API(crypto_aes_set_key)(struct crypto_tfm *tfm, const u8 *in_key,
unsigned int key_len)
{
struct crypto_aes_ctx *ctx = crypto_tfm_ctx(tfm);
return aes_expandkey(ctx, in_key, key_len);
}
-EXPORT_SYMBOL_GPL(crypto_aes_set_key);
+DEFINE_CRYPTO_API(crypto_aes_set_key);
/* encrypt a block of text */
@@ -1311,8 +1311,8 @@ static void __exit aes_fini(void)
crypto_unregister_alg(&aes_alg);
}
-module_init(aes_init);
-module_exit(aes_fini);
+crypto_module_init(aes_init);
+crypto_module_exit(aes_fini);
MODULE_DESCRIPTION("Rijndael (AES) Cipher Algorithm");
MODULE_LICENSE("Dual BSD/GPL");
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 896b42fb4330..88858a1f9915 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -152,3 +152,14 @@ DEFINE_CRYPTO_API_STUB(aead_register_instance);
#endif
+/*
+ * crypto/aes_generic.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_AES)
+
+#include <crypto/aes.h>
+
+DEFINE_CRYPTO_API_STUB(crypto_aes_set_key);
+
+#endif
+
diff --git a/include/crypto/aes.h b/include/crypto/aes.h
index a72621f552d8..6a732ea5ee1b 100644
--- a/include/crypto/aes.h
+++ b/include/crypto/aes.h
@@ -49,8 +49,9 @@ static inline int aes_check_keylen(unsigned int keylen)
return 0;
}
-int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
- unsigned int key_len);
+DECLARE_CRYPTO_API(crypto_aes_set_key, int,
+ (struct crypto_tfm *tfm, const u8 *in_key, unsigned int key_len),
+ (tfm, in_key, key_len));
/**
* aes_expandkey - Expands the AES key as described in FIPS-197
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 029/104] crypto: fips140: convert crypto/aead.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:51 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_AEAD2 --source crypto/aead.c --header include/crypto/aead.h include/crypto/internal/aead.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/aead.c | 48 +++++++++++++++++-----------------
crypto/fips140-api.c | 25 ++++++++++++++++++
include/crypto/aead.h | 26 +++++++++++++-----
include/crypto/internal/aead.h | 28 +++++++++++++-------
4 files changed, 87 insertions(+), 40 deletions(-)
diff --git a/crypto/aead.c b/crypto/aead.c
index 5d14b775036e..f6cc3a76120e 100644
--- a/crypto/aead.c
+++ b/crypto/aead.c
@@ -41,7 +41,7 @@ static int setkey_unaligned(struct crypto_aead *tfm, const u8 *key,
return ret;
}
-int crypto_aead_setkey(struct crypto_aead *tfm,
+int CRYPTO_API(crypto_aead_setkey)(struct crypto_aead *tfm,
const u8 *key, unsigned int keylen)
{
unsigned long alignmask = crypto_aead_alignmask(tfm);
@@ -60,9 +60,9 @@ int crypto_aead_setkey(struct crypto_aead *tfm,
crypto_aead_clear_flags(tfm, CRYPTO_TFM_NEED_KEY);
return 0;
}
-EXPORT_SYMBOL_GPL(crypto_aead_setkey);
+DEFINE_CRYPTO_API(crypto_aead_setkey);
-int crypto_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize)
+int CRYPTO_API(crypto_aead_setauthsize)(struct crypto_aead *tfm, unsigned int authsize)
{
int err;
@@ -79,9 +79,9 @@ int crypto_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize)
tfm->authsize = authsize;
return 0;
}
-EXPORT_SYMBOL_GPL(crypto_aead_setauthsize);
+DEFINE_CRYPTO_API(crypto_aead_setauthsize);
-int crypto_aead_encrypt(struct aead_request *req)
+int CRYPTO_API(crypto_aead_encrypt)(struct aead_request *req)
{
struct crypto_aead *aead = crypto_aead_reqtfm(req);
@@ -90,9 +90,9 @@ int crypto_aead_encrypt(struct aead_request *req)
return crypto_aead_alg(aead)->encrypt(req);
}
-EXPORT_SYMBOL_GPL(crypto_aead_encrypt);
+DEFINE_CRYPTO_API(crypto_aead_encrypt);
-int crypto_aead_decrypt(struct aead_request *req)
+int CRYPTO_API(crypto_aead_decrypt)(struct aead_request *req)
{
struct crypto_aead *aead = crypto_aead_reqtfm(req);
@@ -104,7 +104,7 @@ int crypto_aead_decrypt(struct aead_request *req)
return crypto_aead_alg(aead)->decrypt(req);
}
-EXPORT_SYMBOL_GPL(crypto_aead_decrypt);
+DEFINE_CRYPTO_API(crypto_aead_decrypt);
static void crypto_aead_exit_tfm(struct crypto_tfm *tfm)
{
@@ -189,26 +189,26 @@ static const struct crypto_type crypto_aead_type = {
.algsize = offsetof(struct aead_alg, base),
};
-int crypto_grab_aead(struct crypto_aead_spawn *spawn,
+int CRYPTO_API(crypto_grab_aead)(struct crypto_aead_spawn *spawn,
struct crypto_instance *inst,
const char *name, u32 type, u32 mask)
{
spawn->base.frontend = &crypto_aead_type;
return crypto_grab_spawn(&spawn->base, inst, name, type, mask);
}
-EXPORT_SYMBOL_GPL(crypto_grab_aead);
+DEFINE_CRYPTO_API(crypto_grab_aead);
-struct crypto_aead *crypto_alloc_aead(const char *alg_name, u32 type, u32 mask)
+struct crypto_aead *CRYPTO_API(crypto_alloc_aead)(const char *alg_name, u32 type, u32 mask)
{
return crypto_alloc_tfm(alg_name, &crypto_aead_type, type, mask);
}
-EXPORT_SYMBOL_GPL(crypto_alloc_aead);
+DEFINE_CRYPTO_API(crypto_alloc_aead);
-int crypto_has_aead(const char *alg_name, u32 type, u32 mask)
+int CRYPTO_API(crypto_has_aead)(const char *alg_name, u32 type, u32 mask)
{
return crypto_type_has_alg(alg_name, &crypto_aead_type, type, mask);
}
-EXPORT_SYMBOL_GPL(crypto_has_aead);
+DEFINE_CRYPTO_API(crypto_has_aead);
static int aead_prepare_alg(struct aead_alg *alg)
{
@@ -228,7 +228,7 @@ static int aead_prepare_alg(struct aead_alg *alg)
return 0;
}
-int crypto_register_aead(struct aead_alg *alg)
+int CRYPTO_API(crypto_register_aead)(struct aead_alg *alg)
{
struct crypto_alg *base = &alg->base;
int err;
@@ -239,15 +239,15 @@ int crypto_register_aead(struct aead_alg *alg)
return crypto_register_alg(base);
}
-EXPORT_SYMBOL_GPL(crypto_register_aead);
+DEFINE_CRYPTO_API(crypto_register_aead);
-void crypto_unregister_aead(struct aead_alg *alg)
+void CRYPTO_API(crypto_unregister_aead)(struct aead_alg *alg)
{
crypto_unregister_alg(&alg->base);
}
-EXPORT_SYMBOL_GPL(crypto_unregister_aead);
+DEFINE_CRYPTO_API(crypto_unregister_aead);
-int crypto_register_aeads(struct aead_alg *algs, int count)
+int CRYPTO_API(crypto_register_aeads)(struct aead_alg *algs, int count)
{
int i, ret;
@@ -265,18 +265,18 @@ int crypto_register_aeads(struct aead_alg *algs, int count)
return ret;
}
-EXPORT_SYMBOL_GPL(crypto_register_aeads);
+DEFINE_CRYPTO_API(crypto_register_aeads);
-void crypto_unregister_aeads(struct aead_alg *algs, int count)
+void CRYPTO_API(crypto_unregister_aeads)(struct aead_alg *algs, int count)
{
int i;
for (i = count - 1; i >= 0; --i)
crypto_unregister_aead(&algs[i]);
}
-EXPORT_SYMBOL_GPL(crypto_unregister_aeads);
+DEFINE_CRYPTO_API(crypto_unregister_aeads);
-int aead_register_instance(struct crypto_template *tmpl,
+int CRYPTO_API(aead_register_instance)(struct crypto_template *tmpl,
struct aead_instance *inst)
{
int err;
@@ -290,7 +290,7 @@ int aead_register_instance(struct crypto_template *tmpl,
return crypto_register_instance(tmpl, aead_crypto_instance(inst));
}
-EXPORT_SYMBOL_GPL(aead_register_instance);
+DEFINE_CRYPTO_API(aead_register_instance);
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Authenticated Encryption with Associated Data (AEAD)");
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 6caef4827a53..896b42fb4330 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -127,3 +127,28 @@ DEFINE_CRYPTO_API_STUB(__crypto_xor);
#endif
+/*
+ * crypto/aead.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_AEAD2)
+
+#include <crypto/aead.h>
+
+DEFINE_CRYPTO_API_STUB(crypto_alloc_aead);
+DEFINE_CRYPTO_API_STUB(crypto_has_aead);
+DEFINE_CRYPTO_API_STUB(crypto_aead_setkey);
+DEFINE_CRYPTO_API_STUB(crypto_aead_setauthsize);
+DEFINE_CRYPTO_API_STUB(crypto_aead_encrypt);
+DEFINE_CRYPTO_API_STUB(crypto_aead_decrypt);
+
+#include <crypto/internal/aead.h>
+
+DEFINE_CRYPTO_API_STUB(crypto_grab_aead);
+DEFINE_CRYPTO_API_STUB(crypto_register_aead);
+DEFINE_CRYPTO_API_STUB(crypto_unregister_aead);
+DEFINE_CRYPTO_API_STUB(crypto_register_aeads);
+DEFINE_CRYPTO_API_STUB(crypto_unregister_aeads);
+DEFINE_CRYPTO_API_STUB(aead_register_instance);
+
+#endif
+
diff --git a/include/crypto/aead.h b/include/crypto/aead.h
index 0e8a41638678..714a110a64bf 100644
--- a/include/crypto/aead.h
+++ b/include/crypto/aead.h
@@ -8,6 +8,7 @@
#ifndef _CRYPTO_AEAD_H
#define _CRYPTO_AEAD_H
+#include <crypto/api.h>
#include <linux/atomic.h>
#include <linux/container_of.h>
#include <linux/crypto.h>
@@ -178,7 +179,9 @@ static inline struct crypto_aead *__crypto_aead_cast(struct crypto_tfm *tfm)
* Return: allocated cipher handle in case of success; IS_ERR() is true in case
* of an error, PTR_ERR() returns the error code.
*/
-struct crypto_aead *crypto_alloc_aead(const char *alg_name, u32 type, u32 mask);
+DECLARE_CRYPTO_API(crypto_alloc_aead, struct crypto_aead *,
+ (const char *alg_name, u32 type, u32 mask),
+ (alg_name, type, mask));
static inline struct crypto_tfm *crypto_aead_tfm(struct crypto_aead *tfm)
{
@@ -206,7 +209,9 @@ static inline void crypto_free_aead(struct crypto_aead *tfm)
* Return: true when the aead is known to the kernel crypto API; false
* otherwise
*/
-int crypto_has_aead(const char *alg_name, u32 type, u32 mask);
+DECLARE_CRYPTO_API(crypto_has_aead, int,
+ (const char *alg_name, u32 type, u32 mask),
+ (alg_name, type, mask));
static inline const char *crypto_aead_driver_name(struct crypto_aead *tfm)
{
@@ -316,8 +321,9 @@ static inline void crypto_aead_clear_flags(struct crypto_aead *tfm, u32 flags)
*
* Return: 0 if the setting of the key was successful; < 0 if an error occurred
*/
-int crypto_aead_setkey(struct crypto_aead *tfm,
- const u8 *key, unsigned int keylen);
+DECLARE_CRYPTO_API(crypto_aead_setkey, int,
+ (struct crypto_aead *tfm, const u8 *key, unsigned int keylen),
+ (tfm, key, keylen));
/**
* crypto_aead_setauthsize() - set authentication data size
@@ -329,7 +335,9 @@ int crypto_aead_setkey(struct crypto_aead *tfm,
*
* Return: 0 if the setting of the key was successful; < 0 if an error occurred
*/
-int crypto_aead_setauthsize(struct crypto_aead *tfm, unsigned int authsize);
+DECLARE_CRYPTO_API(crypto_aead_setauthsize, int,
+ (struct crypto_aead *tfm, unsigned int authsize),
+ (tfm, authsize));
static inline struct crypto_aead *crypto_aead_reqtfm(struct aead_request *req)
{
@@ -355,7 +363,9 @@ static inline struct crypto_aead *crypto_aead_reqtfm(struct aead_request *req)
*
* Return: 0 if the cipher operation was successful; < 0 if an error occurred
*/
-int crypto_aead_encrypt(struct aead_request *req);
+DECLARE_CRYPTO_API(crypto_aead_encrypt, int,
+ (struct aead_request *req),
+ (req));
/**
* crypto_aead_decrypt() - decrypt ciphertext
@@ -379,7 +389,9 @@ int crypto_aead_encrypt(struct aead_request *req);
* integrity of the ciphertext or the associated data was violated);
* < 0 if an error occurred.
*/
-int crypto_aead_decrypt(struct aead_request *req);
+DECLARE_CRYPTO_API(crypto_aead_decrypt, int,
+ (struct aead_request *req),
+ (req));
/**
* DOC: Asynchronous AEAD Request Handle
diff --git a/include/crypto/internal/aead.h b/include/crypto/internal/aead.h
index 28a95eb3182d..8abe35a07fd4 100644
--- a/include/crypto/internal/aead.h
+++ b/include/crypto/internal/aead.h
@@ -8,6 +8,7 @@
#ifndef _CRYPTO_INTERNAL_AEAD_H
#define _CRYPTO_INTERNAL_AEAD_H
+#include <crypto/api.h>
#include <crypto/aead.h>
#include <crypto/algapi.h>
#include <linux/stddef.h>
@@ -96,9 +97,9 @@ static inline struct aead_request *aead_request_cast(
return container_of(req, struct aead_request, base);
}
-int crypto_grab_aead(struct crypto_aead_spawn *spawn,
- struct crypto_instance *inst,
- const char *name, u32 type, u32 mask);
+DECLARE_CRYPTO_API(crypto_grab_aead, int,
+ (struct crypto_aead_spawn *spawn, struct crypto_instance *inst, const char *name, u32 type, u32 mask),
+ (spawn, inst, name, type, mask));
static inline void crypto_drop_aead(struct crypto_aead_spawn *spawn)
{
@@ -157,12 +158,21 @@ static inline unsigned int crypto_aead_chunksize(struct crypto_aead *tfm)
return crypto_aead_alg_chunksize(crypto_aead_alg(tfm));
}
-int crypto_register_aead(struct aead_alg *alg);
-void crypto_unregister_aead(struct aead_alg *alg);
-int crypto_register_aeads(struct aead_alg *algs, int count);
-void crypto_unregister_aeads(struct aead_alg *algs, int count);
-int aead_register_instance(struct crypto_template *tmpl,
- struct aead_instance *inst);
+DECLARE_CRYPTO_API(crypto_register_aead, int,
+ (struct aead_alg *alg),
+ (alg));
+DECLARE_CRYPTO_API(crypto_unregister_aead, void,
+ (struct aead_alg *alg),
+ (alg));
+DECLARE_CRYPTO_API(crypto_register_aeads, int,
+ (struct aead_alg *algs, int count),
+ (algs, count));
+DECLARE_CRYPTO_API(crypto_unregister_aeads, void,
+ (struct aead_alg *algs, int count),
+ (algs, count));
+DECLARE_CRYPTO_API(aead_register_instance, int,
+ (struct crypto_template *tmpl, struct aead_instance *inst),
+ (tmpl, inst));
#endif /* _CRYPTO_INTERNAL_AEAD_H */
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 028/104] crypto: fips140: convert lib/crypto/utils.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:51 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_LIB_UTILS --source lib/crypto/utils.c --header include/crypto/utils.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/fips140-api.c | 11 +++++++++++
include/crypto/utils.h | 4 +++-
lib/crypto/utils.c | 4 ++--
3 files changed, 16 insertions(+), 3 deletions(-)
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 13148a3d3519..6caef4827a53 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -116,3 +116,14 @@ DEFINE_CRYPTO_API_STUB(hmac_sha512_usingrawkey);
#endif
+/*
+ * lib/crypto/utils.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_LIB_UTILS)
+
+#include <crypto/utils.h>
+
+DEFINE_CRYPTO_API_STUB(__crypto_xor);
+
+#endif
+
diff --git a/include/crypto/utils.h b/include/crypto/utils.h
index d7c3dae79138..996435707260 100644
--- a/include/crypto/utils.h
+++ b/include/crypto/utils.h
@@ -12,7 +12,9 @@
#include <linux/compiler_attributes.h>
#include <linux/types.h>
-void __crypto_xor(u8 *dst, const u8 *src1, const u8 *src2, unsigned int size);
+DECLARE_CRYPTO_API(__crypto_xor, void,
+ (u8 *dst, const u8 *src1, const u8 *src2, unsigned int size),
+ (dst, src1, src2, size));
static inline void crypto_xor(u8 *dst, const u8 *src, unsigned int size)
{
diff --git a/lib/crypto/utils.c b/lib/crypto/utils.c
index dec381d5e906..276519171e1c 100644
--- a/lib/crypto/utils.c
+++ b/lib/crypto/utils.c
@@ -15,7 +15,7 @@
* (which may alias one of the sources). Don't call this directly; call
* crypto_xor() or crypto_xor_cpy() instead.
*/
-void __crypto_xor(u8 *dst, const u8 *src1, const u8 *src2, unsigned int len)
+void CRYPTO_API(__crypto_xor)(u8 *dst, const u8 *src1, const u8 *src2, unsigned int len)
{
int relalign = 0;
@@ -84,7 +84,7 @@ void __crypto_xor(u8 *dst, const u8 *src1, const u8 *src2, unsigned int len)
while (len--)
*dst++ = *src1++ ^ *src2++;
}
-EXPORT_SYMBOL_GPL(__crypto_xor);
+DEFINE_CRYPTO_API(__crypto_xor);
MODULE_DESCRIPTION("Crypto library utility functions");
MODULE_LICENSE("GPL");
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 027/104] crypto: fips140: convert lib/crypto/sha512.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_LIB_SHA512 --source lib/crypto/sha512.c --header include/crypto/sha2.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/fips140-api.c | 28 +++++++++++++++
include/crypto/sha2.h | 83 ++++++++++++++++++++++++++++---------------
lib/crypto/sha512.c | 76 +++++++++++++++++++--------------------
3 files changed, 120 insertions(+), 67 deletions(-)
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 3b1677049c55..13148a3d3519 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -88,3 +88,31 @@ DEFINE_CRYPTO_API_STUB(hmac_sha256_usingrawkey);
#endif
+/*
+ * lib/crypto/sha512.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_LIB_SHA512)
+
+#include <crypto/sha2.h>
+
+DEFINE_CRYPTO_API_STUB(__sha512_update);
+DEFINE_CRYPTO_API_STUB(__hmac_sha512_init);
+DEFINE_CRYPTO_API_STUB(sha384_init);
+DEFINE_CRYPTO_API_STUB(sha384_final);
+DEFINE_CRYPTO_API_STUB(sha384);
+DEFINE_CRYPTO_API_STUB(hmac_sha384_preparekey);
+DEFINE_CRYPTO_API_STUB(hmac_sha384_init_usingrawkey);
+DEFINE_CRYPTO_API_STUB(hmac_sha384_final);
+DEFINE_CRYPTO_API_STUB(hmac_sha384);
+DEFINE_CRYPTO_API_STUB(hmac_sha384_usingrawkey);
+DEFINE_CRYPTO_API_STUB(sha512_init);
+DEFINE_CRYPTO_API_STUB(sha512_final);
+DEFINE_CRYPTO_API_STUB(sha512);
+DEFINE_CRYPTO_API_STUB(hmac_sha512_preparekey);
+DEFINE_CRYPTO_API_STUB(hmac_sha512_init_usingrawkey);
+DEFINE_CRYPTO_API_STUB(hmac_sha512_final);
+DEFINE_CRYPTO_API_STUB(hmac_sha512);
+DEFINE_CRYPTO_API_STUB(hmac_sha512_usingrawkey);
+
+#endif
+
diff --git a/include/crypto/sha2.h b/include/crypto/sha2.h
index 9fafcd99e9ce..ce908568009a 100644
--- a/include/crypto/sha2.h
+++ b/include/crypto/sha2.h
@@ -535,7 +535,9 @@ struct __sha512_ctx {
u64 bytecount_hi;
u8 buf[SHA512_BLOCK_SIZE] __aligned(__alignof__(__be64));
};
-void __sha512_update(struct __sha512_ctx *ctx, const u8 *data, size_t len);
+DECLARE_CRYPTO_API(__sha512_update, void,
+ (struct __sha512_ctx *ctx, const u8 *data, size_t len),
+ (ctx, data, len));
/*
* HMAC key and message context structs, shared by HMAC-SHA384 and HMAC-SHA512.
@@ -550,8 +552,9 @@ struct __hmac_sha512_ctx {
struct __sha512_ctx sha_ctx;
struct sha512_block_state ostate;
};
-void __hmac_sha512_init(struct __hmac_sha512_ctx *ctx,
- const struct __hmac_sha512_key *key);
+DECLARE_CRYPTO_API(__hmac_sha512_init, void,
+ (struct __hmac_sha512_ctx *ctx, const struct __hmac_sha512_key *key),
+ (ctx, key));
/**
* struct sha384_ctx - Context for hashing a message with SHA-384
@@ -569,7 +572,9 @@ struct sha384_ctx {
*
* Context: Any context.
*/
-void sha384_init(struct sha384_ctx *ctx);
+DECLARE_CRYPTO_API(sha384_init, void,
+ (struct sha384_ctx *ctx),
+ (ctx));
/**
* sha384_update() - Update a SHA-384 context with message data
@@ -596,7 +601,9 @@ static inline void sha384_update(struct sha384_ctx *ctx,
*
* Context: Any context.
*/
-void sha384_final(struct sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(sha384_final, void,
+ (struct sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]),
+ (ctx, out));
/**
* sha384() - Compute SHA-384 message digest in one shot
@@ -606,7 +613,9 @@ void sha384_final(struct sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]);
*
* Context: Any context.
*/
-void sha384(const u8 *data, size_t len, u8 out[SHA384_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(sha384, void,
+ (const u8 *data, size_t len, u8 out[SHA384_DIGEST_SIZE]),
+ (data, len, out));
/**
* struct hmac_sha384_key - Prepared key for HMAC-SHA384
@@ -635,8 +644,9 @@ struct hmac_sha384_ctx {
*
* Context: Any context.
*/
-void hmac_sha384_preparekey(struct hmac_sha384_key *key,
- const u8 *raw_key, size_t raw_key_len);
+DECLARE_CRYPTO_API(hmac_sha384_preparekey, void,
+ (struct hmac_sha384_key *key, const u8 *raw_key, size_t raw_key_len),
+ (key, raw_key, raw_key_len));
/**
* hmac_sha384_init() - Initialize an HMAC-SHA384 context for a new message
@@ -665,8 +675,9 @@ static inline void hmac_sha384_init(struct hmac_sha384_ctx *ctx,
*
* Context: Any context.
*/
-void hmac_sha384_init_usingrawkey(struct hmac_sha384_ctx *ctx,
- const u8 *raw_key, size_t raw_key_len);
+DECLARE_CRYPTO_API(hmac_sha384_init_usingrawkey, void,
+ (struct hmac_sha384_ctx *ctx, const u8 *raw_key, size_t raw_key_len),
+ (ctx, raw_key, raw_key_len));
/**
* hmac_sha384_update() - Update an HMAC-SHA384 context with message data
@@ -693,7 +704,9 @@ static inline void hmac_sha384_update(struct hmac_sha384_ctx *ctx,
*
* Context: Any context.
*/
-void hmac_sha384_final(struct hmac_sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha384_final, void,
+ (struct hmac_sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]),
+ (ctx, out));
/**
* hmac_sha384() - Compute HMAC-SHA384 in one shot, using a prepared key
@@ -706,8 +719,9 @@ void hmac_sha384_final(struct hmac_sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE]);
*
* Context: Any context.
*/
-void hmac_sha384(const struct hmac_sha384_key *key,
- const u8 *data, size_t data_len, u8 out[SHA384_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha384, void,
+ (const struct hmac_sha384_key *key, const u8 *data, size_t data_len, u8 out[SHA384_DIGEST_SIZE]),
+ (key, data, data_len, out));
/**
* hmac_sha384_usingrawkey() - Compute HMAC-SHA384 in one shot, using a raw key
@@ -722,9 +736,9 @@ void hmac_sha384(const struct hmac_sha384_key *key,
*
* Context: Any context.
*/
-void hmac_sha384_usingrawkey(const u8 *raw_key, size_t raw_key_len,
- const u8 *data, size_t data_len,
- u8 out[SHA384_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha384_usingrawkey, void,
+ (const u8 *raw_key, size_t raw_key_len, const u8 *data, size_t data_len, u8 out[SHA384_DIGEST_SIZE]),
+ (raw_key, raw_key_len, data, data_len, out));
/**
* struct sha512_ctx - Context for hashing a message with SHA-512
@@ -742,7 +756,9 @@ struct sha512_ctx {
*
* Context: Any context.
*/
-void sha512_init(struct sha512_ctx *ctx);
+DECLARE_CRYPTO_API(sha512_init, void,
+ (struct sha512_ctx *ctx),
+ (ctx));
/**
* sha512_update() - Update a SHA-512 context with message data
@@ -769,7 +785,9 @@ static inline void sha512_update(struct sha512_ctx *ctx,
*
* Context: Any context.
*/
-void sha512_final(struct sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(sha512_final, void,
+ (struct sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]),
+ (ctx, out));
/**
* sha512() - Compute SHA-512 message digest in one shot
@@ -779,7 +797,9 @@ void sha512_final(struct sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]);
*
* Context: Any context.
*/
-void sha512(const u8 *data, size_t len, u8 out[SHA512_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(sha512, void,
+ (const u8 *data, size_t len, u8 out[SHA512_DIGEST_SIZE]),
+ (data, len, out));
/**
* struct hmac_sha512_key - Prepared key for HMAC-SHA512
@@ -808,8 +828,9 @@ struct hmac_sha512_ctx {
*
* Context: Any context.
*/
-void hmac_sha512_preparekey(struct hmac_sha512_key *key,
- const u8 *raw_key, size_t raw_key_len);
+DECLARE_CRYPTO_API(hmac_sha512_preparekey, void,
+ (struct hmac_sha512_key *key, const u8 *raw_key, size_t raw_key_len),
+ (key, raw_key, raw_key_len));
/**
* hmac_sha512_init() - Initialize an HMAC-SHA512 context for a new message
@@ -838,8 +859,9 @@ static inline void hmac_sha512_init(struct hmac_sha512_ctx *ctx,
*
* Context: Any context.
*/
-void hmac_sha512_init_usingrawkey(struct hmac_sha512_ctx *ctx,
- const u8 *raw_key, size_t raw_key_len);
+DECLARE_CRYPTO_API(hmac_sha512_init_usingrawkey, void,
+ (struct hmac_sha512_ctx *ctx, const u8 *raw_key, size_t raw_key_len),
+ (ctx, raw_key, raw_key_len));
/**
* hmac_sha512_update() - Update an HMAC-SHA512 context with message data
@@ -866,7 +888,9 @@ static inline void hmac_sha512_update(struct hmac_sha512_ctx *ctx,
*
* Context: Any context.
*/
-void hmac_sha512_final(struct hmac_sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha512_final, void,
+ (struct hmac_sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]),
+ (ctx, out));
/**
* hmac_sha512() - Compute HMAC-SHA512 in one shot, using a prepared key
@@ -879,8 +903,9 @@ void hmac_sha512_final(struct hmac_sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE]);
*
* Context: Any context.
*/
-void hmac_sha512(const struct hmac_sha512_key *key,
- const u8 *data, size_t data_len, u8 out[SHA512_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha512, void,
+ (const struct hmac_sha512_key *key, const u8 *data, size_t data_len, u8 out[SHA512_DIGEST_SIZE]),
+ (key, data, data_len, out));
/**
* hmac_sha512_usingrawkey() - Compute HMAC-SHA512 in one shot, using a raw key
@@ -895,8 +920,8 @@ void hmac_sha512(const struct hmac_sha512_key *key,
*
* Context: Any context.
*/
-void hmac_sha512_usingrawkey(const u8 *raw_key, size_t raw_key_len,
- const u8 *data, size_t data_len,
- u8 out[SHA512_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha512_usingrawkey, void,
+ (const u8 *raw_key, size_t raw_key_len, const u8 *data, size_t data_len, u8 out[SHA512_DIGEST_SIZE]),
+ (raw_key, raw_key_len, data, data_len, out));
#endif /* _CRYPTO_SHA2_H */
diff --git a/lib/crypto/sha512.c b/lib/crypto/sha512.c
index d8062188be98..9a170bf1a48c 100644
--- a/lib/crypto/sha512.c
+++ b/lib/crypto/sha512.c
@@ -147,19 +147,19 @@ static void __sha512_init(struct __sha512_ctx *ctx,
ctx->bytecount_hi = 0;
}
-void sha384_init(struct sha384_ctx *ctx)
+void CRYPTO_API(sha384_init)(struct sha384_ctx *ctx)
{
__sha512_init(&ctx->ctx, &sha384_iv, 0);
}
-EXPORT_SYMBOL_GPL(sha384_init);
+DEFINE_CRYPTO_API(sha384_init);
-void sha512_init(struct sha512_ctx *ctx)
+void CRYPTO_API(sha512_init)(struct sha512_ctx *ctx)
{
__sha512_init(&ctx->ctx, &sha512_iv, 0);
}
-EXPORT_SYMBOL_GPL(sha512_init);
+DEFINE_CRYPTO_API(sha512_init);
-void __sha512_update(struct __sha512_ctx *ctx, const u8 *data, size_t len)
+void CRYPTO_API(__sha512_update)(struct __sha512_ctx *ctx, const u8 *data, size_t len)
{
size_t partial = ctx->bytecount_lo % SHA512_BLOCK_SIZE;
@@ -191,7 +191,7 @@ void __sha512_update(struct __sha512_ctx *ctx, const u8 *data, size_t len)
if (len)
memcpy(&ctx->buf[partial], data, len);
}
-EXPORT_SYMBOL_GPL(__sha512_update);
+DEFINE_CRYPTO_API(__sha512_update);
static void __sha512_final(struct __sha512_ctx *ctx,
u8 *out, size_t digest_size)
@@ -215,21 +215,21 @@ static void __sha512_final(struct __sha512_ctx *ctx,
put_unaligned_be64(ctx->state.h[i / 8], out + i);
}
-void sha384_final(struct sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE])
+void CRYPTO_API(sha384_final)(struct sha384_ctx *ctx, u8 out[SHA384_DIGEST_SIZE])
{
__sha512_final(&ctx->ctx, out, SHA384_DIGEST_SIZE);
memzero_explicit(ctx, sizeof(*ctx));
}
-EXPORT_SYMBOL_GPL(sha384_final);
+DEFINE_CRYPTO_API(sha384_final);
-void sha512_final(struct sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE])
+void CRYPTO_API(sha512_final)(struct sha512_ctx *ctx, u8 out[SHA512_DIGEST_SIZE])
{
__sha512_final(&ctx->ctx, out, SHA512_DIGEST_SIZE);
memzero_explicit(ctx, sizeof(*ctx));
}
-EXPORT_SYMBOL_GPL(sha512_final);
+DEFINE_CRYPTO_API(sha512_final);
-void sha384(const u8 *data, size_t len, u8 out[SHA384_DIGEST_SIZE])
+void CRYPTO_API(sha384)(const u8 *data, size_t len, u8 out[SHA384_DIGEST_SIZE])
{
struct sha384_ctx ctx;
@@ -237,9 +237,9 @@ void sha384(const u8 *data, size_t len, u8 out[SHA384_DIGEST_SIZE])
sha384_update(&ctx, data, len);
sha384_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(sha384);
+DEFINE_CRYPTO_API(sha384);
-void sha512(const u8 *data, size_t len, u8 out[SHA512_DIGEST_SIZE])
+void CRYPTO_API(sha512)(const u8 *data, size_t len, u8 out[SHA512_DIGEST_SIZE])
{
struct sha512_ctx ctx;
@@ -247,7 +247,7 @@ void sha512(const u8 *data, size_t len, u8 out[SHA512_DIGEST_SIZE])
sha512_update(&ctx, data, len);
sha512_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(sha512);
+DEFINE_CRYPTO_API(sha512);
static void __hmac_sha512_preparekey(struct sha512_block_state *istate,
struct sha512_block_state *ostate,
@@ -282,31 +282,31 @@ static void __hmac_sha512_preparekey(struct sha512_block_state *istate,
memzero_explicit(&derived_key, sizeof(derived_key));
}
-void hmac_sha384_preparekey(struct hmac_sha384_key *key,
+void CRYPTO_API(hmac_sha384_preparekey)(struct hmac_sha384_key *key,
const u8 *raw_key, size_t raw_key_len)
{
__hmac_sha512_preparekey(&key->key.istate, &key->key.ostate,
raw_key, raw_key_len, &sha384_iv);
}
-EXPORT_SYMBOL_GPL(hmac_sha384_preparekey);
+DEFINE_CRYPTO_API(hmac_sha384_preparekey);
-void hmac_sha512_preparekey(struct hmac_sha512_key *key,
+void CRYPTO_API(hmac_sha512_preparekey)(struct hmac_sha512_key *key,
const u8 *raw_key, size_t raw_key_len)
{
__hmac_sha512_preparekey(&key->key.istate, &key->key.ostate,
raw_key, raw_key_len, &sha512_iv);
}
-EXPORT_SYMBOL_GPL(hmac_sha512_preparekey);
+DEFINE_CRYPTO_API(hmac_sha512_preparekey);
-void __hmac_sha512_init(struct __hmac_sha512_ctx *ctx,
+void CRYPTO_API(__hmac_sha512_init)(struct __hmac_sha512_ctx *ctx,
const struct __hmac_sha512_key *key)
{
__sha512_init(&ctx->sha_ctx, &key->istate, SHA512_BLOCK_SIZE);
ctx->ostate = key->ostate;
}
-EXPORT_SYMBOL_GPL(__hmac_sha512_init);
+DEFINE_CRYPTO_API(__hmac_sha512_init);
-void hmac_sha384_init_usingrawkey(struct hmac_sha384_ctx *ctx,
+void CRYPTO_API(hmac_sha384_init_usingrawkey)(struct hmac_sha384_ctx *ctx,
const u8 *raw_key, size_t raw_key_len)
{
__hmac_sha512_preparekey(&ctx->ctx.sha_ctx.state, &ctx->ctx.ostate,
@@ -314,9 +314,9 @@ void hmac_sha384_init_usingrawkey(struct hmac_sha384_ctx *ctx,
ctx->ctx.sha_ctx.bytecount_lo = SHA512_BLOCK_SIZE;
ctx->ctx.sha_ctx.bytecount_hi = 0;
}
-EXPORT_SYMBOL_GPL(hmac_sha384_init_usingrawkey);
+DEFINE_CRYPTO_API(hmac_sha384_init_usingrawkey);
-void hmac_sha512_init_usingrawkey(struct hmac_sha512_ctx *ctx,
+void CRYPTO_API(hmac_sha512_init_usingrawkey)(struct hmac_sha512_ctx *ctx,
const u8 *raw_key, size_t raw_key_len)
{
__hmac_sha512_preparekey(&ctx->ctx.sha_ctx.state, &ctx->ctx.ostate,
@@ -324,7 +324,7 @@ void hmac_sha512_init_usingrawkey(struct hmac_sha512_ctx *ctx,
ctx->ctx.sha_ctx.bytecount_lo = SHA512_BLOCK_SIZE;
ctx->ctx.sha_ctx.bytecount_hi = 0;
}
-EXPORT_SYMBOL_GPL(hmac_sha512_init_usingrawkey);
+DEFINE_CRYPTO_API(hmac_sha512_init_usingrawkey);
static void __hmac_sha512_final(struct __hmac_sha512_ctx *ctx,
u8 *out, size_t digest_size)
@@ -345,21 +345,21 @@ static void __hmac_sha512_final(struct __hmac_sha512_ctx *ctx,
memzero_explicit(ctx, sizeof(*ctx));
}
-void hmac_sha384_final(struct hmac_sha384_ctx *ctx,
+void CRYPTO_API(hmac_sha384_final)(struct hmac_sha384_ctx *ctx,
u8 out[SHA384_DIGEST_SIZE])
{
__hmac_sha512_final(&ctx->ctx, out, SHA384_DIGEST_SIZE);
}
-EXPORT_SYMBOL_GPL(hmac_sha384_final);
+DEFINE_CRYPTO_API(hmac_sha384_final);
-void hmac_sha512_final(struct hmac_sha512_ctx *ctx,
+void CRYPTO_API(hmac_sha512_final)(struct hmac_sha512_ctx *ctx,
u8 out[SHA512_DIGEST_SIZE])
{
__hmac_sha512_final(&ctx->ctx, out, SHA512_DIGEST_SIZE);
}
-EXPORT_SYMBOL_GPL(hmac_sha512_final);
+DEFINE_CRYPTO_API(hmac_sha512_final);
-void hmac_sha384(const struct hmac_sha384_key *key,
+void CRYPTO_API(hmac_sha384)(const struct hmac_sha384_key *key,
const u8 *data, size_t data_len, u8 out[SHA384_DIGEST_SIZE])
{
struct hmac_sha384_ctx ctx;
@@ -368,9 +368,9 @@ void hmac_sha384(const struct hmac_sha384_key *key,
hmac_sha384_update(&ctx, data, data_len);
hmac_sha384_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(hmac_sha384);
+DEFINE_CRYPTO_API(hmac_sha384);
-void hmac_sha512(const struct hmac_sha512_key *key,
+void CRYPTO_API(hmac_sha512)(const struct hmac_sha512_key *key,
const u8 *data, size_t data_len, u8 out[SHA512_DIGEST_SIZE])
{
struct hmac_sha512_ctx ctx;
@@ -379,9 +379,9 @@ void hmac_sha512(const struct hmac_sha512_key *key,
hmac_sha512_update(&ctx, data, data_len);
hmac_sha512_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(hmac_sha512);
+DEFINE_CRYPTO_API(hmac_sha512);
-void hmac_sha384_usingrawkey(const u8 *raw_key, size_t raw_key_len,
+void CRYPTO_API(hmac_sha384_usingrawkey)(const u8 *raw_key, size_t raw_key_len,
const u8 *data, size_t data_len,
u8 out[SHA384_DIGEST_SIZE])
{
@@ -391,9 +391,9 @@ void hmac_sha384_usingrawkey(const u8 *raw_key, size_t raw_key_len,
hmac_sha384_update(&ctx, data, data_len);
hmac_sha384_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(hmac_sha384_usingrawkey);
+DEFINE_CRYPTO_API(hmac_sha384_usingrawkey);
-void hmac_sha512_usingrawkey(const u8 *raw_key, size_t raw_key_len,
+void CRYPTO_API(hmac_sha512_usingrawkey)(const u8 *raw_key, size_t raw_key_len,
const u8 *data, size_t data_len,
u8 out[SHA512_DIGEST_SIZE])
{
@@ -403,7 +403,7 @@ void hmac_sha512_usingrawkey(const u8 *raw_key, size_t raw_key_len,
hmac_sha512_update(&ctx, data, data_len);
hmac_sha512_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(hmac_sha512_usingrawkey);
+DEFINE_CRYPTO_API(hmac_sha512_usingrawkey);
#ifdef sha512_mod_init_arch
static int __init sha512_mod_init(void)
@@ -411,12 +411,12 @@ static int __init sha512_mod_init(void)
sha512_mod_init_arch();
return 0;
}
-subsys_initcall(sha512_mod_init);
+crypto_subsys_initcall(sha512_mod_init);
static void __exit sha512_mod_exit(void)
{
}
-module_exit(sha512_mod_exit);
+crypto_module_exit(sha512_mod_exit);
#endif
MODULE_DESCRIPTION("SHA-384, SHA-512, HMAC-SHA384, and HMAC-SHA512 library functions");
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 025/104] crypto: fips140: convert lib/crypto/memneq.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_LIB_UTILS --source lib/crypto/memneq.c --header include/crypto/utils.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/fips140-api.c | 11 +++++++++++
include/crypto/utils.h | 5 ++++-
lib/crypto/memneq.c | 4 ++--
3 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 6c29b46631e4..16d0d8afebe7 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -49,3 +49,14 @@ DEFINE_CRYPTO_API_STUB(gf128mul_64k_bbe);
#endif
+/*
+ * lib/crypto/memneq.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_LIB_UTILS)
+
+#include <crypto/utils.h>
+
+DEFINE_CRYPTO_API_STUB(__crypto_memneq);
+
+#endif
+
diff --git a/include/crypto/utils.h b/include/crypto/utils.h
index 2594f45777b5..d7c3dae79138 100644
--- a/include/crypto/utils.h
+++ b/include/crypto/utils.h
@@ -7,6 +7,7 @@
#ifndef _CRYPTO_UTILS_H
#define _CRYPTO_UTILS_H
+#include <crypto/api.h>
#include <linux/unaligned.h>
#include <linux/compiler_attributes.h>
#include <linux/types.h>
@@ -53,7 +54,9 @@ static inline void crypto_xor_cpy(u8 *dst, const u8 *src1, const u8 *src2,
}
}
-noinline unsigned long __crypto_memneq(const void *a, const void *b, size_t size);
+DECLARE_CRYPTO_API(__crypto_memneq, unsigned long,
+ (const void *a, const void *b, size_t size),
+ (a, b, size));
/**
* crypto_memneq - Compare two areas of memory without leaking
diff --git a/lib/crypto/memneq.c b/lib/crypto/memneq.c
index 44daacb8cb51..2ee1d7d71d49 100644
--- a/lib/crypto/memneq.c
+++ b/lib/crypto/memneq.c
@@ -161,7 +161,7 @@ static inline unsigned long __crypto_memneq_16(const void *a, const void *b)
* not call this function directly, but should instead use
* crypto_memneq defined in crypto/algapi.h.
*/
-noinline unsigned long __crypto_memneq(const void *a, const void *b,
+unsigned long CRYPTO_API(__crypto_memneq)(const void *a, const void *b,
size_t size)
{
switch (size) {
@@ -171,4 +171,4 @@ noinline unsigned long __crypto_memneq(const void *a, const void *b,
return __crypto_memneq_generic(a, b, size);
}
}
-EXPORT_SYMBOL(__crypto_memneq);
+DEFINE_CRYPTO_API(__crypto_memneq);
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 026/104] crypto: fips140: convert lib/crypto/sha256.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_LIB_SHA256 --source lib/crypto/sha256.c --header include/crypto/sha2.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/fips140-api.c | 28 +++++++++++++++
include/crypto/sha2.h | 84 ++++++++++++++++++++++++++++---------------
lib/crypto/sha256.c | 76 +++++++++++++++++++--------------------
3 files changed, 121 insertions(+), 67 deletions(-)
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 16d0d8afebe7..3b1677049c55 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -60,3 +60,31 @@ DEFINE_CRYPTO_API_STUB(__crypto_memneq);
#endif
+/*
+ * lib/crypto/sha256.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_LIB_SHA256)
+
+#include <crypto/sha2.h>
+
+DEFINE_CRYPTO_API_STUB(__sha256_update);
+DEFINE_CRYPTO_API_STUB(__hmac_sha256_init);
+DEFINE_CRYPTO_API_STUB(sha224_init);
+DEFINE_CRYPTO_API_STUB(sha224_final);
+DEFINE_CRYPTO_API_STUB(sha224);
+DEFINE_CRYPTO_API_STUB(hmac_sha224_preparekey);
+DEFINE_CRYPTO_API_STUB(hmac_sha224_init_usingrawkey);
+DEFINE_CRYPTO_API_STUB(hmac_sha224_final);
+DEFINE_CRYPTO_API_STUB(hmac_sha224);
+DEFINE_CRYPTO_API_STUB(hmac_sha224_usingrawkey);
+DEFINE_CRYPTO_API_STUB(sha256_init);
+DEFINE_CRYPTO_API_STUB(sha256_final);
+DEFINE_CRYPTO_API_STUB(sha256);
+DEFINE_CRYPTO_API_STUB(hmac_sha256_preparekey);
+DEFINE_CRYPTO_API_STUB(hmac_sha256_init_usingrawkey);
+DEFINE_CRYPTO_API_STUB(hmac_sha256_final);
+DEFINE_CRYPTO_API_STUB(hmac_sha256);
+DEFINE_CRYPTO_API_STUB(hmac_sha256_usingrawkey);
+
+#endif
+
diff --git a/include/crypto/sha2.h b/include/crypto/sha2.h
index 15e461e568cc..9fafcd99e9ce 100644
--- a/include/crypto/sha2.h
+++ b/include/crypto/sha2.h
@@ -6,6 +6,7 @@
#ifndef _CRYPTO_SHA2_H
#define _CRYPTO_SHA2_H
+#include <crypto/api.h>
#include <linux/types.h>
#define SHA224_DIGEST_SIZE 28
@@ -129,7 +130,9 @@ struct __sha256_ctx {
u64 bytecount;
u8 buf[SHA256_BLOCK_SIZE] __aligned(__alignof__(__be64));
};
-void __sha256_update(struct __sha256_ctx *ctx, const u8 *data, size_t len);
+DECLARE_CRYPTO_API(__sha256_update, void,
+ (struct __sha256_ctx *ctx, const u8 *data, size_t len),
+ (ctx, data, len));
/*
* HMAC key and message context structs, shared by HMAC-SHA224 and HMAC-SHA256.
@@ -144,8 +147,9 @@ struct __hmac_sha256_ctx {
struct __sha256_ctx sha_ctx;
struct sha256_block_state ostate;
};
-void __hmac_sha256_init(struct __hmac_sha256_ctx *ctx,
- const struct __hmac_sha256_key *key);
+DECLARE_CRYPTO_API(__hmac_sha256_init, void,
+ (struct __hmac_sha256_ctx *ctx, const struct __hmac_sha256_key *key),
+ (ctx, key));
/**
* struct sha224_ctx - Context for hashing a message with SHA-224
@@ -163,7 +167,9 @@ struct sha224_ctx {
*
* Context: Any context.
*/
-void sha224_init(struct sha224_ctx *ctx);
+DECLARE_CRYPTO_API(sha224_init, void,
+ (struct sha224_ctx *ctx),
+ (ctx));
/**
* sha224_update() - Update a SHA-224 context with message data
@@ -190,7 +196,9 @@ static inline void sha224_update(struct sha224_ctx *ctx,
*
* Context: Any context.
*/
-void sha224_final(struct sha224_ctx *ctx, u8 out[SHA224_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(sha224_final, void,
+ (struct sha224_ctx *ctx, u8 out[SHA224_DIGEST_SIZE]),
+ (ctx, out));
/**
* sha224() - Compute SHA-224 message digest in one shot
@@ -200,7 +208,9 @@ void sha224_final(struct sha224_ctx *ctx, u8 out[SHA224_DIGEST_SIZE]);
*
* Context: Any context.
*/
-void sha224(const u8 *data, size_t len, u8 out[SHA224_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(sha224, void,
+ (const u8 *data, size_t len, u8 out[SHA224_DIGEST_SIZE]),
+ (data, len, out));
/**
* struct hmac_sha224_key - Prepared key for HMAC-SHA224
@@ -229,8 +239,9 @@ struct hmac_sha224_ctx {
*
* Context: Any context.
*/
-void hmac_sha224_preparekey(struct hmac_sha224_key *key,
- const u8 *raw_key, size_t raw_key_len);
+DECLARE_CRYPTO_API(hmac_sha224_preparekey, void,
+ (struct hmac_sha224_key *key, const u8 *raw_key, size_t raw_key_len),
+ (key, raw_key, raw_key_len));
/**
* hmac_sha224_init() - Initialize an HMAC-SHA224 context for a new message
@@ -259,8 +270,9 @@ static inline void hmac_sha224_init(struct hmac_sha224_ctx *ctx,
*
* Context: Any context.
*/
-void hmac_sha224_init_usingrawkey(struct hmac_sha224_ctx *ctx,
- const u8 *raw_key, size_t raw_key_len);
+DECLARE_CRYPTO_API(hmac_sha224_init_usingrawkey, void,
+ (struct hmac_sha224_ctx *ctx, const u8 *raw_key, size_t raw_key_len),
+ (ctx, raw_key, raw_key_len));
/**
* hmac_sha224_update() - Update an HMAC-SHA224 context with message data
@@ -287,7 +299,9 @@ static inline void hmac_sha224_update(struct hmac_sha224_ctx *ctx,
*
* Context: Any context.
*/
-void hmac_sha224_final(struct hmac_sha224_ctx *ctx, u8 out[SHA224_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha224_final, void,
+ (struct hmac_sha224_ctx *ctx, u8 out[SHA224_DIGEST_SIZE]),
+ (ctx, out));
/**
* hmac_sha224() - Compute HMAC-SHA224 in one shot, using a prepared key
@@ -300,8 +314,9 @@ void hmac_sha224_final(struct hmac_sha224_ctx *ctx, u8 out[SHA224_DIGEST_SIZE]);
*
* Context: Any context.
*/
-void hmac_sha224(const struct hmac_sha224_key *key,
- const u8 *data, size_t data_len, u8 out[SHA224_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha224, void,
+ (const struct hmac_sha224_key *key, const u8 *data, size_t data_len, u8 out[SHA224_DIGEST_SIZE]),
+ (key, data, data_len, out));
/**
* hmac_sha224_usingrawkey() - Compute HMAC-SHA224 in one shot, using a raw key
@@ -316,9 +331,9 @@ void hmac_sha224(const struct hmac_sha224_key *key,
*
* Context: Any context.
*/
-void hmac_sha224_usingrawkey(const u8 *raw_key, size_t raw_key_len,
- const u8 *data, size_t data_len,
- u8 out[SHA224_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha224_usingrawkey, void,
+ (const u8 *raw_key, size_t raw_key_len, const u8 *data, size_t data_len, u8 out[SHA224_DIGEST_SIZE]),
+ (raw_key, raw_key_len, data, data_len, out));
/**
* struct sha256_ctx - Context for hashing a message with SHA-256
@@ -336,7 +351,9 @@ struct sha256_ctx {
*
* Context: Any context.
*/
-void sha256_init(struct sha256_ctx *ctx);
+DECLARE_CRYPTO_API(sha256_init, void,
+ (struct sha256_ctx *ctx),
+ (ctx));
/**
* sha256_update() - Update a SHA-256 context with message data
@@ -363,7 +380,9 @@ static inline void sha256_update(struct sha256_ctx *ctx,
*
* Context: Any context.
*/
-void sha256_final(struct sha256_ctx *ctx, u8 out[SHA256_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(sha256_final, void,
+ (struct sha256_ctx *ctx, u8 out[SHA256_DIGEST_SIZE]),
+ (ctx, out));
/**
* sha256() - Compute SHA-256 message digest in one shot
@@ -373,7 +392,9 @@ void sha256_final(struct sha256_ctx *ctx, u8 out[SHA256_DIGEST_SIZE]);
*
* Context: Any context.
*/
-void sha256(const u8 *data, size_t len, u8 out[SHA256_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(sha256, void,
+ (const u8 *data, size_t len, u8 out[SHA256_DIGEST_SIZE]),
+ (data, len, out));
/**
* struct hmac_sha256_key - Prepared key for HMAC-SHA256
@@ -402,8 +423,9 @@ struct hmac_sha256_ctx {
*
* Context: Any context.
*/
-void hmac_sha256_preparekey(struct hmac_sha256_key *key,
- const u8 *raw_key, size_t raw_key_len);
+DECLARE_CRYPTO_API(hmac_sha256_preparekey, void,
+ (struct hmac_sha256_key *key, const u8 *raw_key, size_t raw_key_len),
+ (key, raw_key, raw_key_len));
/**
* hmac_sha256_init() - Initialize an HMAC-SHA256 context for a new message
@@ -432,8 +454,9 @@ static inline void hmac_sha256_init(struct hmac_sha256_ctx *ctx,
*
* Context: Any context.
*/
-void hmac_sha256_init_usingrawkey(struct hmac_sha256_ctx *ctx,
- const u8 *raw_key, size_t raw_key_len);
+DECLARE_CRYPTO_API(hmac_sha256_init_usingrawkey, void,
+ (struct hmac_sha256_ctx *ctx, const u8 *raw_key, size_t raw_key_len),
+ (ctx, raw_key, raw_key_len));
/**
* hmac_sha256_update() - Update an HMAC-SHA256 context with message data
@@ -460,7 +483,9 @@ static inline void hmac_sha256_update(struct hmac_sha256_ctx *ctx,
*
* Context: Any context.
*/
-void hmac_sha256_final(struct hmac_sha256_ctx *ctx, u8 out[SHA256_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha256_final, void,
+ (struct hmac_sha256_ctx *ctx, u8 out[SHA256_DIGEST_SIZE]),
+ (ctx, out));
/**
* hmac_sha256() - Compute HMAC-SHA256 in one shot, using a prepared key
@@ -473,8 +498,9 @@ void hmac_sha256_final(struct hmac_sha256_ctx *ctx, u8 out[SHA256_DIGEST_SIZE]);
*
* Context: Any context.
*/
-void hmac_sha256(const struct hmac_sha256_key *key,
- const u8 *data, size_t data_len, u8 out[SHA256_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha256, void,
+ (const struct hmac_sha256_key *key, const u8 *data, size_t data_len, u8 out[SHA256_DIGEST_SIZE]),
+ (key, data, data_len, out));
/**
* hmac_sha256_usingrawkey() - Compute HMAC-SHA256 in one shot, using a raw key
@@ -489,9 +515,9 @@ void hmac_sha256(const struct hmac_sha256_key *key,
*
* Context: Any context.
*/
-void hmac_sha256_usingrawkey(const u8 *raw_key, size_t raw_key_len,
- const u8 *data, size_t data_len,
- u8 out[SHA256_DIGEST_SIZE]);
+DECLARE_CRYPTO_API(hmac_sha256_usingrawkey, void,
+ (const u8 *raw_key, size_t raw_key_len, const u8 *data, size_t data_len, u8 out[SHA256_DIGEST_SIZE]),
+ (raw_key, raw_key_len, data, data_len, out));
/* State for the SHA-512 (and SHA-384) compression function */
struct sha512_block_state {
diff --git a/lib/crypto/sha256.c b/lib/crypto/sha256.c
index 8fa15165d23e..36a9f2bf77e2 100644
--- a/lib/crypto/sha256.c
+++ b/lib/crypto/sha256.c
@@ -162,19 +162,19 @@ static void __sha256_init(struct __sha256_ctx *ctx,
ctx->bytecount = initial_bytecount;
}
-void sha224_init(struct sha224_ctx *ctx)
+void CRYPTO_API(sha224_init)(struct sha224_ctx *ctx)
{
__sha256_init(&ctx->ctx, &sha224_iv, 0);
}
-EXPORT_SYMBOL_GPL(sha224_init);
+DEFINE_CRYPTO_API(sha224_init);
-void sha256_init(struct sha256_ctx *ctx)
+void CRYPTO_API(sha256_init)(struct sha256_ctx *ctx)
{
__sha256_init(&ctx->ctx, &sha256_iv, 0);
}
-EXPORT_SYMBOL_GPL(sha256_init);
+DEFINE_CRYPTO_API(sha256_init);
-void __sha256_update(struct __sha256_ctx *ctx, const u8 *data, size_t len)
+void CRYPTO_API(__sha256_update)(struct __sha256_ctx *ctx, const u8 *data, size_t len)
{
size_t partial = ctx->bytecount % SHA256_BLOCK_SIZE;
@@ -205,7 +205,7 @@ void __sha256_update(struct __sha256_ctx *ctx, const u8 *data, size_t len)
if (len)
memcpy(&ctx->buf[partial], data, len);
}
-EXPORT_SYMBOL(__sha256_update);
+DEFINE_CRYPTO_API(__sha256_update);
static void __sha256_final(struct __sha256_ctx *ctx,
u8 *out, size_t digest_size)
@@ -227,21 +227,21 @@ static void __sha256_final(struct __sha256_ctx *ctx,
put_unaligned_be32(ctx->state.h[i / 4], out + i);
}
-void sha224_final(struct sha224_ctx *ctx, u8 out[SHA224_DIGEST_SIZE])
+void CRYPTO_API(sha224_final)(struct sha224_ctx *ctx, u8 out[SHA224_DIGEST_SIZE])
{
__sha256_final(&ctx->ctx, out, SHA224_DIGEST_SIZE);
memzero_explicit(ctx, sizeof(*ctx));
}
-EXPORT_SYMBOL(sha224_final);
+DEFINE_CRYPTO_API(sha224_final);
-void sha256_final(struct sha256_ctx *ctx, u8 out[SHA256_DIGEST_SIZE])
+void CRYPTO_API(sha256_final)(struct sha256_ctx *ctx, u8 out[SHA256_DIGEST_SIZE])
{
__sha256_final(&ctx->ctx, out, SHA256_DIGEST_SIZE);
memzero_explicit(ctx, sizeof(*ctx));
}
-EXPORT_SYMBOL(sha256_final);
+DEFINE_CRYPTO_API(sha256_final);
-void sha224(const u8 *data, size_t len, u8 out[SHA224_DIGEST_SIZE])
+void CRYPTO_API(sha224)(const u8 *data, size_t len, u8 out[SHA224_DIGEST_SIZE])
{
struct sha224_ctx ctx;
@@ -249,9 +249,9 @@ void sha224(const u8 *data, size_t len, u8 out[SHA224_DIGEST_SIZE])
sha224_update(&ctx, data, len);
sha224_final(&ctx, out);
}
-EXPORT_SYMBOL(sha224);
+DEFINE_CRYPTO_API(sha224);
-void sha256(const u8 *data, size_t len, u8 out[SHA256_DIGEST_SIZE])
+void CRYPTO_API(sha256)(const u8 *data, size_t len, u8 out[SHA256_DIGEST_SIZE])
{
struct sha256_ctx ctx;
@@ -259,7 +259,7 @@ void sha256(const u8 *data, size_t len, u8 out[SHA256_DIGEST_SIZE])
sha256_update(&ctx, data, len);
sha256_final(&ctx, out);
}
-EXPORT_SYMBOL(sha256);
+DEFINE_CRYPTO_API(sha256);
/* pre-boot environment (as indicated by __DISABLE_EXPORTS) doesn't need HMAC */
#ifndef __DISABLE_EXPORTS
@@ -296,47 +296,47 @@ static void __hmac_sha256_preparekey(struct sha256_block_state *istate,
memzero_explicit(&derived_key, sizeof(derived_key));
}
-void hmac_sha224_preparekey(struct hmac_sha224_key *key,
+void CRYPTO_API(hmac_sha224_preparekey)(struct hmac_sha224_key *key,
const u8 *raw_key, size_t raw_key_len)
{
__hmac_sha256_preparekey(&key->key.istate, &key->key.ostate,
raw_key, raw_key_len, &sha224_iv);
}
-EXPORT_SYMBOL_GPL(hmac_sha224_preparekey);
+DEFINE_CRYPTO_API(hmac_sha224_preparekey);
-void hmac_sha256_preparekey(struct hmac_sha256_key *key,
+void CRYPTO_API(hmac_sha256_preparekey)(struct hmac_sha256_key *key,
const u8 *raw_key, size_t raw_key_len)
{
__hmac_sha256_preparekey(&key->key.istate, &key->key.ostate,
raw_key, raw_key_len, &sha256_iv);
}
-EXPORT_SYMBOL_GPL(hmac_sha256_preparekey);
+DEFINE_CRYPTO_API(hmac_sha256_preparekey);
-void __hmac_sha256_init(struct __hmac_sha256_ctx *ctx,
+void CRYPTO_API(__hmac_sha256_init)(struct __hmac_sha256_ctx *ctx,
const struct __hmac_sha256_key *key)
{
__sha256_init(&ctx->sha_ctx, &key->istate, SHA256_BLOCK_SIZE);
ctx->ostate = key->ostate;
}
-EXPORT_SYMBOL_GPL(__hmac_sha256_init);
+DEFINE_CRYPTO_API(__hmac_sha256_init);
-void hmac_sha224_init_usingrawkey(struct hmac_sha224_ctx *ctx,
+void CRYPTO_API(hmac_sha224_init_usingrawkey)(struct hmac_sha224_ctx *ctx,
const u8 *raw_key, size_t raw_key_len)
{
__hmac_sha256_preparekey(&ctx->ctx.sha_ctx.state, &ctx->ctx.ostate,
raw_key, raw_key_len, &sha224_iv);
ctx->ctx.sha_ctx.bytecount = SHA256_BLOCK_SIZE;
}
-EXPORT_SYMBOL_GPL(hmac_sha224_init_usingrawkey);
+DEFINE_CRYPTO_API(hmac_sha224_init_usingrawkey);
-void hmac_sha256_init_usingrawkey(struct hmac_sha256_ctx *ctx,
+void CRYPTO_API(hmac_sha256_init_usingrawkey)(struct hmac_sha256_ctx *ctx,
const u8 *raw_key, size_t raw_key_len)
{
__hmac_sha256_preparekey(&ctx->ctx.sha_ctx.state, &ctx->ctx.ostate,
raw_key, raw_key_len, &sha256_iv);
ctx->ctx.sha_ctx.bytecount = SHA256_BLOCK_SIZE;
}
-EXPORT_SYMBOL_GPL(hmac_sha256_init_usingrawkey);
+DEFINE_CRYPTO_API(hmac_sha256_init_usingrawkey);
static void __hmac_sha256_final(struct __hmac_sha256_ctx *ctx,
u8 *out, size_t digest_size)
@@ -357,21 +357,21 @@ static void __hmac_sha256_final(struct __hmac_sha256_ctx *ctx,
memzero_explicit(ctx, sizeof(*ctx));
}
-void hmac_sha224_final(struct hmac_sha224_ctx *ctx,
+void CRYPTO_API(hmac_sha224_final)(struct hmac_sha224_ctx *ctx,
u8 out[SHA224_DIGEST_SIZE])
{
__hmac_sha256_final(&ctx->ctx, out, SHA224_DIGEST_SIZE);
}
-EXPORT_SYMBOL_GPL(hmac_sha224_final);
+DEFINE_CRYPTO_API(hmac_sha224_final);
-void hmac_sha256_final(struct hmac_sha256_ctx *ctx,
+void CRYPTO_API(hmac_sha256_final)(struct hmac_sha256_ctx *ctx,
u8 out[SHA256_DIGEST_SIZE])
{
__hmac_sha256_final(&ctx->ctx, out, SHA256_DIGEST_SIZE);
}
-EXPORT_SYMBOL_GPL(hmac_sha256_final);
+DEFINE_CRYPTO_API(hmac_sha256_final);
-void hmac_sha224(const struct hmac_sha224_key *key,
+void CRYPTO_API(hmac_sha224)(const struct hmac_sha224_key *key,
const u8 *data, size_t data_len, u8 out[SHA224_DIGEST_SIZE])
{
struct hmac_sha224_ctx ctx;
@@ -380,9 +380,9 @@ void hmac_sha224(const struct hmac_sha224_key *key,
hmac_sha224_update(&ctx, data, data_len);
hmac_sha224_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(hmac_sha224);
+DEFINE_CRYPTO_API(hmac_sha224);
-void hmac_sha256(const struct hmac_sha256_key *key,
+void CRYPTO_API(hmac_sha256)(const struct hmac_sha256_key *key,
const u8 *data, size_t data_len, u8 out[SHA256_DIGEST_SIZE])
{
struct hmac_sha256_ctx ctx;
@@ -391,9 +391,9 @@ void hmac_sha256(const struct hmac_sha256_key *key,
hmac_sha256_update(&ctx, data, data_len);
hmac_sha256_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(hmac_sha256);
+DEFINE_CRYPTO_API(hmac_sha256);
-void hmac_sha224_usingrawkey(const u8 *raw_key, size_t raw_key_len,
+void CRYPTO_API(hmac_sha224_usingrawkey)(const u8 *raw_key, size_t raw_key_len,
const u8 *data, size_t data_len,
u8 out[SHA224_DIGEST_SIZE])
{
@@ -403,9 +403,9 @@ void hmac_sha224_usingrawkey(const u8 *raw_key, size_t raw_key_len,
hmac_sha224_update(&ctx, data, data_len);
hmac_sha224_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(hmac_sha224_usingrawkey);
+DEFINE_CRYPTO_API(hmac_sha224_usingrawkey);
-void hmac_sha256_usingrawkey(const u8 *raw_key, size_t raw_key_len,
+void CRYPTO_API(hmac_sha256_usingrawkey)(const u8 *raw_key, size_t raw_key_len,
const u8 *data, size_t data_len,
u8 out[SHA256_DIGEST_SIZE])
{
@@ -415,7 +415,7 @@ void hmac_sha256_usingrawkey(const u8 *raw_key, size_t raw_key_len,
hmac_sha256_update(&ctx, data, data_len);
hmac_sha256_final(&ctx, out);
}
-EXPORT_SYMBOL_GPL(hmac_sha256_usingrawkey);
+DEFINE_CRYPTO_API(hmac_sha256_usingrawkey);
#endif /* !__DISABLE_EXPORTS */
#ifdef sha256_mod_init_arch
@@ -424,12 +424,12 @@ static int __init sha256_mod_init(void)
sha256_mod_init_arch();
return 0;
}
-subsys_initcall(sha256_mod_init);
+crypto_subsys_initcall(sha256_mod_init);
static void __exit sha256_mod_exit(void)
{
}
-module_exit(sha256_mod_exit);
+crypto_module_exit(sha256_mod_exit);
#endif
MODULE_DESCRIPTION("SHA-224, SHA-256, HMAC-SHA224, and HMAC-SHA256 library functions");
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 024/104] crypto: fips140: convert lib/crypto/gf128mul.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_LIB_GF128MUL --source lib/crypto/gf128mul.c --header include/crypto/gf128mul.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/fips140-api.c | 17 +++++++++++++++++
include/crypto/gf128mul.h | 29 ++++++++++++++++++++++-------
lib/crypto/gf128mul.c | 28 ++++++++++++++--------------
3 files changed, 53 insertions(+), 21 deletions(-)
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 4924b11ec592..6c29b46631e4 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -32,3 +32,20 @@ DEFINE_CRYPTO_API_STUB(aesgcm_decrypt);
#endif
+/*
+ * lib/crypto/gf128mul.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_LIB_GF128MUL)
+
+#include <crypto/gf128mul.h>
+
+DEFINE_CRYPTO_API_STUB(gf128mul_lle);
+DEFINE_CRYPTO_API_STUB(gf128mul_init_4k_lle);
+DEFINE_CRYPTO_API_STUB(gf128mul_4k_lle);
+DEFINE_CRYPTO_API_STUB(gf128mul_x8_ble);
+DEFINE_CRYPTO_API_STUB(gf128mul_init_64k_bbe);
+DEFINE_CRYPTO_API_STUB(gf128mul_free_64k);
+DEFINE_CRYPTO_API_STUB(gf128mul_64k_bbe);
+
+#endif
+
diff --git a/include/crypto/gf128mul.h b/include/crypto/gf128mul.h
index b0853f7cada0..9367a2234fc4 100644
--- a/include/crypto/gf128mul.h
+++ b/include/crypto/gf128mul.h
@@ -49,6 +49,7 @@
#ifndef _CRYPTO_GF128MUL_H
#define _CRYPTO_GF128MUL_H
+#include <crypto/api.h>
#include <asm/byteorder.h>
#include <crypto/b128ops.h>
#include <linux/slab.h>
@@ -160,7 +161,9 @@
/* A slow generic version of gf_mul, implemented for lle
* It multiplies a and b and puts the result in a */
-void gf128mul_lle(be128 *a, const be128 *b);
+DECLARE_CRYPTO_API(gf128mul_lle, void,
+ (be128 *a, const be128 *b),
+ (a, b));
/*
* The following functions multiply a field element by x in
@@ -221,9 +224,15 @@ struct gf128mul_4k {
be128 t[256];
};
-struct gf128mul_4k *gf128mul_init_4k_lle(const be128 *g);
-void gf128mul_4k_lle(be128 *a, const struct gf128mul_4k *t);
-void gf128mul_x8_ble(le128 *r, const le128 *x);
+DECLARE_CRYPTO_API(gf128mul_init_4k_lle, struct gf128mul_4k *,
+ (const be128 *g),
+ (g));
+DECLARE_CRYPTO_API(gf128mul_4k_lle, void,
+ (be128 *a, const struct gf128mul_4k *t),
+ (a, t));
+DECLARE_CRYPTO_API(gf128mul_x8_ble, void,
+ (le128 *r, const le128 *x),
+ (r, x));
static inline void gf128mul_free_4k(struct gf128mul_4k *t)
{
kfree_sensitive(t);
@@ -241,8 +250,14 @@ struct gf128mul_64k {
* factor in the first argument, and the table in the second.
* Afterwards, the result is stored in *a.
*/
-struct gf128mul_64k *gf128mul_init_64k_bbe(const be128 *g);
-void gf128mul_free_64k(struct gf128mul_64k *t);
-void gf128mul_64k_bbe(be128 *a, const struct gf128mul_64k *t);
+DECLARE_CRYPTO_API(gf128mul_init_64k_bbe, struct gf128mul_64k *,
+ (const be128 *g),
+ (g));
+DECLARE_CRYPTO_API(gf128mul_free_64k, void,
+ (struct gf128mul_64k *t),
+ (t));
+DECLARE_CRYPTO_API(gf128mul_64k_bbe, void,
+ (be128 *a, const struct gf128mul_64k *t),
+ (a, t));
#endif /* _CRYPTO_GF128MUL_H */
diff --git a/lib/crypto/gf128mul.c b/lib/crypto/gf128mul.c
index 2a34590fe3f1..15698c82f0d8 100644
--- a/lib/crypto/gf128mul.c
+++ b/lib/crypto/gf128mul.c
@@ -168,7 +168,7 @@ static void gf128mul_x8_bbe(be128 *x)
x->b = cpu_to_be64((b << 8) ^ _tt);
}
-void gf128mul_x8_ble(le128 *r, const le128 *x)
+void CRYPTO_API(gf128mul_x8_ble)(le128 *r, const le128 *x)
{
u64 a = le64_to_cpu(x->a);
u64 b = le64_to_cpu(x->b);
@@ -177,9 +177,9 @@ void gf128mul_x8_ble(le128 *r, const le128 *x)
r->a = cpu_to_le64((a << 8) | (b >> 56));
r->b = cpu_to_le64((b << 8) ^ _tt);
}
-EXPORT_SYMBOL(gf128mul_x8_ble);
+DEFINE_CRYPTO_API(gf128mul_x8_ble);
-void gf128mul_lle(be128 *r, const be128 *b)
+void CRYPTO_API(gf128mul_lle)(be128 *r, const be128 *b)
{
/*
* The p array should be aligned to twice the size of its element type,
@@ -224,7 +224,7 @@ void gf128mul_lle(be128 *r, const be128 *b)
gf128mul_x8_lle_ti(r); /* use the time invariant version */
}
}
-EXPORT_SYMBOL(gf128mul_lle);
+DEFINE_CRYPTO_API(gf128mul_lle);
/* This version uses 64k bytes of table space.
A 16 byte buffer has to be multiplied by a 16 byte key
@@ -240,7 +240,7 @@ EXPORT_SYMBOL(gf128mul_lle);
* t[1][BYTE] contains g*x^8*BYTE
* ..
* t[15][BYTE] contains g*x^120*BYTE */
-struct gf128mul_64k *gf128mul_init_64k_bbe(const be128 *g)
+struct gf128mul_64k *CRYPTO_API(gf128mul_init_64k_bbe)(const be128 *g)
{
struct gf128mul_64k *t;
int i, j, k;
@@ -280,9 +280,9 @@ struct gf128mul_64k *gf128mul_init_64k_bbe(const be128 *g)
out:
return t;
}
-EXPORT_SYMBOL(gf128mul_init_64k_bbe);
+DEFINE_CRYPTO_API(gf128mul_init_64k_bbe);
-void gf128mul_free_64k(struct gf128mul_64k *t)
+void CRYPTO_API(gf128mul_free_64k)(struct gf128mul_64k *t)
{
int i;
@@ -290,9 +290,9 @@ void gf128mul_free_64k(struct gf128mul_64k *t)
kfree_sensitive(t->t[i]);
kfree_sensitive(t);
}
-EXPORT_SYMBOL(gf128mul_free_64k);
+DEFINE_CRYPTO_API(gf128mul_free_64k);
-void gf128mul_64k_bbe(be128 *a, const struct gf128mul_64k *t)
+void CRYPTO_API(gf128mul_64k_bbe)(be128 *a, const struct gf128mul_64k *t)
{
u8 *ap = (u8 *)a;
be128 r[1];
@@ -303,7 +303,7 @@ void gf128mul_64k_bbe(be128 *a, const struct gf128mul_64k *t)
be128_xor(r, r, &t->t[i]->t[ap[15 - i]]);
*a = *r;
}
-EXPORT_SYMBOL(gf128mul_64k_bbe);
+DEFINE_CRYPTO_API(gf128mul_64k_bbe);
/* This version uses 4k bytes of table space.
A 16 byte buffer has to be multiplied by a 16 byte key
@@ -321,7 +321,7 @@ EXPORT_SYMBOL(gf128mul_64k_bbe);
lower byte in the buffer, stopping when we reach the
lowest byte. This requires a 4096 byte table.
*/
-struct gf128mul_4k *gf128mul_init_4k_lle(const be128 *g)
+struct gf128mul_4k *CRYPTO_API(gf128mul_init_4k_lle)(const be128 *g)
{
struct gf128mul_4k *t;
int j, k;
@@ -341,9 +341,9 @@ struct gf128mul_4k *gf128mul_init_4k_lle(const be128 *g)
out:
return t;
}
-EXPORT_SYMBOL(gf128mul_init_4k_lle);
+DEFINE_CRYPTO_API(gf128mul_init_4k_lle);
-void gf128mul_4k_lle(be128 *a, const struct gf128mul_4k *t)
+void CRYPTO_API(gf128mul_4k_lle)(be128 *a, const struct gf128mul_4k *t)
{
u8 *ap = (u8 *)a;
be128 r[1];
@@ -356,7 +356,7 @@ void gf128mul_4k_lle(be128 *a, const struct gf128mul_4k *t)
}
*a = *r;
}
-EXPORT_SYMBOL(gf128mul_4k_lle);
+DEFINE_CRYPTO_API(gf128mul_4k_lle);
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Functions for multiplying elements of GF(2^128)");
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 023/104] crypto: fips140: convert lib/crypto/aesgcm.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_LIB_AESGCM --source lib/crypto/aesgcm.c --header include/crypto/gcm.h
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/fips140-api.c | 13 +++++++++++++
include/crypto/gcm.h | 19 ++++++++++---------
lib/crypto/aesgcm.c | 16 ++++++++--------
3 files changed, 31 insertions(+), 17 deletions(-)
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
index 029d06763f5a..4924b11ec592 100644
--- a/crypto/fips140-api.c
+++ b/crypto/fips140-api.c
@@ -19,3 +19,16 @@ DEFINE_CRYPTO_API_STUB(aes_decrypt);
#endif
+/*
+ * lib/crypto/aesgcm.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_LIB_AESGCM)
+
+#include <crypto/gcm.h>
+
+DEFINE_CRYPTO_API_STUB(aesgcm_expandkey);
+DEFINE_CRYPTO_API_STUB(aesgcm_encrypt);
+DEFINE_CRYPTO_API_STUB(aesgcm_decrypt);
+
+#endif
+
diff --git a/include/crypto/gcm.h b/include/crypto/gcm.h
index fd9df607a836..7275507b3689 100644
--- a/include/crypto/gcm.h
+++ b/include/crypto/gcm.h
@@ -1,6 +1,7 @@
#ifndef _CRYPTO_GCM_H
#define _CRYPTO_GCM_H
+#include <crypto/api.h>
#include <linux/errno.h>
#include <crypto/aes.h>
@@ -70,16 +71,16 @@ struct aesgcm_ctx {
unsigned int authsize;
};
-int aesgcm_expandkey(struct aesgcm_ctx *ctx, const u8 *key,
- unsigned int keysize, unsigned int authsize);
+DECLARE_CRYPTO_API(aesgcm_expandkey, int,
+ (struct aesgcm_ctx *ctx, const u8 *key, unsigned int keysize, unsigned int authsize),
+ (ctx, key, keysize, authsize));
-void aesgcm_encrypt(const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src,
- int crypt_len, const u8 *assoc, int assoc_len,
- const u8 iv[GCM_AES_IV_SIZE], u8 *authtag);
+DECLARE_CRYPTO_API(aesgcm_encrypt, void,
+ (const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src, int crypt_len, const u8 *assoc, int assoc_len, const u8 iv[GCM_AES_IV_SIZE], u8 *authtag),
+ (ctx, dst, src, crypt_len, assoc, assoc_len, iv, authtag));
-bool __must_check aesgcm_decrypt(const struct aesgcm_ctx *ctx, u8 *dst,
- const u8 *src, int crypt_len, const u8 *assoc,
- int assoc_len, const u8 iv[GCM_AES_IV_SIZE],
- const u8 *authtag);
+DECLARE_CRYPTO_API(aesgcm_decrypt, bool __must_check,
+ (const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src, int crypt_len, const u8 *assoc, int assoc_len, const u8 iv[GCM_AES_IV_SIZE], const u8 *authtag),
+ (ctx, dst, src, crypt_len, assoc, assoc_len, iv, authtag));
#endif
diff --git a/lib/crypto/aesgcm.c b/lib/crypto/aesgcm.c
index ac0b2fcfd606..1fe4333c0335 100644
--- a/lib/crypto/aesgcm.c
+++ b/lib/crypto/aesgcm.c
@@ -42,7 +42,7 @@ static void aesgcm_encrypt_block(const struct crypto_aes_ctx *ctx, void *dst,
* Returns: 0 on success, or -EINVAL if @keysize or @authsize contain values
* that are not permitted by the GCM specification.
*/
-int aesgcm_expandkey(struct aesgcm_ctx *ctx, const u8 *key,
+int CRYPTO_API(aesgcm_expandkey)(struct aesgcm_ctx *ctx, const u8 *key,
unsigned int keysize, unsigned int authsize)
{
u8 kin[AES_BLOCK_SIZE] = {};
@@ -58,7 +58,7 @@ int aesgcm_expandkey(struct aesgcm_ctx *ctx, const u8 *key,
return 0;
}
-EXPORT_SYMBOL(aesgcm_expandkey);
+DEFINE_CRYPTO_API(aesgcm_expandkey);
static void aesgcm_ghash(be128 *ghash, const be128 *key, const void *src,
int len)
@@ -144,7 +144,7 @@ static void aesgcm_crypt(const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src,
* tag should be stored. The buffer is assumed to have space for
* @ctx->authsize bytes.
*/
-void aesgcm_encrypt(const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src,
+void CRYPTO_API(aesgcm_encrypt)(const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src,
int crypt_len, const u8 *assoc, int assoc_len,
const u8 iv[GCM_AES_IV_SIZE], u8 *authtag)
{
@@ -155,7 +155,7 @@ void aesgcm_encrypt(const struct aesgcm_ctx *ctx, u8 *dst, const u8 *src,
aesgcm_crypt(ctx, dst, src, crypt_len, ctr);
aesgcm_mac(ctx, dst, crypt_len, assoc, assoc_len, ctr, authtag);
}
-EXPORT_SYMBOL(aesgcm_encrypt);
+DEFINE_CRYPTO_API(aesgcm_encrypt);
/**
* aesgcm_decrypt - Perform AES-GCM decryption on a block of data
@@ -174,7 +174,7 @@ EXPORT_SYMBOL(aesgcm_encrypt);
* Returns: true on success, or false if the ciphertext failed authentication.
* On failure, no plaintext will be returned.
*/
-bool __must_check aesgcm_decrypt(const struct aesgcm_ctx *ctx, u8 *dst,
+bool __must_check CRYPTO_API(aesgcm_decrypt)(const struct aesgcm_ctx *ctx, u8 *dst,
const u8 *src, int crypt_len, const u8 *assoc,
int assoc_len, const u8 iv[GCM_AES_IV_SIZE],
const u8 *authtag)
@@ -192,7 +192,7 @@ bool __must_check aesgcm_decrypt(const struct aesgcm_ctx *ctx, u8 *dst,
aesgcm_crypt(ctx, dst, src, crypt_len, ctr);
return true;
}
-EXPORT_SYMBOL(aesgcm_decrypt);
+DEFINE_CRYPTO_API(aesgcm_decrypt);
MODULE_DESCRIPTION("Generic AES-GCM library");
MODULE_AUTHOR("Ard Biesheuvel <ardb@kernel.org>");
@@ -730,10 +730,10 @@ static int __init libaesgcm_init(void)
}
return 0;
}
-module_init(libaesgcm_init);
+crypto_module_init(libaesgcm_init);
static void __exit libaesgcm_exit(void)
{
}
-module_exit(libaesgcm_exit);
+crypto_module_exit(libaesgcm_exit);
#endif
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 022/104] crypto: fips140: convert lib/crypto/aes.c to using crypto API wrappers
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use CRYPTO_API() etc. from include/crypto/api.h in preparation for
compilation as part of support for FIPS 140 standalone modules.
Generated using:
./fipsify.py --config CONFIG_CRYPTO_LIB_AES --source lib/crypto/aes.c --header include/crypto/aes.h --vars crypto_aes_sbox crypto_aes_inv_sbox
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/fips140-api.c | 21 +++++++++++++++++++++
include/crypto/aes.h | 14 ++++++++++----
lib/crypto/aes.c | 12 ++++++------
3 files changed, 37 insertions(+), 10 deletions(-)
create mode 100644 crypto/fips140-api.c
diff --git a/crypto/fips140-api.c b/crypto/fips140-api.c
new file mode 100644
index 000000000000..029d06763f5a
--- /dev/null
+++ b/crypto/fips140-api.c
@@ -0,0 +1,21 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+
+/*
+ * Define static call keys for any functions which are part of the crypto
+ * API and used by the standalone FIPS module but which are not built into
+ * vmlinux.
+ */
+
+/*
+ * lib/crypto/aes.c
+ */
+#if !IS_BUILTIN(CONFIG_CRYPTO_LIB_AES)
+
+#include <crypto/aes.h>
+
+DEFINE_CRYPTO_API_STUB(aes_expandkey);
+DEFINE_CRYPTO_API_STUB(aes_encrypt);
+DEFINE_CRYPTO_API_STUB(aes_decrypt);
+
+#endif
+
diff --git a/include/crypto/aes.h b/include/crypto/aes.h
index 9339da7c20a8..a72621f552d8 100644
--- a/include/crypto/aes.h
+++ b/include/crypto/aes.h
@@ -6,6 +6,7 @@
#ifndef _CRYPTO_AES_H
#define _CRYPTO_AES_H
+#include <crypto/api.h>
#include <linux/types.h>
#include <linux/crypto.h>
@@ -65,8 +66,9 @@ int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
* described in FIPS-197. The first slot (16 bytes) of each key (enc or dec) is
* for the initial combination, the second slot for the first round and so on.
*/
-int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,
- unsigned int key_len);
+DECLARE_CRYPTO_API(aes_expandkey, int,
+ (struct crypto_aes_ctx *ctx, const u8 *in_key, unsigned int key_len),
+ (ctx, in_key, key_len));
/**
* aes_encrypt - Encrypt a single AES block
@@ -74,7 +76,9 @@ int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,
* @out: Buffer to store the ciphertext
* @in: Buffer containing the plaintext
*/
-void aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in);
+DECLARE_CRYPTO_API(aes_encrypt, void,
+ (const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in),
+ (ctx, out, in));
/**
* aes_decrypt - Decrypt a single AES block
@@ -82,7 +86,9 @@ void aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in);
* @out: Buffer to store the plaintext
* @in: Buffer containing the ciphertext
*/
-void aes_decrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in);
+DECLARE_CRYPTO_API(aes_decrypt, void,
+ (const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in),
+ (ctx, out, in));
extern const u8 crypto_aes_sbox[];
extern const u8 crypto_aes_inv_sbox[];
diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index b57fda3460f1..ece5ce36a305 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -183,7 +183,7 @@ static u32 subw(u32 in)
* described in FIPS-197. The first slot (16 bytes) of each key (enc or dec) is
* for the initial combination, the second slot for the first round and so on.
*/
-int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,
+int CRYPTO_API(aes_expandkey)(struct crypto_aes_ctx *ctx, const u8 *in_key,
unsigned int key_len)
{
u32 kwords = key_len / sizeof(u32);
@@ -248,7 +248,7 @@ int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,
return 0;
}
-EXPORT_SYMBOL(aes_expandkey);
+DEFINE_CRYPTO_API(aes_expandkey);
/**
* aes_encrypt - Encrypt a single AES block
@@ -256,7 +256,7 @@ EXPORT_SYMBOL(aes_expandkey);
* @out: Buffer to store the ciphertext
* @in: Buffer containing the plaintext
*/
-void aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
+void CRYPTO_API(aes_encrypt)(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
{
const u32 *rkp = ctx->key_enc + 4;
int rounds = 6 + ctx->key_length / 4;
@@ -299,7 +299,7 @@ void aes_encrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
put_unaligned_le32(subshift(st1, 2) ^ rkp[6], out + 8);
put_unaligned_le32(subshift(st1, 3) ^ rkp[7], out + 12);
}
-EXPORT_SYMBOL(aes_encrypt);
+DEFINE_CRYPTO_API(aes_encrypt);
/**
* aes_decrypt - Decrypt a single AES block
@@ -307,7 +307,7 @@ EXPORT_SYMBOL(aes_encrypt);
* @out: Buffer to store the plaintext
* @in: Buffer containing the ciphertext
*/
-void aes_decrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
+void CRYPTO_API(aes_decrypt)(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
{
const u32 *rkp = ctx->key_dec + 4;
int rounds = 6 + ctx->key_length / 4;
@@ -350,7 +350,7 @@ void aes_decrypt(const struct crypto_aes_ctx *ctx, u8 *out, const u8 *in)
put_unaligned_le32(inv_subshift(st1, 2) ^ rkp[6], out + 8);
put_unaligned_le32(inv_subshift(st1, 3) ^ rkp[7], out + 12);
}
-EXPORT_SYMBOL(aes_decrypt);
+DEFINE_CRYPTO_API(aes_decrypt);
MODULE_DESCRIPTION("Generic AES library");
MODULE_AUTHOR("Ard Biesheuvel <ard.biesheuvel@linaro.org>");
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 021/104] crypto: fips140: include crypto/api.h in a few places
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
This is preparatory for the subsequent patches which mostly manage to
add in the necessary includes automatically but will miss these files.
I could have chosen to squash this into those commits, but it's nicer
not to mix manual changes with scripted changes.
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/asymmetric_keys/pkcs7_key_type.c | 1 +
include/crypto/dh.h | 2 ++
include/crypto/ecdh.h | 2 ++
3 files changed, 5 insertions(+)
diff --git a/crypto/asymmetric_keys/pkcs7_key_type.c b/crypto/asymmetric_keys/pkcs7_key_type.c
index b930d3bbf1af..e71be8b5b0f2 100644
--- a/crypto/asymmetric_keys/pkcs7_key_type.c
+++ b/crypto/asymmetric_keys/pkcs7_key_type.c
@@ -6,6 +6,7 @@
*/
#define pr_fmt(fmt) "PKCS7key: "fmt
+#include <crypto/api.h>
#include <linux/key.h>
#include <linux/err.h>
#include <linux/module.h>
diff --git a/include/crypto/dh.h b/include/crypto/dh.h
index 7b863e911cb4..b5891c21cfe0 100644
--- a/include/crypto/dh.h
+++ b/include/crypto/dh.h
@@ -8,6 +8,8 @@
#ifndef _CRYPTO_DH_
#define _CRYPTO_DH_
+#include <crypto/api.h>
+
/**
* DOC: DH Helper Functions
*
diff --git a/include/crypto/ecdh.h b/include/crypto/ecdh.h
index 9784ecdd2fb4..aa09f880c0d3 100644
--- a/include/crypto/ecdh.h
+++ b/include/crypto/ecdh.h
@@ -8,6 +8,8 @@
#ifndef _CRYPTO_ECDH_
#define _CRYPTO_ECDH_
+#include <crypto/api.h>
+
/**
* DOC: ECDH Helper Functions
*
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 020/104] module: add a mechanism for pluggable crypto APIs
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
For FIPS certification of a standalone FIPS module we need to be able
to switch out the entire kernel crypto API during boot (if booting with
fips=1 on the kernel command line).
This is not easy, as it requires all users/callers of the crypto API
to be updated.
We've settled on using the "static call" functionality for this.
Benefits include no speculative attack gadgets and no performance impact
from indirect calls.
The way it works is that all exported crypto API functions need to be
annotated with DECLARE_CRYPTO_API() in headers and DEFINE_CRYPTO_API()
in the implementations. This will essentially allocate a static call key
for the given function and a static inline wrapper with the actual
static call itself -- any references to the crypto API functions will be
dynamically patched when the FIPS module is enabled.
The static calls are recorded in a new ELF section, __crypto_api_keys,
and are automatically updated when a module providing their targets is
loaded.
The macro FIPS_MODULE is not yet defined anywhere, but will be defined
in a future patch for any code compiled as part of the FIPS module.
Also define wrappers for things like module_init() so that we can record
these in .fips_initcall and link what would usually be a bunch of
modules together without running into errors because the resulting
module has more than one init function.
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/Kconfig | 16 ++++
include/asm-generic/vmlinux.lds.h | 1 +
include/crypto/api.h | 154 ++++++++++++++++++++++++++++++
kernel/module/main.c | 26 ++++-
4 files changed, 195 insertions(+), 2 deletions(-)
create mode 100644 include/crypto/api.h
diff --git a/crypto/Kconfig b/crypto/Kconfig
index 23bd98981ae8..a2696ea30bde 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -54,6 +54,22 @@ config CRYPTO_FIPS_VERSION
This option provides the ability to override the FIPS Module Version.
By default the KERNELRELEASE value is used.
+config CRYPTO_FIPS140_EXTMOD
+ bool "FIPS 140-3 external module"
+ depends on CRYPTO_FIPS
+ help
+ Support loading a prebuilt FIPS 140-3 cryptographic module.
+
+config CRYPTO_FIPS140_HMAC_KEY
+ string "FIPS 140-3 external module HMAC key"
+ depends on CRYPTO_FIPS140_EXTMOD
+ default "Sphinx of black quartz, judge my vow"
+ help
+ This is the HMAC key used to build and verify the integrity of
+ the FIPS module.
+
+ Must be at least 14 characters.
+
config CRYPTO_ALGAPI
tristate
select CRYPTO_ALGAPI2
diff --git a/include/asm-generic/vmlinux.lds.h b/include/asm-generic/vmlinux.lds.h
index ae2d2359b79e..1881d9b6b3ae 100644
--- a/include/asm-generic/vmlinux.lds.h
+++ b/include/asm-generic/vmlinux.lds.h
@@ -707,6 +707,7 @@ defined(CONFIG_AUTOFDO_CLANG) || defined(CONFIG_PROPELLER_CLANG)
KERNEL_CTORS() \
MCOUNT_REC() \
*(.init.rodata .init.rodata.*) \
+ BOUNDED_SECTION(__crypto_api_keys) \
FTRACE_EVENTS() \
TRACE_SYSCALLS() \
KPROBE_BLACKLIST() \
diff --git a/include/crypto/api.h b/include/crypto/api.h
new file mode 100644
index 000000000000..cda29e71ebef
--- /dev/null
+++ b/include/crypto/api.h
@@ -0,0 +1,154 @@
+#ifndef _CRYPTO_API_H
+#define _CRYPTO_API_H
+
+#include <linux/static_call.h>
+
+#if !defined(CONFIG_CRYPTO_FIPS140_EXTMOD)
+
+#define CRYPTO_API(name) name
+
+/*
+ * These are the definitions that get used when no standalone FIPS module
+ * is used: we simply forward everything to normal functions and function
+ * calls.
+ */
+
+#define DECLARE_CRYPTO_API(name, ret_type, args_decl, args_call) \
+ ret_type name args_decl;
+
+#define DEFINE_CRYPTO_API(name) \
+ EXPORT_SYMBOL_GPL(name)
+
+#define crypto_module_init(fn) module_init(fn)
+#define crypto_module_exit(fn) module_exit(fn)
+
+#define crypto_arch_initcall(fn) arch_initcall(fn)
+#define crypto_subsys_initcall(fn) subsys_initcall(fn)
+#define crypto_late_initcall(fn) late_initcall(fn)
+
+#define CRYPTO_MODULE_DEVICE_TABLE(type, name) MODULE_DEVICE_TABLE(type, name)
+
+#define crypto_module_cpu_feature_match(x, __initfunc) \
+ module_cpu_feature_match(x, __initfunc)
+
+#else
+
+struct crypto_api_key {
+ struct static_call_key *key;
+ void *tramp;
+ void *func;
+};
+
+#ifndef FIPS_MODULE
+
+/*
+ * These are the definitions that get used for vmlinux and in-tree
+ * kernel modules.
+ *
+ * In this case, all references to the kernel crypto API functions will
+ * be replaced by wrappers that perform a call using the kernel's static_call
+ * functionality.
+ */
+
+#define CRYPTO_API(name) nonfips_##name
+
+/* Consolidated version of different DECLARE_CRYPTO_API versions */
+#define DECLARE_CRYPTO_API(name, ret_type, args_decl, args_call) \
+ ret_type nonfips_##name args_decl; \
+ DECLARE_STATIC_CALL(crypto_##name##_key, nonfips_##name); \
+ static inline ret_type name args_decl \
+ { \
+ return static_call(crypto_##name##_key) args_call; \
+ }
+
+#define DEFINE_CRYPTO_API(name) \
+ DEFINE_STATIC_CALL(crypto_##name##_key, nonfips_##name); \
+ EXPORT_STATIC_CALL(crypto_##name##_key)
+
+#define DEFINE_CRYPTO_API_STUB(name) \
+ DEFINE_STATIC_CALL_NULL(crypto_##name##_key, name); \
+ EXPORT_STATIC_CALL(crypto_##name##_key)
+
+#define crypto_module_init(fn) module_init(fn)
+#define crypto_module_exit(fn) module_exit(fn)
+
+#define crypto_arch_initcall(fn) arch_initcall(fn)
+#define crypto_subsys_initcall(fn) subsys_initcall(fn)
+#define crypto_late_initcall(fn) late_initcall(fn)
+
+#define CRYPTO_MODULE_DEVICE_TABLE(type, name) MODULE_DEVICE_TABLE(type, name)
+
+#define crypto_module_cpu_feature_match(x, __initfunc) \
+ module_cpu_feature_match(x, __initfunc)
+
+#else /* defined(FIPS_MODULE) */
+
+/*
+ * These are the definitions that get used for the FIPS module and
+ * its kernel modules.
+ *
+ * In this case, all crypto API functions resolve directly to their
+ * implementations, since they are all part of the FIPS module.
+ *
+ * We still need to declare the static call keys so we can update
+ * them when the FIPS modules have all been loaded.
+ */
+
+#define CRYPTO_API(name) fips_##name
+
+/* Consolidated version of different DECLARE_CRYPTO_API versions */
+#define DECLARE_CRYPTO_API(name, ret_type, args_decl, args_call) \
+ ret_type fips_##name args_decl; \
+ DECLARE_STATIC_CALL(crypto_##name##_key, fips_##name); \
+ static inline ret_type name args_decl \
+ { \
+ return fips_##name args_call; \
+ }
+
+/*
+ * Create an entry for the static call key so we can initialize it
+ * in the FIPS module.
+ */
+// TODO: make this const initdata, probably
+#define DEFINE_CRYPTO_API(name) \
+ EXPORT_SYMBOL_GPL(fips_##name); \
+ static struct crypto_api_key __##name##_key \
+ __used \
+ __section("__crypto_api_keys") \
+ __aligned(__alignof__(struct crypto_api_key)) = \
+ { \
+ .key = &STATIC_CALL_KEY(crypto_##name##_key), \
+ .tramp = STATIC_CALL_TRAMP_ADDR(crypto_##name##_key), \
+ .func = &fips_##name, \
+ };
+
+#define crypto_module_init(fn) \
+ static unsigned long __used __section(".fips_initcall") \
+ __fips_##fn = (unsigned long) &fn;
+#define crypto_module_exit(fn) \
+ static unsigned long __used __section(".fips_exitcall") \
+ __fips_##fn = (unsigned long) &fn;
+
+#define crypto_arch_initcall(fn) crypto_module_init(fn)
+#define crypto_subsys_initcall(fn) crypto_module_init(fn)
+#define crypto_late_initcall(fn) crypto_module_init(fn)
+
+/*
+ * We don't need to emit device tables or module aliases for the FIPS module,
+ * since it will all be loaded at once anyway.
+ */
+#define CRYPTO_MODULE_DEVICE_TABLE(type, name)
+
+#define crypto_module_cpu_feature_match(x, __initfunc) \
+static int __init cpu_feature_match_ ## x ## _init(void) \
+{ \
+ if (!cpu_have_feature(cpu_feature(x))) \
+ return -ENODEV; \
+ return __initfunc(); \
+} \
+crypto_module_init(cpu_feature_match_ ## x ## _init)
+
+#endif /* defined(FIPS_MODULE) */
+#endif /* defined(CONFIG_CRYPTO_FIPS140_EXTMOD) */
+
+#endif /* !_CRYPTO_API_H */
diff --git a/kernel/module/main.c b/kernel/module/main.c
index 12ce4bad29ca..19a03c8659e2 100644
--- a/kernel/module/main.c
+++ b/kernel/module/main.c
@@ -7,6 +7,7 @@
#define INCLUDE_VERMAGIC
+#include <crypto/api.h>
#include <linux/export.h>
#include <linux/extable.h>
#include <linux/moduleloader.h>
@@ -2956,6 +2957,24 @@ static int post_relocation(struct module *mod, const struct load_info *info)
return module_finalize(info->hdr, info->sechdrs, mod);
}
+static void do_crypto_api(struct load_info *info)
+{
+#ifdef CONFIG_CRYPTO_FIPS140_EXTMOD
+ struct crypto_api_key *crypto_api_keys;
+ unsigned int num_crypto_api_keys;
+
+ unsigned int i;
+
+ crypto_api_keys = section_objs(info, "__crypto_api_keys",
+ sizeof(*crypto_api_keys), &num_crypto_api_keys);
+
+ for (i = 0; i < num_crypto_api_keys; ++i) {
+ struct crypto_api_key *key = &crypto_api_keys[i];
+ __static_call_update(key->key, key->tramp, key->func);
+ }
+#endif
+}
+
/* Call module constructors. */
static void do_mod_ctors(struct module *mod)
{
@@ -3010,7 +3029,7 @@ module_param(async_probe, bool, 0644);
* Keep it uninlined to provide a reliable breakpoint target, e.g. for the gdb
* helper command 'lx-symbols'.
*/
-static noinline int do_init_module(struct module *mod, int flags)
+static noinline int do_init_module(struct load_info *info, struct module *mod, int flags)
{
int ret = 0;
struct mod_initfree *freeinit;
@@ -3036,6 +3055,9 @@ static noinline int do_init_module(struct module *mod, int flags)
freeinit->init_data = mod->mem[MOD_INIT_DATA].base;
freeinit->init_rodata = mod->mem[MOD_INIT_RODATA].base;
+ if (flags & MODULE_INIT_MEM)
+ do_crypto_api(info);
+
do_mod_ctors(mod);
/* Start the module */
if (mod->init != NULL)
@@ -3498,7 +3520,7 @@ static int _load_module(struct load_info *info, const char __user *uargs,
/* Done! */
trace_module_load(mod);
- return do_init_module(mod, flags);
+ return do_init_module(info, mod, flags);
sysfs_cleanup:
mod_sysfs_teardown(mod);
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 019/104] module: add load_module_mem() helper
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum,
Saeed Mirzamohammadi
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Add a new helper function, load_module_mem(), which can load a kernel
module from a byte array in memory.
Also add a new module loader flag, MODULE_INIT_MEM, signalling that a
module was loaded in this way.
When a module is loaded with load_module_mem(), we do a few things
differently:
- don't do signature verification
- ignore vermagic
- don't taint the kernel
- keep the initial reference to the module until the caller wants to
drop it
These changes are necessary for having a bundled (but separately
compiled) FIPS module.
We may want to let distros carry patches to disable tainting separately
so this information is not lost in case somebody builds a non-distro
kernel using a FIPS module compiled for an incompatible version.
Co-developed-by: Saeed Mirzamohammadi <saeed.mirzamohammadi@oracle.com>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
include/linux/module.h | 2 +
include/uapi/linux/module.h | 5 ++
kernel/module/main.c | 99 ++++++++++++++++++++++++++-----------
3 files changed, 77 insertions(+), 29 deletions(-)
diff --git a/include/linux/module.h b/include/linux/module.h
index 3319a5269d28..00d85602fb6a 100644
--- a/include/linux/module.h
+++ b/include/linux/module.h
@@ -586,6 +586,8 @@ struct module {
#ifdef CONFIG_MODULES
+extern int load_module_mem(const char *mem, size_t size);
+
/* Get/put a kernel symbol (calls must be symmetric) */
void *__symbol_get(const char *symbol);
void *__symbol_get_gpl(const char *symbol);
diff --git a/include/uapi/linux/module.h b/include/uapi/linux/module.h
index 03a33ffffcba..5dcd24018be7 100644
--- a/include/uapi/linux/module.h
+++ b/include/uapi/linux/module.h
@@ -7,4 +7,9 @@
#define MODULE_INIT_IGNORE_VERMAGIC 2
#define MODULE_INIT_COMPRESSED_FILE 4
+#ifdef __KERNEL__
+/* Internal flags */
+#define MODULE_INIT_MEM 30
+#endif
+
#endif /* _UAPI_LINUX_MODULE_H */
diff --git a/kernel/module/main.c b/kernel/module/main.c
index c66b26184936..12ce4bad29ca 100644
--- a/kernel/module/main.c
+++ b/kernel/module/main.c
@@ -2572,11 +2572,14 @@ static void module_augment_kernel_taints(struct module *mod, struct load_info *i
static int check_modinfo(struct module *mod, struct load_info *info, int flags)
{
- const char *modmagic = get_modinfo(info, "vermagic");
+ const char *modmagic = NULL;
int err;
- if (flags & MODULE_INIT_IGNORE_VERMAGIC)
- modmagic = NULL;
+ if (flags & MODULE_INIT_MEM)
+ return 0;
+
+ if (!(flags & MODULE_INIT_IGNORE_VERMAGIC))
+ modmagic = get_modinfo(info, "vermagic");
/* This is allowed: modprobe --force will invalidate it. */
if (!modmagic) {
@@ -3007,7 +3010,7 @@ module_param(async_probe, bool, 0644);
* Keep it uninlined to provide a reliable breakpoint target, e.g. for the gdb
* helper command 'lx-symbols'.
*/
-static noinline int do_init_module(struct module *mod)
+static noinline int do_init_module(struct module *mod, int flags)
{
int ret = 0;
struct mod_initfree *freeinit;
@@ -3071,7 +3074,8 @@ static noinline int do_init_module(struct module *mod)
mod->mem[MOD_INIT_TEXT].base + mod->mem[MOD_INIT_TEXT].size);
mutex_lock(&module_mutex);
/* Drop initial reference. */
- module_put(mod);
+ if (!(flags & MODULE_INIT_MEM))
+ module_put(mod);
trim_init_extable(mod);
#ifdef CONFIG_KALLSYMS
/* Switch to core kallsyms now init is done: kallsyms may be walking! */
@@ -3347,31 +3351,17 @@ static int early_mod_check(struct load_info *info, int flags)
/*
* Allocate and load the module: note that size of section 0 is always
* zero, and we rely on this for optional sections.
+ *
+ * NOTE: module signature verification must have been done already.
*/
-static int load_module(struct load_info *info, const char __user *uargs,
- int flags)
+static int _load_module(struct load_info *info, const char __user *uargs,
+ int flags)
{
struct module *mod;
bool module_allocated = false;
long err = 0;
char *after_dashes;
- /*
- * Do the signature check (if any) first. All that
- * the signature check needs is info->len, it does
- * not need any of the section info. That can be
- * set up later. This will minimize the chances
- * of a corrupt module causing problems before
- * we even get to the signature check.
- *
- * The check will also adjust info->len by stripping
- * off the sig length at the end of the module, making
- * checks against info->len more correct.
- */
- err = module_sig_check(info, flags);
- if (err)
- goto free_copy;
-
/*
* Do basic sanity checks against the ELF header and
* sections. Cache useful sections and set the
@@ -3405,7 +3395,8 @@ static int load_module(struct load_info *info, const char __user *uargs,
* We are tainting your kernel if your module gets into
* the modules linked list somehow.
*/
- module_augment_kernel_taints(mod, info);
+ if (!(flags & MODULE_INIT_MEM))
+ module_augment_kernel_taints(mod, info);
/* To avoid stressing percpu allocator, do this once we're unique. */
err = percpu_modalloc(mod, info);
@@ -3452,7 +3443,11 @@ static int load_module(struct load_info *info, const char __user *uargs,
flush_module_icache(mod);
/* Now copy in args */
- mod->args = strndup_user(uargs, ~0UL >> 1);
+ if ((flags & MODULE_INIT_MEM))
+ mod->args = kstrdup("", GFP_KERNEL);
+ else
+ mod->args = strndup_user(uargs, ~0UL >> 1);
+
if (IS_ERR(mod->args)) {
err = PTR_ERR(mod->args);
goto free_arch_cleanup;
@@ -3500,13 +3495,10 @@ static int load_module(struct load_info *info, const char __user *uargs,
if (codetag_load_module(mod))
goto sysfs_cleanup;
- /* Get rid of temporary copy. */
- free_copy(info, flags);
-
/* Done! */
trace_module_load(mod);
- return do_init_module(mod);
+ return do_init_module(mod, flags);
sysfs_cleanup:
mod_sysfs_teardown(mod);
@@ -3562,7 +3554,52 @@ static int load_module(struct load_info *info, const char __user *uargs,
audit_log_kern_module(info->name ? info->name : "?");
mod_stat_bump_becoming(info, flags);
}
+ return err;
+}
+
+/*
+ * Load module from kernel memory without signature check.
+ */
+int load_module_mem(const char *mem, size_t size)
+{
+ int err;
+ struct load_info info = { };
+
+ info.sig_ok = true;
+ info.hdr = (Elf64_Ehdr *) mem;
+ info.len = size;
+
+ err = _load_module(&info, NULL, MODULE_INIT_MEM);
+ if (0)
+ free_copy(&info, 0);
+
+ return err;
+}
+
+static int load_module(struct load_info *info, const char __user *uargs,
+ int flags)
+{
+ int err;
+
+ /*
+ * Do the signature check (if any) first. All that
+ * the signature check needs is info->len, it does
+ * not need any of the section info. That can be
+ * set up later. This will minimize the chances
+ * of a corrupt module causing problems before
+ * we even get to the signature check.
+ *
+ * The check will also adjust info->len by stripping
+ * off the sig length at the end of the module, making
+ * checks against info->len more correct.
+ */
+ err = module_sig_check(info, flags);
+ if (!err)
+ err = _load_module(info, uargs, flags);
+
+ /* Get rid of temporary copy. */
free_copy(info, flags);
+
return err;
}
@@ -3728,6 +3765,10 @@ SYSCALL_DEFINE3(finit_module, int, fd, const char __user *, uargs, int, flags)
pr_debug("finit_module: fd=%d, uargs=%p, flags=%i\n", fd, uargs, flags);
+ /*
+ * Deliberately omitting MODULE_INIT_MEM as it is for internal use
+ * only.
+ */
if (flags & ~(MODULE_INIT_IGNORE_MODVERSIONS
|MODULE_INIT_IGNORE_VERMAGIC
|MODULE_INIT_COMPRESSED_FILE))
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 018/104] crypto: make sure crypto_alg_tested() finds the correct algorithm
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Like the previous commit, pass the algorithm by pointer instead of by
name in order to make sure we mark the algorithm that was actually
tested and not some other algorithm that has the same name.
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/algapi.c | 9 +++------
crypto/algboss.c | 2 +-
crypto/internal.h | 2 +-
3 files changed, 5 insertions(+), 8 deletions(-)
diff --git a/crypto/algapi.c b/crypto/algapi.c
index 29076797a938..8b4a1903557e 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -366,10 +366,9 @@ __crypto_register_alg(struct crypto_alg *alg, struct list_head *algs_to_put)
goto out;
}
-void crypto_alg_tested(const char *name, int err)
+void crypto_alg_tested(struct crypto_alg *alg, int err)
{
struct crypto_larval *test;
- struct crypto_alg *alg;
struct crypto_alg *q;
LIST_HEAD(list);
@@ -379,18 +378,16 @@ void crypto_alg_tested(const char *name, int err)
continue;
test = (struct crypto_larval *)q;
-
- if (!strcmp(q->cra_driver_name, name))
+ if (test->adult == alg)
goto found;
}
- pr_err("alg: Unexpected test result for %s: %d\n", name, err);
+ pr_err("alg: Unexpected test result for %s: %d\n", alg->cra_driver_name, err);
up_write(&crypto_alg_sem);
return;
found:
q->cra_flags |= CRYPTO_ALG_DEAD;
- alg = test->adult;
if (crypto_is_dead(alg))
goto complete;
diff --git a/crypto/algboss.c b/crypto/algboss.c
index 31df14e37a3e..2599c54a49ff 100644
--- a/crypto/algboss.c
+++ b/crypto/algboss.c
@@ -172,7 +172,7 @@ static int cryptomgr_test(void *data)
err = alg_test(alg, alg->cra_driver_name, alg->cra_name,
alg->cra_flags, CRYPTO_ALG_TESTED);
- crypto_alg_tested(alg->cra_driver_name, err);
+ crypto_alg_tested(alg, err);
crypto_mod_put(alg);
module_put_and_kthread_exit(0);
diff --git a/crypto/internal.h b/crypto/internal.h
index 702934c719ef..1000ce8de06c 100644
--- a/crypto/internal.h
+++ b/crypto/internal.h
@@ -114,7 +114,7 @@ struct crypto_alg *crypto_alg_mod_lookup(const char *name, u32 type, u32 mask);
struct crypto_larval *crypto_larval_alloc(const char *name, u32 type, u32 mask);
void crypto_schedule_test(struct crypto_larval *larval);
-void crypto_alg_tested(const char *name, int err);
+void crypto_alg_tested(struct crypto_alg *alg, int err);
void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list,
struct crypto_alg *nalg);
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 017/104] crypto: testmgr: check that we got the expected alg
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
alg_test() is testing a specific crypto algorithm, but does the lookup
by name.
Add a new helper, check_alg(), to be called after allocating your tfm,
to verify that the algorithm we are actually testing is the algorithm
we meant to test.
This is vitally important so no races or other shenanigans can cause a
test to be scheduled for a particular driver and end up actually testing
a different one.
Note that if this warning ever triggers, it indicates that there is a
problem with how algorithms are registered/unregistered and how tests
are scheduled, as it should normally not be possible to end up testing
something you didn't mean to test.
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/testmgr.c | 130 +++++++++++++++++++++++++++++++++++++----------
1 file changed, 102 insertions(+), 28 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 1dfd37761a4f..35626ae18c60 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -158,8 +158,8 @@ struct kpp_test_suite {
struct alg_test_desc {
const char *alg;
const char *generic_driver;
- int (*test)(const struct alg_test_desc *desc, const char *driver,
- u32 type, u32 mask);
+ int (*test)(struct crypto_alg *alg, const struct alg_test_desc *desc,
+ const char *driver, u32 type, u32 mask);
int fips_allowed; /* see FIPS_* constants above */
union {
@@ -1914,7 +1914,18 @@ static int alloc_shash(const char *driver, u32 type, u32 mask,
return 0;
}
-static int __alg_test_hash(const struct hash_testvec *vecs,
+static int check_alg(struct crypto_alg *expected, struct crypto_alg *actual)
+{
+ if (actual == expected)
+ return 0;
+
+ WARN(1, "alg: expected driver %s, got %s\n",
+ expected->cra_driver_name, actual->cra_driver_name);
+ return -EINVAL;
+}
+
+static int __alg_test_hash(struct crypto_alg *alg,
+ const struct hash_testvec *vecs,
unsigned int num_vecs, const char *driver,
u32 type, u32 mask,
const char *generic_driver, unsigned int maxkeysize)
@@ -1942,6 +1953,11 @@ static int __alg_test_hash(const struct hash_testvec *vecs,
driver, PTR_ERR(atfm));
return PTR_ERR(atfm);
}
+
+ err = check_alg(alg, atfm->base.__crt_alg);
+ if (err)
+ goto out;
+
driver = crypto_ahash_driver_name(atfm);
req = ahash_request_alloc(atfm, GFP_KERNEL);
@@ -1960,6 +1976,12 @@ static int __alg_test_hash(const struct hash_testvec *vecs,
if (err)
goto out;
+ if (stfm) {
+ err = check_alg(alg, stfm->base.__crt_alg);
+ if (err)
+ goto out;
+ }
+
tsgl = kmalloc(sizeof(*tsgl), GFP_KERNEL);
if (!tsgl || init_test_sglist(tsgl) != 0) {
pr_err("alg: hash: failed to allocate test buffers for %s\n",
@@ -2005,7 +2027,8 @@ static int __alg_test_hash(const struct hash_testvec *vecs,
return err;
}
-static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
+static int alg_test_hash(struct crypto_alg *alg,
+ const struct alg_test_desc *desc, const char *driver,
u32 type, u32 mask)
{
const struct hash_testvec *template = desc->suite.hash.vecs;
@@ -2036,14 +2059,14 @@ static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
err = 0;
if (nr_unkeyed) {
- err = __alg_test_hash(template, nr_unkeyed, driver, type, mask,
- desc->generic_driver, maxkeysize);
+ err = __alg_test_hash(alg, template, nr_unkeyed, driver, type,
+ mask, desc->generic_driver, maxkeysize);
template += nr_unkeyed;
}
if (!err && nr_keyed)
- err = __alg_test_hash(template, nr_keyed, driver, type, mask,
- desc->generic_driver, maxkeysize);
+ err = __alg_test_hash(alg, template, nr_keyed, driver, type,
+ mask, desc->generic_driver, maxkeysize);
return err;
}
@@ -2673,7 +2696,8 @@ static int test_aead(int enc, const struct aead_test_suite *suite,
return 0;
}
-static int alg_test_aead(const struct alg_test_desc *desc, const char *driver,
+static int alg_test_aead(struct crypto_alg *alg,
+ const struct alg_test_desc *desc, const char *driver,
u32 type, u32 mask)
{
const struct aead_test_suite *suite = &desc->suite.aead;
@@ -2695,6 +2719,11 @@ static int alg_test_aead(const struct alg_test_desc *desc, const char *driver,
driver, PTR_ERR(tfm));
return PTR_ERR(tfm);
}
+
+ err = check_alg(alg, tfm->base.__crt_alg);
+ if (err)
+ goto out;
+
driver = crypto_aead_driver_name(tfm);
req = aead_request_alloc(tfm, GFP_KERNEL);
@@ -3230,7 +3259,8 @@ static int test_skcipher(int enc, const struct cipher_test_suite *suite,
return 0;
}
-static int alg_test_skcipher(const struct alg_test_desc *desc,
+static int alg_test_skcipher(struct crypto_alg *alg,
+ const struct alg_test_desc *desc,
const char *driver, u32 type, u32 mask)
{
const struct cipher_test_suite *suite = &desc->suite.cipher;
@@ -3252,6 +3282,11 @@ static int alg_test_skcipher(const struct alg_test_desc *desc,
driver, PTR_ERR(tfm));
return PTR_ERR(tfm);
}
+
+ err = check_alg(alg, tfm->base.__crt_alg);
+ if (err)
+ goto out;
+
driver = crypto_skcipher_driver_name(tfm);
req = skcipher_request_alloc(tfm, GFP_KERNEL);
@@ -3517,7 +3552,8 @@ static int test_cprng(struct crypto_rng *tfm,
return err;
}
-static int alg_test_cipher(const struct alg_test_desc *desc,
+static int alg_test_cipher(struct crypto_alg *alg,
+ const struct alg_test_desc *desc,
const char *driver, u32 type, u32 mask)
{
const struct cipher_test_suite *suite = &desc->suite.cipher;
@@ -3533,16 +3569,22 @@ static int alg_test_cipher(const struct alg_test_desc *desc,
return PTR_ERR(tfm);
}
+ err = check_alg(alg, tfm->base.__crt_alg);
+ if (err)
+ goto out;
+
err = test_cipher(tfm, ENCRYPT, suite->vecs, suite->count);
if (!err)
err = test_cipher(tfm, DECRYPT, suite->vecs, suite->count);
+out:
crypto_free_cipher(tfm);
return err;
}
-static int alg_test_comp(const struct alg_test_desc *desc, const char *driver,
- u32 type, u32 mask)
+static int alg_test_comp(struct crypto_alg *alg,
+ const struct alg_test_desc *desc,
+ const char *driver, u32 type, u32 mask)
{
struct crypto_acomp *acomp;
int err;
@@ -3555,6 +3597,13 @@ static int alg_test_comp(const struct alg_test_desc *desc, const char *driver,
driver, PTR_ERR(acomp));
return PTR_ERR(acomp);
}
+
+ err = check_alg(alg, acomp->base.__crt_alg);
+ if (err) {
+ crypto_free_acomp(acomp);
+ return err;
+ }
+
err = test_acomp(acomp, desc->suite.comp.comp.vecs,
desc->suite.comp.decomp.vecs,
desc->suite.comp.comp.count,
@@ -3563,7 +3612,8 @@ static int alg_test_comp(const struct alg_test_desc *desc, const char *driver,
return err;
}
-static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver,
+static int alg_test_cprng(struct crypto_alg *alg,
+ const struct alg_test_desc *desc, const char *driver,
u32 type, u32 mask)
{
struct crypto_rng *rng;
@@ -3578,15 +3628,20 @@ static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver,
return PTR_ERR(rng);
}
+ err = check_alg(alg, rng->base.__crt_alg);
+ if (err)
+ goto out;
+
err = test_cprng(rng, desc->suite.cprng.vecs, desc->suite.cprng.count);
+out:
crypto_free_rng(rng);
-
return err;
}
-static int drbg_cavs_test(const struct drbg_testvec *test, int pr,
+static int drbg_cavs_test(struct crypto_alg *alg,
+ const struct drbg_testvec *test, int pr,
const char *driver, u32 type, u32 mask)
{
int ret = -EAGAIN;
@@ -3608,6 +3663,10 @@ static int drbg_cavs_test(const struct drbg_testvec *test, int pr,
return PTR_ERR(drng);
}
+ ret = check_alg(alg, drng->base.__crt_alg);
+ if (ret)
+ goto outbuf;
+
test_data.testentropy = &testentropy;
drbg_string_fill(&testentropy, test->entropy, test->entropylen);
drbg_string_fill(&pers, test->pers, test->perslen);
@@ -3656,7 +3715,8 @@ static int drbg_cavs_test(const struct drbg_testvec *test, int pr,
}
-static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver,
+static int alg_test_drbg(struct crypto_alg *alg,
+ const struct alg_test_desc *desc, const char *driver,
u32 type, u32 mask)
{
int err = 0;
@@ -3669,7 +3729,7 @@ static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver,
pr = 1;
for (i = 0; i < tcount; i++) {
- err = drbg_cavs_test(&template[i], pr, driver, type, mask);
+ err = drbg_cavs_test(alg, &template[i], pr, driver, type, mask);
if (err) {
printk(KERN_ERR "alg: drbg: Test %d failed for %s\n",
i, driver);
@@ -3839,7 +3899,8 @@ static int test_kpp(struct crypto_kpp *tfm, const char *alg,
return 0;
}
-static int alg_test_kpp(const struct alg_test_desc *desc, const char *driver,
+static int alg_test_kpp(struct crypto_alg *alg,
+ const struct alg_test_desc *desc, const char *driver,
u32 type, u32 mask)
{
struct crypto_kpp *tfm;
@@ -3853,10 +3914,16 @@ static int alg_test_kpp(const struct alg_test_desc *desc, const char *driver,
driver, PTR_ERR(tfm));
return PTR_ERR(tfm);
}
+
+ err = check_alg(alg, tfm->base.__crt_alg);
+ if (err)
+ goto out;
+
if (desc->suite.kpp.vecs)
err = test_kpp(tfm, desc->alg, desc->suite.kpp.vecs,
desc->suite.kpp.count);
+out:
crypto_free_kpp(tfm);
return err;
}
@@ -4022,7 +4089,8 @@ static int test_akcipher(struct crypto_akcipher *tfm, const char *alg,
return 0;
}
-static int alg_test_akcipher(const struct alg_test_desc *desc,
+static int alg_test_akcipher(struct crypto_alg *alg,
+ const struct alg_test_desc *desc,
const char *driver, u32 type, u32 mask)
{
struct crypto_akcipher *tfm;
@@ -4036,10 +4104,16 @@ static int alg_test_akcipher(const struct alg_test_desc *desc,
driver, PTR_ERR(tfm));
return PTR_ERR(tfm);
}
+
+ err = check_alg(alg, tfm->base.__crt_alg);
+ if (err)
+ goto out;
+
if (desc->suite.akcipher.vecs)
err = test_akcipher(tfm, desc->alg, desc->suite.akcipher.vecs,
desc->suite.akcipher.count);
+out:
crypto_free_akcipher(tfm);
return err;
}
@@ -4132,8 +4206,8 @@ static int test_sig(struct crypto_sig *tfm, const char *alg,
return 0;
}
-static int alg_test_sig(const struct alg_test_desc *desc, const char *driver,
- u32 type, u32 mask)
+static int alg_test_sig(struct crypto_alg *alg, const struct alg_test_desc *desc,
+ const char *driver, u32 type, u32 mask)
{
struct crypto_sig *tfm;
int err = 0;
@@ -4152,8 +4226,8 @@ static int alg_test_sig(const struct alg_test_desc *desc, const char *driver,
return err;
}
-static int alg_test_null(const struct alg_test_desc *desc,
- const char *driver, u32 type, u32 mask)
+static int alg_test_null(struct crypto_alg *alg, const struct alg_test_desc *desc,
+ const char *driver, u32 type, u32 mask)
{
return 0;
}
@@ -5817,7 +5891,7 @@ int alg_test(struct crypto_alg *alg, const char *driver, const char *name, u32 t
if (alg_test_fips_disabled(alg, &alg_test_descs[i]))
goto non_fips_alg;
- rc = alg_test_cipher(alg_test_descs + i, driver, type, mask);
+ rc = alg_test_cipher(alg, alg_test_descs + i, driver, type, mask);
goto test_done;
}
@@ -5835,10 +5909,10 @@ int alg_test(struct crypto_alg *alg, const char *driver, const char *name, u32 t
rc = 0;
if (i >= 0)
- rc |= alg_test_descs[i].test(alg_test_descs + i, driver,
+ rc |= alg_test_descs[i].test(alg, alg_test_descs + i, driver,
type, mask);
if (j >= 0 && j != i)
- rc |= alg_test_descs[j].test(alg_test_descs + j, driver,
+ rc |= alg_test_descs[j].test(alg, alg_test_descs + j, driver,
type, mask);
test_done:
@@ -5876,7 +5950,7 @@ int alg_test(struct crypto_alg *alg, const char *driver, const char *name, u32 t
if (alg_test_fips_disabled(alg, &alg_test_descs[i]))
goto non_fips_alg;
- rc = alg_test_skcipher(alg_test_descs + i, driver, type, mask);
+ rc = alg_test_skcipher(alg, alg_test_descs + i, driver, type, mask);
goto test_done;
}
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 008/104] arch/x86/boot/string.h: override memmove()/strlen()
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum,
Vivek Goyal, Thomas Gleixner, Ingo Molnar, Borislav Petkov,
Dave Hansen, x86, H. Peter Anvin
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
arch/x86/boot/string.h defines string functions used by
arch/x86/purgatory/purgatory.c. Other headers used by this file may
pull in existing definitions of memmove() and strlen(), so extend the
overrides to these macros/functions as well.
(This is needed as purgatory uses crypto functions which pull in other
headers that I am changing in this patch series and causing errors.)
We might consider simply moving all of this into purgatory.c after all
the #includes to avoid similar issues in the future.
Cc: Vivek Goyal <vgoyal@redhat.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Dave Hansen <dave.hansen@linux.intel.com>
Cc: x86@kernel.org
Cc: "H. Peter Anvin" <hpa@zytor.com>
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
arch/x86/boot/string.h | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/arch/x86/boot/string.h b/arch/x86/boot/string.h
index a5b05ebc037d..ac25100183bc 100644
--- a/arch/x86/boot/string.h
+++ b/arch/x86/boot/string.h
@@ -4,6 +4,7 @@
/* Undef any of these macros coming from string_32.h. */
#undef memcpy
+#undef memmove
#undef memset
#undef memcmp
@@ -15,9 +16,12 @@ int bcmp(const void *s1, const void *s2, size_t len);
/* Access builtin version by default. */
#define memcpy(d,s,l) __builtin_memcpy(d,s,l)
+#define memmove(d,s,l) __builtin_memmove(d,s,l)
#define memset(d,c,l) __builtin_memset(d,c,l)
#define memcmp __builtin_memcmp
+#undef strlen
+
extern int strcmp(const char *str1, const char *str2);
extern int strncmp(const char *cs, const char *ct, size_t count);
extern size_t strlen(const char *s);
--
2.39.3
^ permalink raw reply related
* [PATCH RFC 016/104] crypto: alg - add CRYPTO_ALG_FIPS_PROVIDED flag
From: Vegard Nossum @ 2025-09-04 15:50 UTC (permalink / raw)
To: Herbert Xu, David S. Miller, linux-crypto, Luis Chamberlain,
Petr Pavlu, Daniel Gomez
Cc: Ard Biesheuvel, Eric Biggers, Jason A . Donenfeld,
Greg Kroah-Hartman, Wang, Jay, Nicolai Stange, Vladis Dronov,
Stephan Mueller, Sami Tolvanen, linux-modules, Vegard Nossum
In-Reply-To: <20250904155216.460962-1-vegard.nossum@oracle.com>
Use a new flag to record whether a particular algorithm is provided by
a standalone FIPS 140 module.
Note: This does not mean the algorithm is "FIPS approved" or even "FIPS
allowed" -- it simply means the algorithm is implemented within the FIPS
module.
Signed-off-by: Vegard Nossum <vegard.nossum@oracle.com>
---
crypto/algapi.c | 30 ++++++++++++++++++++++++++++++
crypto/testmgr.c | 22 +++++++++++++++-------
include/linux/crypto.h | 8 ++++++++
3 files changed, 53 insertions(+), 7 deletions(-)
diff --git a/crypto/algapi.c b/crypto/algapi.c
index 54b8d4acd651..29076797a938 100644
--- a/crypto/algapi.c
+++ b/crypto/algapi.c
@@ -450,6 +450,9 @@ int crypto_register_alg(struct crypto_alg *alg)
if (err)
return err;
+ /* Blatant API misuse */
+ BUG_ON(alg->cra_flags & CRYPTO_ALG_FIPS_PROVIDED);
+
if (alg->cra_flags & CRYPTO_ALG_DUP_FIRST &&
!WARN_ON_ONCE(alg->cra_destroy)) {
unsigned int algsize = alg->cra_type->algsize;
@@ -463,6 +466,13 @@ int crypto_register_alg(struct crypto_alg *alg)
alg->cra_destroy = crypto_free_alg;
}
+#ifdef FIPS_MODULE
+ if (alg->cra_module == THIS_MODULE) {
+ alg->cra_flags |= CRYPTO_ALG_FIPS_PROVIDED;
+ alg->cra_priority |= 4096;
+ }
+#endif
+
down_write(&crypto_alg_sem);
larval = __crypto_register_alg(alg, &algs_to_put);
if (!IS_ERR_OR_NULL(larval)) {
@@ -666,6 +676,9 @@ int crypto_register_instance(struct crypto_template *tmpl,
struct crypto_larval *larval;
struct crypto_spawn *spawn;
u32 fips_internal = 0;
+#ifdef FIPS_MODULE
+ u32 fips_provided = ~0;
+#endif
LIST_HEAD(algs_to_put);
int err;
@@ -673,6 +686,9 @@ int crypto_register_instance(struct crypto_template *tmpl,
if (err)
return err;
+ /* Blatant API misuse */
+ BUG_ON(inst->alg.cra_flags & CRYPTO_ALG_FIPS_PROVIDED);
+
inst->alg.cra_module = tmpl->module;
inst->alg.cra_flags |= CRYPTO_ALG_INSTANCE;
inst->alg.cra_destroy = crypto_destroy_instance;
@@ -692,6 +708,13 @@ int crypto_register_instance(struct crypto_template *tmpl,
fips_internal |= spawn->alg->cra_flags;
+#ifdef FIPS_MODULE
+ if (spawn->alg->cra_module == THIS_MODULE)
+ fips_provided &= spawn->alg->cra_flags;
+ else
+ fips_provided = 0;
+#endif
+
crypto_mod_put(spawn->alg);
spawn = next;
@@ -699,6 +722,13 @@ int crypto_register_instance(struct crypto_template *tmpl,
inst->alg.cra_flags |= (fips_internal & CRYPTO_ALG_FIPS_INTERNAL);
+#ifdef FIPS_MODULE
+ if (tmpl->module == THIS_MODULE && (fips_provided & CRYPTO_ALG_FIPS_PROVIDED)) {
+ inst->alg.cra_flags |= CRYPTO_ALG_FIPS_PROVIDED;
+ inst->alg.cra_priority |= 4096;
+ }
+#endif
+
larval = __crypto_register_alg(&inst->alg, &algs_to_put);
if (IS_ERR(larval))
goto unlock;
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 25aadf5b6690..1dfd37761a4f 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -5771,15 +5771,23 @@ static int alg_fips_disabled(const char *driver, const char *alg)
return -ECANCELED;
}
-static int alg_test_fips_disabled(const struct alg_test_desc *desc)
+static int alg_test_fips_disabled(const struct crypto_alg *alg, const struct alg_test_desc *desc)
{
if (!fips_enabled)
return 0;
/*
- * Only allow FIPS-allowed algorithms to be tested.
+ * If the algorithm is completely provided by the FIPS module
+ * we still require it to be allowed accoding to our test table.
*/
- return !(desc->fips_allowed & FIPS_ALLOWED);
+ if (alg->cra_flags & CRYPTO_ALG_FIPS_PROVIDED)
+ return !(desc->fips_allowed & FIPS_ALLOWED);
+
+ /*
+ * If the algorithm is not provided by the FIPS module, then
+ * it must be FIPS_NON_CRYPTOGRAPHIC.
+ */
+ return !(desc->fips_allowed & FIPS_NON_CRYPTOGRAPHIC);
}
int alg_test(struct crypto_alg *alg, const char *driver, const char *name, u32 type, u32 mask)
@@ -5806,7 +5814,7 @@ int alg_test(struct crypto_alg *alg, const char *driver, const char *name, u32 t
if (i < 0)
goto notest;
- if (alg_test_fips_disabled(&alg_test_descs[i]))
+ if (alg_test_fips_disabled(alg, &alg_test_descs[i]))
goto non_fips_alg;
rc = alg_test_cipher(alg_test_descs + i, driver, type, mask);
@@ -5819,9 +5827,9 @@ int alg_test(struct crypto_alg *alg, const char *driver, const char *name, u32 t
goto notest;
if (fips_enabled) {
- if (j >= 0 && alg_test_fips_disabled(&alg_test_descs[j]))
+ if (j >= 0 && alg_test_fips_disabled(alg, &alg_test_descs[j]))
return -EINVAL;
- if (i >= 0 && alg_test_fips_disabled(&alg_test_descs[i]))
+ if (i >= 0 && alg_test_fips_disabled(alg, &alg_test_descs[i]))
goto non_fips_alg;
}
@@ -5865,7 +5873,7 @@ int alg_test(struct crypto_alg *alg, const char *driver, const char *name, u32 t
if (i < 0)
goto notest2;
- if (alg_test_fips_disabled(&alg_test_descs[i]))
+ if (alg_test_fips_disabled(alg, &alg_test_descs[i]))
goto non_fips_alg;
rc = alg_test_skcipher(alg_test_descs + i, driver, type, mask);
diff --git a/include/linux/crypto.h b/include/linux/crypto.h
index a2137e19be7d..737e53a642d4 100644
--- a/include/linux/crypto.h
+++ b/include/linux/crypto.h
@@ -139,6 +139,14 @@
/* Set if the algorithm cannot have a fallback (e.g., phmac). */
#define CRYPTO_ALG_NO_FALLBACK 0x00080000
+/*
+ * The algorithm is provided by the FIPS module.
+ *
+ * NOTE: an algorithm can be provided by the FIPS module and not be
+ * approved, depending on the exact parameters like key size, etc.
+ */
+#define CRYPTO_ALG_FIPS_PROVIDED 0x00100000
+
/* The high bits 0xff000000 are reserved for type-specific flags. */
/*
--
2.39.3
^ permalink raw reply related
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox