[PATCH] ecryptfs: reduce legacy API usage

[PATCH] ecryptfs: reduce legacy API usage

[Jeff Garzik]

Use modern crypto APIs.

Signed-off-by: Jeff Garzik <jeff@garzik.org>

---

This doesn't completely remove the legacy API usage from the filesystem,
but it moves the effort forward, and should be a self-contained change.

 fs/ecryptfs/crypto.c               |   63 ++++++++++++++++++++++---------------
 fs/ecryptfs/ecryptfs_kernel.h      |    9 ++---

diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index ed35a97..6b62792 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -96,23 +96,27 @@ static int ecryptfs_calculate_md5(char *
 {
 	int rc = 0;
 	struct scatterlist sg;
+	struct hash_desc desc = {
+		.tfm = crypt_stat->hash,
+		.flags = CRYPTO_TFM_REQ_MAY_SLEEP,
+	};
 
-	mutex_lock(&crypt_stat->cs_md5_tfm_mutex);
+	mutex_lock(&crypt_stat->cs_hash_mutex);
 	sg_init_one(&sg, (u8 *)src, len);
-	if (!crypt_stat->md5_tfm) {
-		crypt_stat->md5_tfm =
-			crypto_alloc_tfm("md5", CRYPTO_TFM_REQ_MAY_SLEEP);
-		if (!crypt_stat->md5_tfm) {
-			rc = -ENOMEM;
+	if (!desc.tfm) {
+		desc.tfm = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);
+		if (IS_ERR(desc.tfm)) {
+			rc = PTR_ERR(desc.tfm);
 			ecryptfs_printk(KERN_ERR, "Error attempting to "
 					"allocate crypto context\n");
 			goto out;
 		}
+		crypt_stat->hash = desc.tfm;
 	}
-	crypto_digest_init(crypt_stat->md5_tfm);
-	crypto_digest_update(crypt_stat->md5_tfm, &sg, 1);
-	crypto_digest_final(crypt_stat->md5_tfm, dst);
-	mutex_unlock(&crypt_stat->cs_md5_tfm_mutex);
+	crypto_hash_init(&desc);
+	crypto_hash_update(&desc, &sg, len);
+	crypto_hash_final(&desc, dst);
+	mutex_unlock(&crypt_stat->cs_hash_mutex);
 out:
 	return rc;
 }
@@ -178,7 +182,7 @@ ecryptfs_init_crypt_stat(struct ecryptfs
 	memset((void *)crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat));
 	mutex_init(&crypt_stat->cs_mutex);
 	mutex_init(&crypt_stat->cs_tfm_mutex);
-	mutex_init(&crypt_stat->cs_md5_tfm_mutex);
+	mutex_init(&crypt_stat->cs_hash_mutex);
 	ECRYPTFS_SET_FLAG(crypt_stat->flags, ECRYPTFS_STRUCT_INITIALIZED);
 }
 
@@ -191,9 +195,9 @@ ecryptfs_init_crypt_stat(struct ecryptfs
 void ecryptfs_destruct_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat)
 {
 	if (crypt_stat->tfm)
-		crypto_free_tfm(crypt_stat->tfm);
-	if (crypt_stat->md5_tfm)
-		crypto_free_tfm(crypt_stat->md5_tfm);
+		crypto_free_blkcipher(crypt_stat->tfm);
+	if (crypt_stat->hash)
+		crypto_free_hash(crypt_stat->hash);
 	memset(crypt_stat, 0, sizeof(struct ecryptfs_crypt_stat));
 }
 
@@ -270,6 +274,11 @@ static int encrypt_scatterlist(struct ec
 			       unsigned char *iv)
 {
 	int rc = 0;
+	struct blkcipher_desc desc = {
+		.tfm = crypt_stat->tfm,
+		.info = iv,
+		.flags = CRYPTO_TFM_REQ_MAY_SLEEP,
+	};
 
 	BUG_ON(!crypt_stat || !crypt_stat->tfm
 	       || !ECRYPTFS_CHECK_FLAG(crypt_stat->flags,
@@ -282,7 +291,7 @@ static int encrypt_scatterlist(struct ec
 	}
 	/* Consider doing this once, when the file is opened */
 	mutex_lock(&crypt_stat->cs_tfm_mutex);
-	rc = crypto_cipher_setkey(crypt_stat->tfm, crypt_stat->key,
+	rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
 				  crypt_stat->key_size);
 	if (rc) {
 		ecryptfs_printk(KERN_ERR, "Error setting key; rc = [%d]\n",
@@ -292,7 +301,7 @@ static int encrypt_scatterlist(struct ec
 		goto out;
 	}
 	ecryptfs_printk(KERN_DEBUG, "Encrypting [%d] bytes.\n", size);
-	crypto_cipher_encrypt_iv(crypt_stat->tfm, dest_sg, src_sg, size, iv);
+	crypto_blkcipher_encrypt_iv(&desc, dest_sg, src_sg, size);
 	mutex_unlock(&crypt_stat->cs_tfm_mutex);
 out:
 	return rc;
@@ -676,11 +685,16 @@ static int decrypt_scatterlist(struct ec
 			       unsigned char *iv)
 {
 	int rc = 0;
+	struct blkcipher_desc desc = {
+		.tfm = crypt_stat->tfm,
+		.info = iv,
+		.flags = CRYPTO_TFM_REQ_MAY_SLEEP,
+	};
 
 	/* Consider doing this once, when the file is opened */
 	mutex_lock(&crypt_stat->cs_tfm_mutex);
-	rc = crypto_cipher_setkey(crypt_stat->tfm, crypt_stat->key,
-				  crypt_stat->key_size);
+	rc = crypto_blkcipher_setkey(crypt_stat->tfm, crypt_stat->key,
+				     crypt_stat->key_size);
 	if (rc) {
 		ecryptfs_printk(KERN_ERR, "Error setting key; rc = [%d]\n",
 				rc);
@@ -689,8 +703,7 @@ static int decrypt_scatterlist(struct ec
 		goto out;
 	}
 	ecryptfs_printk(KERN_DEBUG, "Decrypting [%d] bytes.\n", size);
-	rc = crypto_cipher_decrypt_iv(crypt_stat->tfm, dest_sg, src_sg, size,
-				      iv);
+	rc = crypto_blkcipher_decrypt_iv(&desc, dest_sg, src_sg, size);
 	mutex_unlock(&crypt_stat->cs_tfm_mutex);
 	if (rc) {
 		ecryptfs_printk(KERN_ERR, "Error decrypting; rc = [%d]\n",
@@ -775,16 +788,18 @@ int ecryptfs_init_crypt_ctx(struct ecryp
 		goto out;
 	}
 	mutex_lock(&crypt_stat->cs_tfm_mutex);
-	crypt_stat->tfm = crypto_alloc_tfm(crypt_stat->cipher,
-					   ECRYPTFS_DEFAULT_CHAINING_MODE
-					   | CRYPTO_TFM_REQ_WEAK_KEY);
+	crypt_stat->tfm = crypto_alloc_blkcipher(crypt_stat->cipher, 0,
+						 CRYPTO_ALG_ASYNC);
 	mutex_unlock(&crypt_stat->cs_tfm_mutex);
-	if (!crypt_stat->tfm) {
+	if (IS_ERR(crypt_stat->tfm)) {
+		rc = PTR_ERR(crypt_stat->tfm);
 		ecryptfs_printk(KERN_ERR, "cryptfs: init_crypt_ctx(): "
 				"Error initializing cipher [%s]\n",
 				crypt_stat->cipher);
 		goto out;
 	}
+	crypto_blkcipher_set_flags(crypt_stat->tfm,
+		ECRYPTFS_DEFAULT_CHAINING_MODE | CRYPTO_TFM_REQ_WEAK_KEY);
 	rc = 0;
 out:
 	return rc;
diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h
index 872c995..eb45400 100644
--- a/fs/ecryptfs/ecryptfs_kernel.h
+++ b/fs/ecryptfs/ecryptfs_kernel.h
@@ -29,6 +29,7 @@ #define ECRYPTFS_KERNEL_H
 #include <keys/user-type.h>
 #include <linux/fs.h>
 #include <linux/scatterlist.h>
+#include <linux/crypto.h>
 
 /* Version verification for shared data structures w/ userspace */
 #define ECRYPTFS_VERSION_MAJOR 0x00
@@ -204,15 +205,15 @@ #define ECRYPTFS_KEY_VALID          0x00
 	size_t extent_shift;
 	unsigned int extent_mask;
 	struct ecryptfs_mount_crypt_stat *mount_crypt_stat;
-	struct crypto_tfm *tfm;
-	struct crypto_tfm *md5_tfm; /* Crypto context for generating
-				     * the initialization vectors */
+	struct crypto_blkcipher *tfm;
+	struct crypto_hash *hash; /* Crypto context for generating
+				   * the initialization vectors */
 	unsigned char cipher[ECRYPTFS_MAX_CIPHER_NAME_SIZE];
 	unsigned char key[ECRYPTFS_MAX_KEY_BYTES];
 	unsigned char root_iv[ECRYPTFS_MAX_IV_BYTES];
 	unsigned char keysigs[ECRYPTFS_MAX_NUM_KEYSIGS][ECRYPTFS_SIG_SIZE_HEX];
 	struct mutex cs_tfm_mutex;
-	struct mutex cs_md5_tfm_mutex;
+	struct mutex cs_hash_mutex;
 	struct mutex cs_mutex;
 };
 

Re: [PATCH] ecryptfs: reduce legacy API usage

[Herbert Xu]

On Tue, Oct 10, 2006 at 02:46:26AM -0400, Jeff Garzik wrote:
> 
> Use modern crypto APIs.
> 
> Signed-off-by: Jeff Garzik <jeff@garzik.org>

Looks good.  Thanks Jeff!
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Re: [PATCH] ecryptfs: reduce legacy API usage

[Michael Halcrow]

On Tue, Oct 10, 2006 at 02:46:26AM -0400, Jeff Garzik wrote:
> Use modern crypto APIs.
> 
> Signed-off-by: Jeff Garzik <jeff@garzik.org>

With this patch, I ran across a problem:

---
Oct 10 13:21:24 localhost mount.ecryptfs: Mount opts: [ecryptfs_sig=7fa06f4b66fcde02,ecryptfs_cipher=aes,ecryptfs_key_bytes=16] 
Oct 10 13:21:28 localhost kernel: ecryptfs_init_crypt_ctx: cryptfs: init_crypt_ctx(): Error initializing cipher [aes]
Oct 10 13:21:28 localhost kernel: BUG: unable to handle kernel NULL pointer dereference at virtual address 00000006
Oct 10 13:21:28 localhost kernel:  printing eip:
Oct 10 13:21:28 localhost kernel: f8a8ff10
Oct 10 13:21:28 localhost kernel: *pde = 00000000
Oct 10 13:21:28 localhost kernel: Oops: 0000 [#1]
Oct 10 13:21:28 localhost kernel: PREEMPT 
Oct 10 13:21:28 localhost kernel: Modules linked in: ecryptfs dummy l2cap bluetooth twofish twofish_common serpent aes blowfish ecb sha256 cry
pto_null cryptomgr joydev snd_intel8x0m wlan_scan_sta ath_pci ath_rate_sample wlan ath_hal(P) genrtc
Oct 10 13:21:28 localhost kernel: CPU:    0
Oct 10 13:21:28 localhost kernel: EIP:    0060:[<f8a8ff10>]    Tainted: P      VLI
Oct 10 13:21:28 localhost kernel: EFLAGS: 00010286   (2.6.19-rc1 #116)
Oct 10 13:21:28 localhost kernel: EIP is at decrypt_scatterlist+0x50/0x110 [ecryptfs]
Oct 10 13:21:28 localhost kernel: eax: 00000010   ebx: f2a44b84   ecx: fffffffe   edx: f2a44bd8
Oct 10 13:21:28 localhost kernel: esi: f2a44c48   edi: 00001000   ebp: e5f33bf4   esp: e5f33bb8
Oct 10 13:21:29 localhost kernel: ds: 007b   es: 007b   ss: 0068
Oct 10 13:21:29 localhost kernel: Process cat (pid: 5888, ti=e5f32000 task=ec246a70 task.ti=e5f32000)
Oct 10 13:21:29 localhost kernel: Stack: fffffffe f2a44bd8 00000010 00000bf4 fffffffe e5f33c78 00000200 e5f33c14 
Oct 10 13:21:29 localhost kernel:        fffffffe e5f33c78 00000200 e5f33c14 f2a44b84 00000000 c140d020 e5f33c30 
Oct 10 13:21:29 localhost kernel:        f8a9006b f2a44b84 e5f33c10 e5f33c20 00001000 e5f33c78 c13a7860 00000000 
Oct 10 13:21:29 localhost kernel: Call Trace:
Oct 10 13:21:29 localhost kernel:  [<f8a9006b>] ecryptfs_decrypt_page_offset+0x4b/0x50 [ecryptfs]
Oct 10 13:21:29 localhost kernel:  [<f8a8fd08>] ecryptfs_decrypt_page+0x168/0x320 [ecryptfs]
Oct 10 13:21:29 localhost kernel:  [<f8a8deef>] ecryptfs_readpage+0xaf/0x100 [ecryptfs]
Oct 10 13:21:29 localhost kernel:  [<c0149250>] read_pages+0x80/0xf0
Oct 10 13:21:29 localhost kernel:  [<c0149445>] __do_page_cache_readahead+0x185/0x1c0
Oct 10 13:21:29 localhost kernel:  [<c01495bf>] blockable_page_cache_readahead+0x4f/0xd0
Oct 10 13:21:29 localhost kernel:  [<c01497fc>] page_cache_readahead+0x10c/0x1d0
Oct 10 13:21:29 localhost kernel:  [<c0142a0c>] do_generic_mapping_read+0x40c/0x520
Oct 10 13:21:29 localhost kernel:  [<c0142d47>] generic_file_aio_read+0x147/0x220
Oct 10 13:21:29 localhost kernel:  [<f8a8a389>] ecryptfs_read_update_atime+0x39/0x80 [ecryptfs]
Oct 10 13:21:29 localhost kernel:  [<c016324f>] do_sync_read+0xdf/0x130
Oct 10 13:21:29 localhost kernel:  [<c0163468>] vfs_read+0x1c8/0x1d0
Oct 10 13:21:29 localhost kernel:  [<c01637bb>] sys_read+0x4b/0x80
Oct 10 13:21:29 localhost kernel:  [<c0103353>] syscall_call+0x7/0xb
Oct 10 13:21:29 localhost kernel:  [<b7f338de>] 0xb7f338de
Oct 10 13:21:29 localhost kernel:  =======================
Oct 10 13:21:29 localhost kernel: Code: 45 e4 89 f0 c7 45 dc 00 02 00 00 c7 45 ec 00 02 00 00 e8 74 04 9e c7 8b 4b 2c 8d 53 54 8b 43 1c 89 54 
24 04 89 0c 24 89 44 24 08 <ff> 51 08 85 c0 75 59 89 7c 24 08 b8 43 33 a9 f8 89 44 24 04 c7 
Oct 10 13:21:29 localhost kernel: EIP: [<f8a8ff10>] decrypt_scatterlist+0x50/0x110 [ecryptfs] SS:ESP 0068:e5f33bb8
---

parse_tag_3_packet() does not check the return code from
ecryptfs_init_crypt_ctx(). Here is a patch to fix that issue; this
prevents the oops. But reading an encrypted file still does not
work.

---

Check the return code from the cryptographic context initializer.

Signed-off-by: Michael Halcrow <mhalcrow@us.ibm.com>

---

 fs/ecryptfs/keystore.c |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

dd04668dddad4efc44dcfa6fc392a6aeabf30256
diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c
index ba45478..5ca3836 100644
--- a/fs/ecryptfs/keystore.c
+++ b/fs/ecryptfs/keystore.c
@@ -273,7 +273,12 @@ parse_tag_3_packet(struct ecryptfs_crypt
 		crypt_stat->key_size =
 			(*new_auth_tok)->session_key.encrypted_key_size;
 	}
-	ecryptfs_init_crypt_ctx(crypt_stat);
+	rc = ecryptfs_init_crypt_ctx(crypt_stat);
+	if (rc) {
+		printk(KERN_ERR "Error initializing the cryptographic context; "
+		       "rc = [%d]\n", rc);
+		goto out_free;
+	}
 	/* S2K identifier 3 (from RFC2440) */
 	if (unlikely(data[(*packet_size)++] != 0x03)) {
 		ecryptfs_printk(KERN_ERR, "Only S2K ID 3 is currently "
-- 
1.3.3