diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2020-04-01 23:47:40 +0200 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2020-04-01 23:47:40 +0200 |
commit | 72f35423e8a6a2451c202f52cb8adb92b08592ec (patch) | |
tree | 2cc5c715631a59d51b6445143e03a187e8e394f6 /crypto | |
parent | x86: start using named parameters for low-level uaccess asms (diff) | |
parent | crypto: af_alg - bool type cosmetics (diff) | |
download | linux-72f35423e8a6a2451c202f52cb8adb92b08592ec.tar.xz linux-72f35423e8a6a2451c202f52cb8adb92b08592ec.zip |
Merge branch 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu:
"API:
- Fix out-of-sync IVs in self-test for IPsec AEAD algorithms
Algorithms:
- Use formally verified implementation of x86/curve25519
Drivers:
- Enhance hwrng support in caam
- Use crypto_engine for skcipher/aead/rsa/hash in caam
- Add Xilinx AES driver
- Add uacce driver
- Register zip engine to uacce in hisilicon
- Add support for OCTEON TX CPT engine in marvell"
* 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (162 commits)
crypto: af_alg - bool type cosmetics
crypto: arm[64]/poly1305 - add artifact to .gitignore files
crypto: caam - limit single JD RNG output to maximum of 16 bytes
crypto: caam - enable prediction resistance in HRWNG
bus: fsl-mc: add api to retrieve mc version
crypto: caam - invalidate entropy register during RNG initialization
crypto: caam - check if RNG job failed
crypto: caam - simplify RNG implementation
crypto: caam - drop global context pointer and init_done
crypto: caam - use struct hwrng's .init for initialization
crypto: caam - allocate RNG instantiation descriptor with GFP_DMA
crypto: ccree - remove duplicated include from cc_aead.c
crypto: chelsio - remove set but not used variable 'adap'
crypto: marvell - enable OcteonTX cpt options for build
crypto: marvell - add the Virtual Function driver for CPT
crypto: marvell - add support for OCTEON TX CPT engine
crypto: marvell - create common Kconfig and Makefile for Marvell
crypto: arm/neon - memzero_explicit aes-cbc key
crypto: bcm - Use scnprintf() for avoiding potential buffer overflow
crypto: atmel-i2c - Fix wakeup fail
...
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/af_alg.c | 10 | ||||
-rw-r--r-- | crypto/algif_hash.c | 6 | ||||
-rw-r--r-- | crypto/authencesn.c | 2 | ||||
-rw-r--r-- | crypto/ccm.c | 29 | ||||
-rw-r--r-- | crypto/cryptd.c | 37 | ||||
-rw-r--r-- | crypto/ctr.c | 29 | ||||
-rw-r--r-- | crypto/cts.c | 27 | ||||
-rw-r--r-- | crypto/gcm.c | 66 | ||||
-rw-r--r-- | crypto/geniv.c | 17 | ||||
-rw-r--r-- | crypto/lrw.c | 28 | ||||
-rw-r--r-- | crypto/md5.c | 3 | ||||
-rw-r--r-- | crypto/pcrypt.c | 33 | ||||
-rw-r--r-- | crypto/proc.c | 2 | ||||
-rw-r--r-- | crypto/rng.c | 8 | ||||
-rw-r--r-- | crypto/rsa-pkcs1pad.c | 59 | ||||
-rw-r--r-- | crypto/tcrypt.c | 4 | ||||
-rw-r--r-- | crypto/testmgr.c | 28 | ||||
-rw-r--r-- | crypto/xts.c | 28 |
18 files changed, 149 insertions, 267 deletions
diff --git a/crypto/af_alg.c b/crypto/af_alg.c index 439367a8e95c..b1cd3535c525 100644 --- a/crypto/af_alg.c +++ b/crypto/af_alg.c @@ -821,8 +821,8 @@ int af_alg_sendmsg(struct socket *sock, struct msghdr *msg, size_t size, struct af_alg_tsgl *sgl; struct af_alg_control con = {}; long copied = 0; - bool enc = 0; - bool init = 0; + bool enc = false; + bool init = false; int err = 0; if (msg->msg_controllen) { @@ -830,13 +830,13 @@ int af_alg_sendmsg(struct socket *sock, struct msghdr *msg, size_t size, if (err) return err; - init = 1; + init = true; switch (con.op) { case ALG_OP_ENCRYPT: - enc = 1; + enc = true; break; case ALG_OP_DECRYPT: - enc = 0; + enc = false; break; default: return -EINVAL; diff --git a/crypto/algif_hash.c b/crypto/algif_hash.c index 178f4cd75ef1..da1ffa4f7f8d 100644 --- a/crypto/algif_hash.c +++ b/crypto/algif_hash.c @@ -83,7 +83,7 @@ static int hash_sendmsg(struct socket *sock, struct msghdr *msg, goto unlock; } - ctx->more = 0; + ctx->more = false; while (msg_data_left(msg)) { int len = msg_data_left(msg); @@ -211,7 +211,7 @@ static int hash_recvmsg(struct socket *sock, struct msghdr *msg, size_t len, } if (!result || ctx->more) { - ctx->more = 0; + ctx->more = false; err = crypto_wait_req(crypto_ahash_final(&ctx->req), &ctx->wait); if (err) @@ -436,7 +436,7 @@ static int hash_accept_parent_nokey(void *private, struct sock *sk) ctx->result = NULL; ctx->len = len; - ctx->more = 0; + ctx->more = false; crypto_init_wait(&ctx->wait); ask->private = ctx; diff --git a/crypto/authencesn.c b/crypto/authencesn.c index 589008146fce..149b70df2a91 100644 --- a/crypto/authencesn.c +++ b/crypto/authencesn.c @@ -458,7 +458,7 @@ static int crypto_authenc_esn_create(struct crypto_template *tmpl, inst->alg.encrypt = crypto_authenc_esn_encrypt; inst->alg.decrypt = crypto_authenc_esn_decrypt; - inst->free = crypto_authenc_esn_free, + inst->free = crypto_authenc_esn_free; err = aead_register_instance(tmpl, inst); if (err) { diff --git a/crypto/ccm.c b/crypto/ccm.c index 241ecdc5c4e0..d1fb01bbc814 100644 --- a/crypto/ccm.c +++ b/crypto/ccm.c @@ -717,7 +717,6 @@ static int crypto_rfc4309_create(struct crypto_template *tmpl, struct aead_instance *inst; struct crypto_aead_spawn *spawn; struct aead_alg *alg; - const char *ccm_name; int err; algt = crypto_get_attr_type(tb); @@ -729,19 +728,15 @@ static int crypto_rfc4309_create(struct crypto_template *tmpl, mask = crypto_requires_sync(algt->type, algt->mask); - ccm_name = crypto_attr_alg_name(tb[1]); - if (IS_ERR(ccm_name)) - return PTR_ERR(ccm_name); - inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL); if (!inst) return -ENOMEM; spawn = aead_instance_ctx(inst); err = crypto_grab_aead(spawn, aead_crypto_instance(inst), - ccm_name, 0, mask); + crypto_attr_alg_name(tb[1]), 0, mask); if (err) - goto out_free_inst; + goto err_free_inst; alg = crypto_spawn_aead_alg(spawn); @@ -749,11 +744,11 @@ static int crypto_rfc4309_create(struct crypto_template *tmpl, /* We only support 16-byte blocks. */ if (crypto_aead_alg_ivsize(alg) != 16) - goto out_drop_alg; + goto err_free_inst; /* Not a stream cipher? */ if (alg->base.cra_blocksize != 1) - goto out_drop_alg; + goto err_free_inst; err = -ENAMETOOLONG; if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, @@ -762,7 +757,7 @@ static int crypto_rfc4309_create(struct crypto_template *tmpl, snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME, "rfc4309(%s)", alg->base.cra_driver_name) >= CRYPTO_MAX_ALG_NAME) - goto out_drop_alg; + goto err_free_inst; inst->alg.base.cra_flags = alg->base.cra_flags & CRYPTO_ALG_ASYNC; inst->alg.base.cra_priority = alg->base.cra_priority; @@ -786,17 +781,11 @@ static int crypto_rfc4309_create(struct crypto_template *tmpl, inst->free = crypto_rfc4309_free; err = aead_register_instance(tmpl, inst); - if (err) - goto out_drop_alg; - -out: + if (err) { +err_free_inst: + crypto_rfc4309_free(inst); + } return err; - -out_drop_alg: - crypto_drop_aead(spawn); -out_free_inst: - kfree(inst); - goto out; } static int crypto_cbcmac_digest_setkey(struct crypto_shash *parent, diff --git a/crypto/cryptd.c b/crypto/cryptd.c index d94c75c840a5..283212262adb 100644 --- a/crypto/cryptd.c +++ b/crypto/cryptd.c @@ -369,7 +369,6 @@ static int cryptd_create_skcipher(struct crypto_template *tmpl, struct skcipherd_instance_ctx *ctx; struct skcipher_instance *inst; struct skcipher_alg *alg; - const char *name; u32 type; u32 mask; int err; @@ -379,10 +378,6 @@ static int cryptd_create_skcipher(struct crypto_template *tmpl, cryptd_check_internal(tb, &type, &mask); - name = crypto_attr_alg_name(tb[1]); - if (IS_ERR(name)) - return PTR_ERR(name); - inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL); if (!inst) return -ENOMEM; @@ -391,14 +386,14 @@ static int cryptd_create_skcipher(struct crypto_template *tmpl, ctx->queue = queue; err = crypto_grab_skcipher(&ctx->spawn, skcipher_crypto_instance(inst), - name, type, mask); + crypto_attr_alg_name(tb[1]), type, mask); if (err) - goto out_free_inst; + goto err_free_inst; alg = crypto_spawn_skcipher_alg(&ctx->spawn); err = cryptd_init_instance(skcipher_crypto_instance(inst), &alg->base); if (err) - goto out_drop_skcipher; + goto err_free_inst; inst->alg.base.cra_flags = CRYPTO_ALG_ASYNC | (alg->base.cra_flags & CRYPTO_ALG_INTERNAL); @@ -421,10 +416,8 @@ static int cryptd_create_skcipher(struct crypto_template *tmpl, err = skcipher_register_instance(tmpl, inst); if (err) { -out_drop_skcipher: - crypto_drop_skcipher(&ctx->spawn); -out_free_inst: - kfree(inst); +err_free_inst: + cryptd_skcipher_free(inst); } return err; } @@ -694,8 +687,7 @@ static int cryptd_create_hash(struct crypto_template *tmpl, struct rtattr **tb, err = ahash_register_instance(tmpl, inst); if (err) { err_free_inst: - crypto_drop_shash(&ctx->spawn); - kfree(inst); + cryptd_hash_free(inst); } return err; } @@ -833,17 +825,12 @@ static int cryptd_create_aead(struct crypto_template *tmpl, struct aead_instance_ctx *ctx; struct aead_instance *inst; struct aead_alg *alg; - const char *name; u32 type = 0; u32 mask = CRYPTO_ALG_ASYNC; int err; cryptd_check_internal(tb, &type, &mask); - name = crypto_attr_alg_name(tb[1]); - if (IS_ERR(name)) - return PTR_ERR(name); - inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL); if (!inst) return -ENOMEM; @@ -852,14 +839,14 @@ static int cryptd_create_aead(struct crypto_template *tmpl, ctx->queue = queue; err = crypto_grab_aead(&ctx->aead_spawn, aead_crypto_instance(inst), - name, type, mask); + crypto_attr_alg_name(tb[1]), type, mask); if (err) - goto out_free_inst; + goto err_free_inst; alg = crypto_spawn_aead_alg(&ctx->aead_spawn); err = cryptd_init_instance(aead_crypto_instance(inst), &alg->base); if (err) - goto out_drop_aead; + goto err_free_inst; inst->alg.base.cra_flags = CRYPTO_ALG_ASYNC | (alg->base.cra_flags & CRYPTO_ALG_INTERNAL); @@ -879,10 +866,8 @@ static int cryptd_create_aead(struct crypto_template *tmpl, err = aead_register_instance(tmpl, inst); if (err) { -out_drop_aead: - crypto_drop_aead(&ctx->aead_spawn); -out_free_inst: - kfree(inst); +err_free_inst: + cryptd_aead_free(inst); } return err; } diff --git a/crypto/ctr.c b/crypto/ctr.c index a8feab621c6c..31ac4ae598e1 100644 --- a/crypto/ctr.c +++ b/crypto/ctr.c @@ -260,7 +260,6 @@ static int crypto_rfc3686_create(struct crypto_template *tmpl, struct skcipher_instance *inst; struct skcipher_alg *alg; struct crypto_skcipher_spawn *spawn; - const char *cipher_name; u32 mask; int err; @@ -272,10 +271,6 @@ static int crypto_rfc3686_create(struct crypto_template *tmpl, if ((algt->type ^ CRYPTO_ALG_TYPE_SKCIPHER) & algt->mask) return -EINVAL; - cipher_name = crypto_attr_alg_name(tb[1]); - if (IS_ERR(cipher_name)) - return PTR_ERR(cipher_name); - inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL); if (!inst) return -ENOMEM; @@ -287,7 +282,7 @@ static int crypto_rfc3686_create(struct crypto_template *tmpl, spawn = skcipher_instance_ctx(inst); err = crypto_grab_skcipher(spawn, skcipher_crypto_instance(inst), - cipher_name, 0, mask); + crypto_attr_alg_name(tb[1]), 0, mask); if (err) goto err_free_inst; @@ -296,20 +291,20 @@ static int crypto_rfc3686_create(struct crypto_template *tmpl, /* We only support 16-byte blocks. */ err = -EINVAL; if (crypto_skcipher_alg_ivsize(alg) != CTR_RFC3686_BLOCK_SIZE) - goto err_drop_spawn; + goto err_free_inst; /* Not a stream cipher? */ if (alg->base.cra_blocksize != 1) - goto err_drop_spawn; + goto err_free_inst; err = -ENAMETOOLONG; if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, "rfc3686(%s)", alg->base.cra_name) >= CRYPTO_MAX_ALG_NAME) - goto err_drop_spawn; + goto err_free_inst; if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME, "rfc3686(%s)", alg->base.cra_driver_name) >= CRYPTO_MAX_ALG_NAME) - goto err_drop_spawn; + goto err_free_inst; inst->alg.base.cra_priority = alg->base.cra_priority; inst->alg.base.cra_blocksize = 1; @@ -336,17 +331,11 @@ static int crypto_rfc3686_create(struct crypto_template *tmpl, inst->free = crypto_rfc3686_free; err = skcipher_register_instance(tmpl, inst); - if (err) - goto err_drop_spawn; - -out: - return err; - -err_drop_spawn: - crypto_drop_skcipher(spawn); + if (err) { err_free_inst: - kfree(inst); - goto out; + crypto_rfc3686_free(inst); + } + return err; } static struct crypto_template crypto_ctr_tmpls[] = { diff --git a/crypto/cts.c b/crypto/cts.c index 48188adc8e91..5e005c4f0221 100644 --- a/crypto/cts.c +++ b/crypto/cts.c @@ -327,7 +327,6 @@ static int crypto_cts_create(struct crypto_template *tmpl, struct rtattr **tb) struct skcipher_instance *inst; struct crypto_attr_type *algt; struct skcipher_alg *alg; - const char *cipher_name; u32 mask; int err; @@ -340,10 +339,6 @@ static int crypto_cts_create(struct crypto_template *tmpl, struct rtattr **tb) mask = crypto_requires_sync(algt->type, algt->mask); - cipher_name = crypto_attr_alg_name(tb[1]); - if (IS_ERR(cipher_name)) - return PTR_ERR(cipher_name); - inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL); if (!inst) return -ENOMEM; @@ -351,7 +346,7 @@ static int crypto_cts_create(struct crypto_template *tmpl, struct rtattr **tb) spawn = skcipher_instance_ctx(inst); err = crypto_grab_skcipher(spawn, skcipher_crypto_instance(inst), - cipher_name, 0, mask); + crypto_attr_alg_name(tb[1]), 0, mask); if (err) goto err_free_inst; @@ -359,15 +354,15 @@ static int crypto_cts_create(struct crypto_template *tmpl, struct rtattr **tb) err = -EINVAL; if (crypto_skcipher_alg_ivsize(alg) != alg->base.cra_blocksize) - goto err_drop_spawn; + goto err_free_inst; if (strncmp(alg->base.cra_name, "cbc(", 4)) - goto err_drop_spawn; + goto err_free_inst; err = crypto_inst_setname(skcipher_crypto_instance(inst), "cts", &alg->base); if (err) - goto err_drop_spawn; + goto err_free_inst; inst->alg.base.cra_flags = alg->base.cra_flags & CRYPTO_ALG_ASYNC; inst->alg.base.cra_priority = alg->base.cra_priority; @@ -391,17 +386,11 @@ static int crypto_cts_create(struct crypto_template *tmpl, struct rtattr **tb) inst->free = crypto_cts_free; err = skcipher_register_instance(tmpl, inst); - if (err) - goto err_drop_spawn; - -out: - return err; - -err_drop_spawn: - crypto_drop_skcipher(spawn); + if (err) { err_free_inst: - kfree(inst); - goto out; + crypto_cts_free(inst); + } + return err; } static struct crypto_template crypto_cts_tmpl = { diff --git a/crypto/gcm.c b/crypto/gcm.c index 8e5c0ac65661..0103d28c541e 100644 --- a/crypto/gcm.c +++ b/crypto/gcm.c @@ -840,7 +840,6 @@ static int crypto_rfc4106_create(struct crypto_template *tmpl, struct aead_instance *inst; struct crypto_aead_spawn *spawn; struct aead_alg *alg; - const char *ccm_name; int err; algt = crypto_get_attr_type(tb); @@ -852,19 +851,15 @@ static int crypto_rfc4106_create(struct crypto_template *tmpl, mask = crypto_requires_sync(algt->type, algt->mask); - ccm_name = crypto_attr_alg_name(tb[1]); - if (IS_ERR(ccm_name)) - return PTR_ERR(ccm_name); - inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL); if (!inst) return -ENOMEM; spawn = aead_instance_ctx(inst); err = crypto_grab_aead(spawn, aead_crypto_instance(inst), - ccm_name, 0, mask); + crypto_attr_alg_name(tb[1]), 0, mask); if (err) - goto out_free_inst; + goto err_free_inst; alg = crypto_spawn_aead_alg(spawn); @@ -872,11 +867,11 @@ static int crypto_rfc4106_create(struct crypto_template *tmpl, /* Underlying IV size must be 12. */ if (crypto_aead_alg_ivsize(alg) != GCM_AES_IV_SIZE) - goto out_drop_alg; + goto err_free_inst; /* Not a stream cipher? */ if (alg->base.cra_blocksize != 1) - goto out_drop_alg; + goto err_free_inst; err = -ENAMETOOLONG; if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, @@ -885,7 +880,7 @@ static int crypto_rfc4106_create(struct crypto_template *tmpl, snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME, "rfc4106(%s)", alg->base.cra_driver_name) >= CRYPTO_MAX_ALG_NAME) - goto out_drop_alg; + goto err_free_inst; inst->alg.base.cra_flags = alg->base.cra_flags & CRYPTO_ALG_ASYNC; inst->alg.base.cra_priority = alg->base.cra_priority; @@ -909,17 +904,11 @@ static int crypto_rfc4106_create(struct crypto_template *tmpl, inst->free = crypto_rfc4106_free; err = aead_register_instance(tmpl, inst); - if (err) - goto out_drop_alg; - -out: + if (err) { +err_free_inst: + crypto_rfc4106_free(inst); + } return err; - -out_drop_alg: - crypto_drop_aead(spawn); -out_free_inst: - kfree(inst); - goto out; } static int crypto_rfc4543_setkey(struct crypto_aead *parent, const u8 *key, @@ -1071,10 +1060,8 @@ static int crypto_rfc4543_create(struct crypto_template *tmpl, struct crypto_attr_type *algt; u32 mask; struct aead_instance *inst; - struct crypto_aead_spawn *spawn; struct aead_alg *alg; struct crypto_rfc4543_instance_ctx *ctx; - const char *ccm_name; int err; algt = crypto_get_attr_type(tb); @@ -1086,32 +1073,27 @@ static int crypto_rfc4543_create(struct crypto_template *tmpl, mask = crypto_requires_sync(algt->type, algt->mask); - ccm_name = crypto_attr_alg_name(tb[1]); - if (IS_ERR(ccm_name)) - return PTR_ERR(ccm_name); - inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL); if (!inst) return -ENOMEM; ctx = aead_instance_ctx(inst); - spawn = &ctx->aead; - err = crypto_grab_aead(spawn, aead_crypto_instance(inst), - ccm_name, 0, mask); + err = crypto_grab_aead(&ctx->aead, aead_crypto_instance(inst), + crypto_attr_alg_name(tb[1]), 0, mask); if (err) - goto out_free_inst; + goto err_free_inst; - alg = crypto_spawn_aead_alg(spawn); + alg = crypto_spawn_aead_alg(&ctx->aead); err = -EINVAL; /* Underlying IV size must be 12. */ if (crypto_aead_alg_ivsize(alg) != GCM_AES_IV_SIZE) - goto out_drop_alg; + goto err_free_inst; /* Not a stream cipher? */ if (alg->base.cra_blocksize != 1) - goto out_drop_alg; + goto err_free_inst; err = -ENAMETOOLONG; if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, @@ -1120,7 +1102,7 @@ static int crypto_rfc4543_create(struct crypto_template *tmpl, snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME, "rfc4543(%s)", alg->base.cra_driver_name) >= CRYPTO_MAX_ALG_NAME) - goto out_drop_alg; + goto err_free_inst; inst->alg.base.cra_flags = alg->base.cra_flags & CRYPTO_ALG_ASYNC; inst->alg.base.cra_priority = alg->base.cra_priority; @@ -1141,20 +1123,14 @@ static int crypto_rfc4543_create(struct crypto_template *tmpl, inst->alg.encrypt = crypto_rfc4543_encrypt; inst->alg.decrypt = crypto_rfc4543_decrypt; - inst->free = crypto_rfc4543_free, + inst->free = crypto_rfc4543_free; err = aead_register_instance(tmpl, inst); - if (err) - goto out_drop_alg; - -out: + if (err) { +err_free_inst: + crypto_rfc4543_free(inst); + } return err; - -out_drop_alg: - crypto_drop_aead(spawn); -out_free_inst: - kfree(inst); - goto out; } static struct crypto_template crypto_gcm_tmpls[] = { diff --git a/crypto/geniv.c b/crypto/geniv.c index dbcc640274cd..6a90c52d49ad 100644 --- a/crypto/geniv.c +++ b/crypto/geniv.c @@ -41,7 +41,6 @@ static void aead_geniv_free(struct aead_instance *inst) struct aead_instance *aead_geniv_alloc(struct crypto_template *tmpl, struct rtattr **tb, u32 type, u32 mask) { - const char *name; struct crypto_aead_spawn *spawn; struct crypto_attr_type *algt; struct aead_instance *inst; @@ -57,10 +56,6 @@ struct aead_instance *aead_geniv_alloc(struct crypto_template *tmpl, if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & algt->mask) return ERR_PTR(-EINVAL); - name = crypto_attr_alg_name(tb[1]); - if (IS_ERR(name)) - return ERR_CAST(name); - inst = kzalloc(sizeof(*inst) + sizeof(*spawn), GFP_KERNEL); if (!inst) return ERR_PTR(-ENOMEM); @@ -71,7 +66,7 @@ struct aead_instance *aead_geniv_alloc(struct crypto_template *tmpl, mask |= crypto_requires_sync(algt->type, algt->mask); err = crypto_grab_aead(spawn, aead_crypto_instance(inst), - name, type, mask); + crypto_attr_alg_name(tb[1]), type, mask); if (err) goto err_free_inst; @@ -82,17 +77,17 @@ struct aead_instance *aead_geniv_alloc(struct crypto_template *tmpl, err = -EINVAL; if (ivsize < sizeof(u64)) - goto err_drop_alg; + goto err_free_inst; err = -ENAMETOOLONG; if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, "%s(%s)", tmpl->name, alg->base.cra_name) >= CRYPTO_MAX_ALG_NAME) - goto err_drop_alg; + goto err_free_inst; if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s(%s)", tmpl->name, alg->base.cra_driver_name) >= CRYPTO_MAX_ALG_NAME) - goto err_drop_alg; + goto err_free_inst; inst->alg.base.cra_flags = alg->base.cra_flags & CRYPTO_ALG_ASYNC; inst->alg.base.cra_priority = alg->base.cra_priority; @@ -111,10 +106,8 @@ struct aead_instance *aead_geniv_alloc(struct crypto_template *tmpl, out: return inst; -err_drop_alg: - crypto_drop_aead(spawn); err_free_inst: - kfree(inst); + aead_geniv_free(inst); inst = ERR_PTR(err); goto out; } diff --git a/crypto/lrw.c b/crypto/lrw.c index 63c485c0d8a6..376d7ed3f1f8 100644 --- a/crypto/lrw.c +++ b/crypto/lrw.c @@ -343,15 +343,15 @@ static int create(struct crypto_template *tmpl, struct rtattr **tb) err = -EINVAL; if (alg->base.cra_blocksize != LRW_BLOCK_SIZE) - goto err_drop_spawn; + goto err_free_inst; if (crypto_skcipher_alg_ivsize(alg)) - goto err_drop_spawn; + goto err_free_inst; err = crypto_inst_setname(skcipher_crypto_instance(inst), "lrw", &alg->base); if (err) - goto err_drop_spawn; + goto err_free_inst; err = -EINVAL; cipher_name = alg->base.cra_name; @@ -364,20 +364,20 @@ static int create(struct crypto_template *tmpl, struct rtattr **tb) len = strlcpy(ecb_name, cipher_name + 4, sizeof(ecb_name)); if (len < 2 || len >= sizeof(ecb_name)) - goto err_drop_spawn; + goto err_free_inst; if (ecb_name[len - 1] != ')') - goto err_drop_spawn; + goto err_free_inst; ecb_name[len - 1] = 0; if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, "lrw(%s)", ecb_name) >= CRYPTO_MAX_ALG_NAME) { err = -ENAMETOOLONG; - goto err_drop_spawn; + goto err_free_inst; } } else - goto err_drop_spawn; + goto err_free_inst; inst->alg.base.cra_flags = alg->base.cra_flags & CRYPTO_ALG_ASYNC; inst->alg.base.cra_priority = alg->base.cra_priority; @@ -403,17 +403,11 @@ static int create(struct crypto_template *tmpl, struct rtattr **tb) inst->free = free; err = skcipher_register_instance(tmpl, inst); - if (err) - goto err_drop_spawn; - -out: - return err; - -err_drop_spawn: - crypto_drop_skcipher(spawn); + if (err) { err_free_inst: - kfree(inst); - goto out; + free(inst); + } + return err; } static struct crypto_template crypto_tmpl = { diff --git a/crypto/md5.c b/crypto/md5.c index 22dc60bc0437..72c0c46fb5ee 100644 --- a/crypto/md5.c +++ b/crypto/md5.c @@ -23,9 +23,6 @@ #include <linux/types.h> #include <asm/byteorder.h> -#define MD5_DIGEST_WORDS 4 -#define MD5_MESSAGE_BYTES 64 - const u8 md5_zero_message_hash[MD5_DIGEST_SIZE] = { 0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04, 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e, diff --git a/crypto/pcrypt.c b/crypto/pcrypt.c index 1b632139a8c1..8bddc65cd509 100644 --- a/crypto/pcrypt.c +++ b/crypto/pcrypt.c @@ -232,17 +232,12 @@ static int pcrypt_create_aead(struct crypto_template *tmpl, struct rtattr **tb, struct crypto_attr_type *algt; struct aead_instance *inst; struct aead_alg *alg; - const char *name; int err; algt = crypto_get_attr_type(tb); if (IS_ERR(algt)) return PTR_ERR(algt); - name = crypto_attr_alg_name(tb[1]); - if (IS_ERR(name)) - return PTR_ERR(name); - inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL); if (!inst) return -ENOMEM; @@ -252,21 +247,21 @@ static int pcrypt_create_aead(struct crypto_template *tmpl, struct rtattr **tb, ctx = aead_instance_ctx(inst); ctx->psenc = padata_alloc_shell(pencrypt); if (!ctx->psenc) - goto out_free_inst; + goto err_free_inst; ctx->psdec = padata_alloc_shell(pdecrypt); if (!ctx->psdec) - goto out_free_psenc; + goto err_free_inst; err = crypto_grab_aead(&ctx->spawn, aead_crypto_instance(inst), - name, 0, 0); + crypto_attr_alg_name(tb[1]), 0, 0); if (err) - goto out_free_psdec; + goto err_free_inst; alg = crypto_spawn_aead_alg(&ctx->spawn); err = pcrypt_init_instance(aead_crypto_instance(inst), &alg->base); if (err) - goto out_drop_aead; + goto err_free_inst; inst->alg.base.cra_flags = CRYPTO_ALG_ASYNC; @@ -286,21 +281,11 @@ static int pcrypt_create_aead(struct crypto_template *tmpl, struct rtattr **tb, inst->free = pcrypt_free; err = aead_register_instance(tmpl, inst); - if (err) - goto out_drop_aead; - -out: + if (err) { +err_free_inst: + pcrypt_free(inst); + } return err; - -out_drop_aead: - crypto_drop_aead(&ctx->spawn); -out_free_psdec: - padata_free_shell(ctx->psdec); -out_free_psenc: - padata_free_shell(ctx->psenc); -out_free_inst: - kfree(inst); - goto out; } static int pcrypt_create(struct crypto_template *tmpl, struct rtattr **tb) diff --git a/crypto/proc.c b/crypto/proc.c index 7b91557adccb..08d8c2bc7e62 100644 --- a/crypto/proc.c +++ b/crypto/proc.c @@ -60,7 +60,7 @@ static int c_show(struct seq_file *m, void *p) goto out; } - switch (alg->cra_flags & (CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_LARVAL)) { + switch (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) { case CRYPTO_ALG_TYPE_CIPHER: seq_printf(m, "type : cipher\n"); seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); diff --git a/crypto/rng.c b/crypto/rng.c index 1e21231f71c9..1490d210f1a1 100644 --- a/crypto/rng.c +++ b/crypto/rng.c @@ -37,12 +37,16 @@ int crypto_rng_reset(struct crypto_rng *tfm, const u8 *seed, unsigned int slen) crypto_stats_get(alg); if (!seed && slen) { buf = kmalloc(slen, GFP_KERNEL); - if (!buf) + if (!buf) { + crypto_alg_put(alg); return -ENOMEM; + } err = get_random_bytes_wait(buf, slen); - if (err) + if (err) { + crypto_alg_put(alg); goto out; + } seed = buf; } diff --git a/crypto/rsa-pkcs1pad.c b/crypto/rsa-pkcs1pad.c index 176b63afec8d..d31031de51bc 100644 --- a/crypto/rsa-pkcs1pad.c +++ b/crypto/rsa-pkcs1pad.c @@ -596,14 +596,11 @@ static void pkcs1pad_free(struct akcipher_instance *inst) static int pkcs1pad_create(struct crypto_template *tmpl, struct rtattr **tb) { - const struct rsa_asn1_template *digest_info; struct crypto_attr_type *algt; u32 mask; struct akcipher_instance *inst; struct pkcs1pad_inst_ctx *ctx; - struct crypto_akcipher_spawn *spawn; struct akcipher_alg *rsa_alg; - const char *rsa_alg_name; const char *hash_name; int err; @@ -616,60 +613,49 @@ static int pkcs1pad_create(struct crypto_template *tmpl, struct rtattr **tb) mask = crypto_requires_sync(algt->type, algt->mask); - rsa_alg_name = crypto_attr_alg_name(tb[1]); - if (IS_ERR(rsa_alg_name)) - return PTR_ERR(rsa_alg_name); - - hash_name = crypto_attr_alg_name(tb[2]); - if (IS_ERR(hash_name)) - hash_name = NULL; - - if (hash_name) { - digest_info = rsa_lookup_asn1(hash_name); - if (!digest_info) - return -EINVAL; - } else - digest_info = NULL; - inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL); if (!inst) return -ENOMEM; ctx = akcipher_instance_ctx(inst); - spawn = &ctx->spawn; - ctx->digest_info = digest_info; - err = crypto_grab_akcipher(spawn, akcipher_crypto_instance(inst), - rsa_alg_name, 0, mask); + err = crypto_grab_akcipher(&ctx->spawn, akcipher_crypto_instance(inst), + crypto_attr_alg_name(tb[1]), 0, mask); if (err) - goto out_free_inst; + goto err_free_inst; - rsa_alg = crypto_spawn_akcipher_alg(spawn); + rsa_alg = crypto_spawn_akcipher_alg(&ctx->spawn); err = -ENAMETOOLONG; - - if (!hash_name) { + hash_name = crypto_attr_alg_name(tb[2]); + if (IS_ERR(hash_name)) { if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, "pkcs1pad(%s)", rsa_alg->base.cra_name) >= CRYPTO_MAX_ALG_NAME) - goto out_drop_alg; + goto err_free_inst; if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME, "pkcs1pad(%s)", rsa_alg->base.cra_driver_name) >= CRYPTO_MAX_ALG_NAME) - goto out_drop_alg; + goto err_free_inst; } else { + ctx->digest_info = rsa_lookup_asn1(hash_name); + if (!ctx->digest_info) { + err = -EINVAL; + goto err_free_inst; + } + if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, "pkcs1pad(%s,%s)", rsa_alg->base.cra_name, hash_name) >= CRYPTO_MAX_ALG_NAME) - goto out_drop_alg; + goto err_free_inst; if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME, "pkcs1pad(%s,%s)", rsa_alg->base.cra_driver_name, hash_name) >= CRYPTO_MAX_ALG_NAME) - goto out_drop_alg; + goto err_free_inst; } inst->alg.base.cra_flags = rsa_alg->base.cra_flags & CRYPTO_ALG_ASYNC; @@ -691,15 +677,10 @@ static int pkcs1pad_create(struct crypto_template *tmpl, struct rtattr **tb) inst->free = pkcs1pad_free; err = akcipher_register_instance(tmpl, inst); - if (err) - goto out_drop_alg; - - return 0; - -out_drop_alg: - crypto_drop_akcipher(spawn); -out_free_inst: - kfree(inst); + if (err) { +err_free_inst: + pkcs1pad_free(inst); + } return err; } diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c index f42f486e90e8..ba0b7702f2e9 100644 --- a/crypto/tcrypt.c +++ b/crypto/tcrypt.c @@ -1514,8 +1514,8 @@ static void test_skcipher_speed(const char *algo, int enc, unsigned int secs, return; } - pr_info("\ntesting speed of async %s (%s) %s\n", algo, - get_driver_name(crypto_skcipher, tfm), e); + pr_info("\ntesting speed of %s %s (%s) %s\n", async ? "async" : "sync", + algo, get_driver_name(crypto_skcipher, tfm), e); req = skcipher_request_alloc(tfm, GFP_KERNEL); if (!req) { diff --git a/crypto/testmgr.c b/crypto/testmgr.c index ccb3d60729fc..6863f911fcee 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -91,10 +91,11 @@ struct aead_test_suite { unsigned int einval_allowed : 1; /* - * Set if the algorithm intentionally ignores the last 8 bytes of the - * AAD buffer during decryption. + * Set if this algorithm requires that the IV be located at the end of + * the AAD buffer, in addition to being given in the normal way. The + * behavior when the two IV copies differ is implementation-defined. */ - unsigned int esp_aad : 1; + unsigned int aad_iv : 1; }; struct cipher_test_suite { @@ -2167,9 +2168,10 @@ struct aead_extra_tests_ctx { * here means the full ciphertext including the authentication tag. The * authentication tag (and hence also the ciphertext) is assumed to be nonempty. */ -static void mutate_aead_message(struct aead_testvec *vec, bool esp_aad) +static void mutate_aead_message(struct aead_testvec *vec, bool aad_iv, + unsigned int ivsize) { - const unsigned int aad_tail_size = esp_aad ? 8 : 0; + const unsigned int aad_tail_size = aad_iv ? ivsize : 0; const unsigned int authsize = vec->clen - vec->plen; if (prandom_u32() % 2 == 0 && vec->alen > aad_tail_size) { @@ -2207,6 +2209,9 @@ static void generate_aead_message(struct aead_request *req, /* Generate the AAD. */ generate_random_bytes((u8 *)vec->assoc, vec->alen); + if (suite->aad_iv && vec->alen >= ivsize) + /* Avoid implementation-defined behavior. */ + memcpy((u8 *)vec->assoc + vec->alen - ivsize, vec->iv, ivsize); if (inauthentic && prandom_u32() % 2 == 0) { /* Generate a random ciphertext. */ @@ -2242,7 +2247,7 @@ static void generate_aead_message(struct aead_request *req, * Mutate the authentic (ciphertext, AAD) pair to get an * inauthentic one. */ - mutate_aead_message(vec, suite->esp_aad); + mutate_aead_message(vec, suite->aad_iv, ivsize); } vec->novrfy = 1; if (suite->einval_allowed) @@ -2507,11 +2512,11 @@ static int test_aead_extra(const char *driver, goto out; } - err = test_aead_inauthentic_inputs(ctx); + err = test_aead_vs_generic_impl(ctx); if (err) goto out; - err = test_aead_vs_generic_impl(ctx); + err = test_aead_inauthentic_inputs(ctx); out: kfree(ctx->vec.key); kfree(ctx->vec.iv); @@ -5229,7 +5234,7 @@ static const struct alg_test_desc alg_test_descs[] = { .aead = { ____VECS(aes_gcm_rfc4106_tv_template), .einval_allowed = 1, - .esp_aad = 1, + .aad_iv = 1, } } }, { @@ -5241,7 +5246,7 @@ static const struct alg_test_desc alg_test_descs[] = { .aead = { ____VECS(aes_ccm_rfc4309_tv_template), .einval_allowed = 1, - .esp_aad = 1, + .aad_iv = 1, } } }, { @@ -5252,6 +5257,7 @@ static const struct alg_test_desc alg_test_descs[] = { .aead = { ____VECS(aes_gcm_rfc4543_tv_template), .einval_allowed = 1, + .aad_iv = 1, } } }, { @@ -5267,7 +5273,7 @@ static const struct alg_test_desc alg_test_descs[] = { .aead = { ____VECS(rfc7539esp_tv_template), .einval_allowed = 1, - .esp_aad = 1, + .aad_iv = 1, } } }, { diff --git a/crypto/xts.c b/crypto/xts.c index 29efa15f1495..dbdd8af629e6 100644 --- a/crypto/xts.c +++ b/crypto/xts.c @@ -379,15 +379,15 @@ static int create(struct crypto_template *tmpl, struct rtattr **tb) err = -EINVAL; if (alg->base.cra_blocksize != XTS_BLOCK_SIZE) - goto err_drop_spawn; + goto err_free_inst; if (crypto_skcipher_alg_ivsize(alg)) - goto err_drop_spawn; + goto err_free_inst; err = crypto_inst_setname(skcipher_crypto_instance(inst), "xts", &alg->base); if (err) - goto err_drop_spawn; + goto err_free_inst; err = -EINVAL; cipher_name = alg->base.cra_name; @@ -400,20 +400,20 @@ static int create(struct crypto_template *tmpl, struct rtattr **tb) len = strlcpy(ctx->name, cipher_name + 4, sizeof(ctx->name)); if (len < 2 || len >= sizeof(ctx->name)) - goto err_drop_spawn; + goto err_free_inst; if (ctx->name[len - 1] != ')') - goto err_drop_spawn; + goto err_free_inst; ctx->name[len - 1] = 0; if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME, "xts(%s)", ctx->name) >= CRYPTO_MAX_ALG_NAME) { err = -ENAMETOOLONG; - goto err_drop_spawn; + goto err_free_inst; } } else - goto err_drop_spawn; + goto err_free_inst; inst->alg.base.cra_flags = alg->base.cra_flags & CRYPTO_ALG_ASYNC; inst->alg.base.cra_priority = alg->base.cra_priority; @@ -437,17 +437,11 @@ static int create(struct crypto_template *tmpl, struct rtattr **tb) inst->free = free; err = skcipher_register_instance(tmpl, inst); - if (err) - goto err_drop_spawn; - -out: - return err; - -err_drop_spawn: - crypto_drop_skcipher(&ctx->spawn); + if (err) { err_free_inst: - kfree(inst); - goto out; + free(inst); + } + return err; } static struct crypto_template crypto_tmpl = { |