diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2023-11-03 03:15:30 +0100 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2023-11-03 03:15:30 +0100 |
commit | bc3012f4e3a9765de81f454cb8f9bb16aafc6ff5 (patch) | |
tree | 2c127c669218b8c74c843331e455372f88a6a848 /tools/crypto/ccp | |
parent | Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm (diff) | |
parent | crypto: adiantum - flush destination page before unmapping (diff) | |
download | linux-bc3012f4e3a9765de81f454cb8f9bb16aafc6ff5.tar.xz linux-bc3012f4e3a9765de81f454cb8f9bb16aafc6ff5.zip |
Merge tag 'v6.7-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
Pull crypto updates from Herbert Xu:
"API:
- Add virtual-address based lskcipher interface
- Optimise ahash/shash performance in light of costly indirect calls
- Remove ahash alignmask attribute
Algorithms:
- Improve AES/XTS performance of 6-way unrolling for ppc
- Remove some uses of obsolete algorithms (md4, md5, sha1)
- Add FIPS 202 SHA-3 support in pkcs1pad
- Add fast path for single-page messages in adiantum
- Remove zlib-deflate
Drivers:
- Add support for S4 in meson RNG driver
- Add STM32MP13x support in stm32
- Add hwrng interface support in qcom-rng
- Add support for deflate algorithm in hisilicon/zip"
* tag 'v6.7-p1' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (283 commits)
crypto: adiantum - flush destination page before unmapping
crypto: testmgr - move pkcs1pad(rsa,sha3-*) to correct place
Documentation/module-signing.txt: bring up to date
module: enable automatic module signing with FIPS 202 SHA-3
crypto: asymmetric_keys - allow FIPS 202 SHA-3 signatures
crypto: rsa-pkcs1pad - Add FIPS 202 SHA-3 support
crypto: FIPS 202 SHA-3 register in hash info for IMA
x509: Add OIDs for FIPS 202 SHA-3 hash and signatures
crypto: ahash - optimize performance when wrapping shash
crypto: ahash - check for shash type instead of not ahash type
crypto: hash - move "ahash wrapping shash" functions to ahash.c
crypto: talitos - stop using crypto_ahash::init
crypto: chelsio - stop using crypto_ahash::init
crypto: ahash - improve file comment
crypto: ahash - remove struct ahash_request_priv
crypto: ahash - remove crypto_ahash_alignmask
crypto: gcm - stop using alignmask of ahash
crypto: chacha20poly1305 - stop using alignmask of ahash
crypto: ccm - stop using alignmask of ahash
net: ipv6: stop checking crypto_ahash_alignmask
...
Diffstat (limited to 'tools/crypto/ccp')
-rw-r--r-- | tools/crypto/ccp/dbc.c | 17 | ||||
-rw-r--r-- | tools/crypto/ccp/dbc.py | 8 | ||||
-rwxr-xr-x | tools/crypto/ccp/test_dbc.py | 45 |
3 files changed, 40 insertions, 30 deletions
diff --git a/tools/crypto/ccp/dbc.c b/tools/crypto/ccp/dbc.c index 37e813175642..a807df0f0597 100644 --- a/tools/crypto/ccp/dbc.c +++ b/tools/crypto/ccp/dbc.c @@ -8,6 +8,7 @@ */ #include <assert.h> +#include <errno.h> #include <string.h> #include <sys/ioctl.h> @@ -22,16 +23,14 @@ int get_nonce(int fd, void *nonce_out, void *signature) struct dbc_user_nonce tmp = { .auth_needed = !!signature, }; - int ret; assert(nonce_out); if (signature) memcpy(tmp.signature, signature, sizeof(tmp.signature)); - ret = ioctl(fd, DBCIOCNONCE, &tmp); - if (ret) - return ret; + if (ioctl(fd, DBCIOCNONCE, &tmp)) + return errno; memcpy(nonce_out, tmp.nonce, sizeof(tmp.nonce)); return 0; @@ -47,7 +46,9 @@ int set_uid(int fd, __u8 *uid, __u8 *signature) memcpy(tmp.uid, uid, sizeof(tmp.uid)); memcpy(tmp.signature, signature, sizeof(tmp.signature)); - return ioctl(fd, DBCIOCUID, &tmp); + if (ioctl(fd, DBCIOCUID, &tmp)) + return errno; + return 0; } int process_param(int fd, int msg_index, __u8 *signature, int *data) @@ -63,10 +64,10 @@ int process_param(int fd, int msg_index, __u8 *signature, int *data) memcpy(tmp.signature, signature, sizeof(tmp.signature)); - ret = ioctl(fd, DBCIOCPARAM, &tmp); - if (ret) - return ret; + if (ioctl(fd, DBCIOCPARAM, &tmp)) + return errno; *data = tmp.param; + memcpy(signature, tmp.signature, sizeof(tmp.signature)); return 0; } diff --git a/tools/crypto/ccp/dbc.py b/tools/crypto/ccp/dbc.py index 3f6a825ffc9e..2b91415b1940 100644 --- a/tools/crypto/ccp/dbc.py +++ b/tools/crypto/ccp/dbc.py @@ -27,8 +27,7 @@ lib = ctypes.CDLL("./dbc_library.so", mode=ctypes.RTLD_GLOBAL) def handle_error(code): - val = code * -1 - raise OSError(val, os.strerror(val)) + raise OSError(code, os.strerror(code)) def get_nonce(device, signature): @@ -58,7 +57,8 @@ def process_param(device, message, signature, data=None): if type(message) != tuple: raise ValueError("Expected message tuple") arg = ctypes.c_int(data if data else 0) - ret = lib.process_param(device.fileno(), message[0], signature, ctypes.pointer(arg)) + sig = ctypes.create_string_buffer(signature, len(signature)) + ret = lib.process_param(device.fileno(), message[0], ctypes.pointer(sig), ctypes.pointer(arg)) if ret: handle_error(ret) - return arg, signature + return arg.value, sig.value diff --git a/tools/crypto/ccp/test_dbc.py b/tools/crypto/ccp/test_dbc.py index 998bb3e3cd04..79de3638a01a 100755 --- a/tools/crypto/ccp/test_dbc.py +++ b/tools/crypto/ccp/test_dbc.py @@ -4,6 +4,12 @@ import unittest import os import time import glob +import fcntl +try: + import ioctl_opt as ioctl +except ImportError: + ioctl = None + pass from dbc import * # Artificial delay between set commands @@ -27,8 +33,8 @@ def system_is_secured() -> bool: class DynamicBoostControlTest(unittest.TestCase): def __init__(self, data) -> None: self.d = None - self.signature = "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" - self.uid = "1111111111111111" + self.signature = b"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" + self.uid = b"1111111111111111" super().__init__(data) def setUp(self) -> None: @@ -64,13 +70,16 @@ class TestInvalidIoctls(DynamicBoostControlTest): def setUp(self) -> None: if not os.path.exists(DEVICE_NODE): self.skipTest("system is unsupported") + if not ioctl: + self.skipTest("unable to test IOCTLs without ioctl_opt") + return super().setUp() def test_invalid_nonce_ioctl(self) -> None: """tries to call get_nonce ioctl with invalid data structures""" # 0x1 (get nonce), and invalid data - INVALID1 = IOWR(ord("D"), 0x01, invalid_param) + INVALID1 = ioctl.IOWR(ord("D"), 0x01, invalid_param) with self.assertRaises(OSError) as error: fcntl.ioctl(self.d, INVALID1, self.data, True) self.assertEqual(error.exception.errno, 22) @@ -79,7 +88,7 @@ class TestInvalidIoctls(DynamicBoostControlTest): """tries to call set_uid ioctl with invalid data structures""" # 0x2 (set uid), and invalid data - INVALID2 = IOW(ord("D"), 0x02, invalid_param) + INVALID2 = ioctl.IOW(ord("D"), 0x02, invalid_param) with self.assertRaises(OSError) as error: fcntl.ioctl(self.d, INVALID2, self.data, True) self.assertEqual(error.exception.errno, 22) @@ -88,7 +97,7 @@ class TestInvalidIoctls(DynamicBoostControlTest): """tries to call set_uid ioctl with invalid data structures""" # 0x2 as RW (set uid), and invalid data - INVALID3 = IOWR(ord("D"), 0x02, invalid_param) + INVALID3 = ioctl.IOWR(ord("D"), 0x02, invalid_param) with self.assertRaises(OSError) as error: fcntl.ioctl(self.d, INVALID3, self.data, True) self.assertEqual(error.exception.errno, 22) @@ -96,7 +105,7 @@ class TestInvalidIoctls(DynamicBoostControlTest): def test_invalid_param_ioctl(self) -> None: """tries to call param ioctl with invalid data structures""" # 0x3 (param), and invalid data - INVALID4 = IOWR(ord("D"), 0x03, invalid_param) + INVALID4 = ioctl.IOWR(ord("D"), 0x03, invalid_param) with self.assertRaises(OSError) as error: fcntl.ioctl(self.d, INVALID4, self.data, True) self.assertEqual(error.exception.errno, 22) @@ -104,7 +113,7 @@ class TestInvalidIoctls(DynamicBoostControlTest): def test_invalid_call_ioctl(self) -> None: """tries to call the DBC ioctl with invalid data structures""" # 0x4, and invalid data - INVALID5 = IOWR(ord("D"), 0x04, invalid_param) + INVALID5 = ioctl.IOWR(ord("D"), 0x04, invalid_param) with self.assertRaises(OSError) as error: fcntl.ioctl(self.d, INVALID5, self.data, True) self.assertEqual(error.exception.errno, 22) @@ -183,12 +192,12 @@ class TestUnFusedSystem(DynamicBoostControlTest): # SOC power soc_power_max = process_param(self.d, PARAM_GET_SOC_PWR_MAX, self.signature) soc_power_min = process_param(self.d, PARAM_GET_SOC_PWR_MIN, self.signature) - self.assertGreater(soc_power_max.parameter, soc_power_min.parameter) + self.assertGreater(soc_power_max[0], soc_power_min[0]) # fmax fmax_max = process_param(self.d, PARAM_GET_FMAX_MAX, self.signature) fmax_min = process_param(self.d, PARAM_GET_FMAX_MIN, self.signature) - self.assertGreater(fmax_max.parameter, fmax_min.parameter) + self.assertGreater(fmax_max[0], fmax_min[0]) # cap values keys = { @@ -199,7 +208,7 @@ class TestUnFusedSystem(DynamicBoostControlTest): } for k in keys: result = process_param(self.d, keys[k], self.signature) - self.assertGreater(result.parameter, 0) + self.assertGreater(result[0], 0) def test_get_invalid_param(self) -> None: """fetch an invalid parameter""" @@ -217,17 +226,17 @@ class TestUnFusedSystem(DynamicBoostControlTest): original = process_param(self.d, PARAM_GET_FMAX_CAP, self.signature) # set the fmax - target = original.parameter - 100 + target = original[0] - 100 process_param(self.d, PARAM_SET_FMAX_CAP, self.signature, target) time.sleep(SET_DELAY) new = process_param(self.d, PARAM_GET_FMAX_CAP, self.signature) - self.assertEqual(new.parameter, target) + self.assertEqual(new[0], target) # revert back to current - process_param(self.d, PARAM_SET_FMAX_CAP, self.signature, original.parameter) + process_param(self.d, PARAM_SET_FMAX_CAP, self.signature, original[0]) time.sleep(SET_DELAY) cur = process_param(self.d, PARAM_GET_FMAX_CAP, self.signature) - self.assertEqual(cur.parameter, original.parameter) + self.assertEqual(cur[0], original[0]) def test_set_power_cap(self) -> None: """get/set power cap limit""" @@ -235,17 +244,17 @@ class TestUnFusedSystem(DynamicBoostControlTest): original = process_param(self.d, PARAM_GET_PWR_CAP, self.signature) # set the fmax - target = original.parameter - 10 + target = original[0] - 10 process_param(self.d, PARAM_SET_PWR_CAP, self.signature, target) time.sleep(SET_DELAY) new = process_param(self.d, PARAM_GET_PWR_CAP, self.signature) - self.assertEqual(new.parameter, target) + self.assertEqual(new[0], target) # revert back to current - process_param(self.d, PARAM_SET_PWR_CAP, self.signature, original.parameter) + process_param(self.d, PARAM_SET_PWR_CAP, self.signature, original[0]) time.sleep(SET_DELAY) cur = process_param(self.d, PARAM_GET_PWR_CAP, self.signature) - self.assertEqual(cur.parameter, original.parameter) + self.assertEqual(cur[0], original[0]) def test_set_3d_graphics_mode(self) -> None: """set/get 3d graphics mode""" |