mbox series

[v4,0/7] crypto: rc4 cleanup

Message ID 20190611230938.19265-1-ard.biesheuvel@linaro.org
Headers show
Series crypto: rc4 cleanup | expand

Message

Ard Biesheuvel June 11, 2019, 11:09 p.m. UTC
This is a follow-up to, and supersedes [0], which moved some WEP code from
the cipher to the skcipher interface, in order to reduce the use of the bare
cipher interface in non-crypto subsystem code.

Since using the skcipher interface to invoke the generic C implementation of
an algorithm that is known at compile time is rather pointless, this series
moves those users to a new arc4 library interface instead, which is based on
the existing code.

Along the way, the arc4 cipher implementation is removed entirely, and only
the ecb(arc4) code is preserved, which is used in a number of places in the
kernel, and is known to be used by at least 'iwd' from user space via the
algif_skcipher API.

Changes sinve v3:
- fix some remaining occurrences where a tfm non-NULL test should be replaced
  with a fips_enabled test
- use kzfree() or memzero_explicit() to clear the arc4 ctx where appropriate
- clean up the function naming of the crypto arc4 driver when removing the
  cipher part
- remove .h declaration of a function that is being removed
- revert a prior CIFS change that moved a variable from the stack to the heap,
  which is no longer necessary
- remove arc4 softdep from the cifs code

Changes since v2:
- drop the crypto_ prefix from the arc4 library functions and types
- rename the source file to arc4.c but keep the lib prefix for the actual
  module to prevent a clash with the crypto API driver
- preserve the existing behavior wrt the fips_enabled flag, which prevents
  any use of ARC4 (note that the fips_enabled flag evaluates to 'false' at
  compile time for kernels that lack the feature, so with these patches, we
  get rid of most of the runtime logic regarding FIPS for builds that don't
  have it enabled)

[0] https://lore.kernel.org/linux-crypto/20190607144944.13485-1-ard.biesheuvel@linaro.org/

Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: Eric Biggers <ebiggers@google.com>
Cc: Johannes Berg <johannes@sipsolutions.net>

Ard Biesheuvel (7):
  crypto: arc4 - refactor arc4 core code into separate library
  net/mac80211: move WEP handling to ARC4 library interface
  net/lib80211: move WEP handling to ARC4 library code
  net/lib80211: move TKIP handling to ARC4 library code
  crypto: arc4 - remove cipher implementation
  ppp: mppe: switch to RC4 library interface
  fs: cifs: switch to RC4 library interface

 MAINTAINERS                        |   1 +
 crypto/Kconfig                     |   4 +
 crypto/arc4.c                      | 116 ++------------------
 drivers/net/ppp/Kconfig            |   3 +-
 drivers/net/ppp/ppp_mppe.c         |  97 +++-------------
 fs/cifs/Kconfig                    |   2 +-
 fs/cifs/cifsencrypt.c              |  62 +++--------
 fs/cifs/cifsfs.c                   |   1 -
 include/crypto/arc4.h              |  10 ++
 lib/Makefile                       |   2 +-
 lib/crypto/Makefile                |   4 +
 lib/crypto/arc4.c                  |  72 ++++++++++++
 net/mac80211/Kconfig               |   2 +-
 net/mac80211/cfg.c                 |   4 +-
 net/mac80211/ieee80211_i.h         |   4 +-
 net/mac80211/key.h                 |   1 +
 net/mac80211/main.c                |   6 +-
 net/mac80211/mlme.c                |   3 +-
 net/mac80211/tkip.c                |   8 +-
 net/mac80211/tkip.h                |   4 +-
 net/mac80211/wep.c                 |  49 ++-------
 net/mac80211/wep.h                 |   5 +-
 net/mac80211/wpa.c                 |   4 +-
 net/wireless/Kconfig               |   1 +
 net/wireless/lib80211_crypt_tkip.c |  48 +++-----
 net/wireless/lib80211_crypt_wep.c  |  51 +++------
 26 files changed, 195 insertions(+), 369 deletions(-)
 create mode 100644 lib/crypto/Makefile
 create mode 100644 lib/crypto/arc4.c

-- 
2.20.1