From patchwork Sun Jun 9 11:55:03 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166216 Delivered-To: patch@linaro.org Received: by 2002:a92:9e1a:0:0:0:0:0 with SMTP id q26csp2794909ili; Sun, 9 Jun 2019 04:55:18 -0700 (PDT) X-Google-Smtp-Source: APXvYqxtfrcV3UL1HVE5zRgxsigFeS2bZYvqt0mpcuoNrkC/dTWvMuAgmJ1Oj8RwuKXOstD8cWMf X-Received: by 2002:a63:d70b:: with SMTP id d11mr11286961pgg.178.1560081318844; Sun, 09 Jun 2019 04:55:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560081318; cv=none; d=google.com; s=arc-20160816; b=F52jKyGv/c+ANrbF5UzSRaITP5gCELiutnqTukmjF2dJAisGSR+C9iKLFcaMO+4c7g OLaNuDA7Xb3YPswg3M+L0ZQsx0ChJFvx+DyfVKgWoD1AopNTEC1G2x6Ca7RTUphkrHg1 UrWm+8IDQUCmpyG/QkG90761FRzAGSQ9d7dfRV6OeK8CHgrLHrXPTaYCsEVG/dRAFYud nKUfYQSNtMcpy03/U1iFzRAnWek8PACuiZ41nSir3EEYjVwNfiaD9mFYlKks2i/A0MBE Hm43w3yxS4nlLpRTcmYfMIAEs5V6k2fhrM+2V2YvNodcgpIermp6josKKeIpawOXIRFl AjEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=VGIc7WT0Dz8Jie4kHfTOvssLHE5sfm2ocpHIuRMXKd4=; b=qA5Yt/rS3EXxT3JrX7mfyWdqyZlitduOXelJfD15+hnfH4vtK9ABZLgbiKdr2lagFz At4M7mAeCkFVBopA7viqiwQpp9Gkl21MjMO8INzHCluyb7qCZbJqXnulgLdP6d1ZyE1b kiripJIuf4powldgDspp38/JMHjeWfXfy+SqTayPGoZERHxJXuNk1PftY2e3QSUqlz9g MIp8ZY2gzge1O52wo9SRc8q+EHsiIa6A0zk1SNtjCtYEPfOw8TCRzU6oIL0hiZZCQSDd ULbwCI93s6PeRInqEIUzP+ES/BAU0Xl0usJfclRKzHKQxxSRHdpyRpjrOjNIpSraJHH8 jv/A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=JJyggX2S; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f3si7221380pgj.527.2019.06.09.04.55.18; Sun, 09 Jun 2019 04:55:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=JJyggX2S; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728379AbfFILzS (ORCPT + 3 others); Sun, 9 Jun 2019 07:55:18 -0400 Received: from mail-wm1-f66.google.com ([209.85.128.66]:32876 "EHLO mail-wm1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728294AbfFILzR (ORCPT ); Sun, 9 Jun 2019 07:55:17 -0400 Received: by mail-wm1-f66.google.com with SMTP id h19so7102774wme.0 for ; Sun, 09 Jun 2019 04:55:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=VGIc7WT0Dz8Jie4kHfTOvssLHE5sfm2ocpHIuRMXKd4=; b=JJyggX2SeiGxsibPlXLVv3c9R/55U5nFlO9gZxiBlsRraTJLjGvq5W642s3K2YI3r/ r4XeoB6pzQhwh7NoL50eUm7IhBmEBNTMJ5006QWLYSPN8FAXFipv3M9w/oFDSweae7KF Ghjygzv2bpk9TYD0fF/7awiEbFom5y5cWsXbRyZNV1SJ82hIB1Rq7Z6RNC1kVd3vwyR+ 5ZYkuRRWkJc+XplgLpDnjJaWyaI1YMzoXtnWAmb/Pjf8eY2X1yjlTOjS8ziH1/qsF2/R fg9t5ZPGiz7t0bWx/xR9hEBp6bj/trAwtUZ2mdMNiLPfJpJOTZXid/IZX1Ruf7kdg39y rILA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=VGIc7WT0Dz8Jie4kHfTOvssLHE5sfm2ocpHIuRMXKd4=; b=TQNQ0GpLwIm1ph+q0aSRf6220ZtQnwafuYFg8QOG5ahOIOfsHnmMg9kE7bWnoVpiDZ WiLm5+oaqiQEeGL41ZVEDq0+2lf2qpCo8vZmD1P9ZHHW0d0X8WY98VGOmxqtfznOk1hC pD8GV0r3xqfeDdWsM7v/n5UYNN6LoBha+pW7iOoUmlErQJ15mcGe8Cewgr2TwEKY9cUZ /Zk2fsAzNGkk6AOjrlgypsaq588hCRndoI/fWsHSVPeErBm0okfKitixZp8hW2fUjnay O2Zi/HyzGMOXT8grPzKmJ1d8/NHB93zL5K3V1DBdlZHhC15l5JlJHcUodoSveGJiHkHI JC0g== X-Gm-Message-State: APjAAAULemZVJqr1jYZTsODm6Husqz06G4N6e3DS+dlrLfkuvuesACNB vd3676afL8tOXru574ln5lK1DXSjVA14ng== X-Received: by 2002:a05:600c:21c6:: with SMTP id x6mr10033450wmj.102.1560081314173; Sun, 09 Jun 2019 04:55:14 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:5129:23cd:5870:89d4]) by smtp.gmail.com with ESMTPSA id r5sm14954317wrg.10.2019.06.09.04.55.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 09 Jun 2019 04:55:13 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers Subject: [PATCH v2 1/7] crypto: arc4 - refactor arc4 core code into separate library Date: Sun, 9 Jun 2019 13:55:03 +0200 Message-Id: <20190609115509.26260-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190609115509.26260-1-ard.biesheuvel@linaro.org> References: <20190609115509.26260-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Refactor the core rc4 handling so we can move most users to a library interface, permitting us to drop the cipher interface entirely in a future patch. This is part of an effort to simplify the crypto API and improve its robustness against incorrect use. Signed-off-by: Ard Biesheuvel --- MAINTAINERS | 1 + crypto/Kconfig | 4 ++ crypto/arc4.c | 74 +++----------------- include/crypto/arc4.h | 13 ++++ lib/Makefile | 2 +- lib/crypto/Makefile | 3 + lib/crypto/libarc4.c | 74 ++++++++++++++++++++ 7 files changed, 104 insertions(+), 67 deletions(-) -- 2.20.1 diff --git a/MAINTAINERS b/MAINTAINERS index 57f496cff999..112f21066141 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -4241,6 +4241,7 @@ F: crypto/ F: drivers/crypto/ F: include/crypto/ F: include/linux/crypto* +F: lib/crypto/ CRYPTOGRAPHIC RANDOM NUMBER GENERATOR M: Neil Horman diff --git a/crypto/Kconfig b/crypto/Kconfig index 3d056e7da65f..310e2a5de59d 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -1230,9 +1230,13 @@ config CRYPTO_ANUBIS +config CRYPTO_LIB_ARC4 + bool + config CRYPTO_ARC4 tristate "ARC4 cipher algorithm" select CRYPTO_BLKCIPHER + select CRYPTO_LIB_ARC4 help ARC4 cipher algorithm. diff --git a/crypto/arc4.c b/crypto/arc4.c index a2120e06bf84..7f80623aa66a 100644 --- a/crypto/arc4.c +++ b/crypto/arc4.c @@ -13,33 +13,12 @@ #include #include -struct arc4_ctx { - u32 S[256]; - u32 x, y; -}; - static int arc4_set_key(struct crypto_tfm *tfm, const u8 *in_key, unsigned int key_len) { - struct arc4_ctx *ctx = crypto_tfm_ctx(tfm); - int i, j = 0, k = 0; - - ctx->x = 1; - ctx->y = 0; - - for (i = 0; i < 256; i++) - ctx->S[i] = i; - - for (i = 0; i < 256; i++) { - u32 a = ctx->S[i]; - j = (j + in_key[k] + a) & 0xff; - ctx->S[i] = ctx->S[j]; - ctx->S[j] = a; - if (++k >= key_len) - k = 0; - } + struct crypto_arc4_ctx *ctx = crypto_tfm_ctx(tfm); - return 0; + return crypto_arc4_set_key(ctx, in_key, key_len); } static int arc4_set_key_skcipher(struct crypto_skcipher *tfm, const u8 *in_key, @@ -48,60 +27,23 @@ static int arc4_set_key_skcipher(struct crypto_skcipher *tfm, const u8 *in_key, return arc4_set_key(&tfm->base, in_key, key_len); } -static void arc4_crypt(struct arc4_ctx *ctx, u8 *out, const u8 *in, - unsigned int len) -{ - u32 *const S = ctx->S; - u32 x, y, a, b; - u32 ty, ta, tb; - - if (len == 0) - return; - - x = ctx->x; - y = ctx->y; - - a = S[x]; - y = (y + a) & 0xff; - b = S[y]; - - do { - S[y] = a; - a = (a + b) & 0xff; - S[x] = b; - x = (x + 1) & 0xff; - ta = S[x]; - ty = (y + ta) & 0xff; - tb = S[ty]; - *out++ = *in++ ^ S[a]; - if (--len == 0) - break; - y = ty; - a = ta; - b = tb; - } while (true); - - ctx->x = x; - ctx->y = y; -} - static void arc4_crypt_one(struct crypto_tfm *tfm, u8 *out, const u8 *in) { - arc4_crypt(crypto_tfm_ctx(tfm), out, in, 1); + crypto_arc4_crypt(crypto_tfm_ctx(tfm), out, in, 1); } static int ecb_arc4_crypt(struct skcipher_request *req) { struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); - struct arc4_ctx *ctx = crypto_skcipher_ctx(tfm); + struct crypto_arc4_ctx *ctx = crypto_skcipher_ctx(tfm); struct skcipher_walk walk; int err; err = skcipher_walk_virt(&walk, req, false); while (walk.nbytes > 0) { - arc4_crypt(ctx, walk.dst.virt.addr, walk.src.virt.addr, - walk.nbytes); + crypto_arc4_crypt(ctx, walk.dst.virt.addr, walk.src.virt.addr, + walk.nbytes); err = skcipher_walk_done(&walk, 0); } @@ -112,7 +54,7 @@ static struct crypto_alg arc4_cipher = { .cra_name = "arc4", .cra_flags = CRYPTO_ALG_TYPE_CIPHER, .cra_blocksize = ARC4_BLOCK_SIZE, - .cra_ctxsize = sizeof(struct arc4_ctx), + .cra_ctxsize = sizeof(struct crypto_arc4_ctx), .cra_module = THIS_MODULE, .cra_u = { .cipher = { @@ -129,7 +71,7 @@ static struct skcipher_alg arc4_skcipher = { .base.cra_name = "ecb(arc4)", .base.cra_priority = 100, .base.cra_blocksize = ARC4_BLOCK_SIZE, - .base.cra_ctxsize = sizeof(struct arc4_ctx), + .base.cra_ctxsize = sizeof(struct crypto_arc4_ctx), .base.cra_module = THIS_MODULE, .min_keysize = ARC4_MIN_KEY_SIZE, .max_keysize = ARC4_MAX_KEY_SIZE, diff --git a/include/crypto/arc4.h b/include/crypto/arc4.h index 5b2c24ab0139..62ac95ec6860 100644 --- a/include/crypto/arc4.h +++ b/include/crypto/arc4.h @@ -6,8 +6,21 @@ #ifndef _CRYPTO_ARC4_H #define _CRYPTO_ARC4_H +#include + #define ARC4_MIN_KEY_SIZE 1 #define ARC4_MAX_KEY_SIZE 256 #define ARC4_BLOCK_SIZE 1 +struct crypto_arc4_ctx { + u32 S[256]; + u32 x, y; +}; + +int crypto_arc4_set_key(struct crypto_arc4_ctx *ctx, const u8 *in_key, + unsigned int key_len); + +void crypto_arc4_crypt(struct crypto_arc4_ctx *ctx, u8 *out, const u8 *in, + unsigned int len); + #endif /* _CRYPTO_ARC4_H */ diff --git a/lib/Makefile b/lib/Makefile index fb7697031a79..d3daedf93c5a 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -102,7 +102,7 @@ endif obj-$(CONFIG_DEBUG_INFO_REDUCED) += debug_info.o CFLAGS_debug_info.o += $(call cc-option, -femit-struct-debug-detailed=any) -obj-y += math/ +obj-y += math/ crypto/ obj-$(CONFIG_GENERIC_IOMAP) += iomap.o obj-$(CONFIG_GENERIC_PCI_IOMAP) += pci_iomap.o diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile new file mode 100644 index 000000000000..e375d150a547 --- /dev/null +++ b/lib/crypto/Makefile @@ -0,0 +1,3 @@ +# SPDX-License-Identifier: GPL-2.0 + +obj-$(CONFIG_CRYPTO_LIB_ARC4) += libarc4.o diff --git a/lib/crypto/libarc4.c b/lib/crypto/libarc4.c new file mode 100644 index 000000000000..b828af2cc03b --- /dev/null +++ b/lib/crypto/libarc4.c @@ -0,0 +1,74 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Cryptographic API + * + * ARC4 Cipher Algorithm + * + * Jon Oberheide + */ + +#include +#include + +int crypto_arc4_set_key(struct crypto_arc4_ctx *ctx, const u8 *in_key, + unsigned int key_len) +{ + int i, j = 0, k = 0; + + ctx->x = 1; + ctx->y = 0; + + for (i = 0; i < 256; i++) + ctx->S[i] = i; + + for (i = 0; i < 256; i++) { + u32 a = ctx->S[i]; + + j = (j + in_key[k] + a) & 0xff; + ctx->S[i] = ctx->S[j]; + ctx->S[j] = a; + if (++k >= key_len) + k = 0; + } + + return 0; +} +EXPORT_SYMBOL(crypto_arc4_set_key); + +void crypto_arc4_crypt(struct crypto_arc4_ctx *ctx, u8 *out, const u8 *in, + unsigned int len) +{ + u32 *const S = ctx->S; + u32 x, y, a, b; + u32 ty, ta, tb; + + if (len == 0) + return; + + x = ctx->x; + y = ctx->y; + + a = S[x]; + y = (y + a) & 0xff; + b = S[y]; + + do { + S[y] = a; + a = (a + b) & 0xff; + S[x] = b; + x = (x + 1) & 0xff; + ta = S[x]; + ty = (y + ta) & 0xff; + tb = S[ty]; + *out++ = *in++ ^ S[a]; + if (--len == 0) + break; + y = ty; + a = ta; + b = tb; + } while (true); + + ctx->x = x; + ctx->y = y; +} +EXPORT_SYMBOL(crypto_arc4_crypt); From patchwork Sun Jun 9 11:55:04 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166217 Delivered-To: patch@linaro.org Received: by 2002:a92:9e1a:0:0:0:0:0 with SMTP id q26csp2794946ili; Sun, 9 Jun 2019 04:55:21 -0700 (PDT) X-Google-Smtp-Source: APXvYqzitTS8C/wv8pD9seXWwuZxlhlWkDpJyIQAHzrdTyJ8shjhGwWbugz5YJeNJGUSqpauWN9O X-Received: by 2002:a17:90a:20c4:: with SMTP id f62mr15679874pjg.16.1560081321153; Sun, 09 Jun 2019 04:55:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560081321; cv=none; d=google.com; s=arc-20160816; b=eMWeqDR35WHGI3Y7Bt5oG25/gFJkJEL0iKcn6cVACVbj5CetTy/6h71keW3vDqqN6e 74nyQrkZ8aiWsNNkDpurCje6qYElWES/IF+2ma5JEC70pmHe5urwv0bfHg9QMM494hvz qgUWi1IMbVBUA4fAgYDKYUuNyGK+50yurOZdwytQou4+ybAgv4zrdNNDLjxHURQ7Hp+G PusmL9chnV4lyLAHu+h322nKw/juEOcxL0wS8RTSZoVEJ+z+AYtogzZpFoQabiILxbo5 Im8yI1M5ZUkqJ4wXad1kLnBflYV5Hak6vs36mYghR0JsmRQlqz6tnw3P4d5Ab+mGCCFh 3mNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=m7UhOxgARbzvIpvGJsH+8xfyECyhVNgpNuXvREMAdUk=; b=0dOrWYF7SD3PCWV04JK8fZ4jyzh8LFMzaBgzEn67sP7eqfBI7VoLQEN4nXwHSL7/U+ X4DCU2qKh4Vi5F9eKgsZzQUUSdOfRwDZJJmxMF3KcwtBJtm9PrQykJwkGzWcvPjZHmKp kFqmtv+n3OcONXFYybsFqo8y+RlKhvgKbdUDrIMFnNexrMSDdqnOTo7nDoM2v37ABbLR YzIU+XvrXXHILLXgKfLCKX8HpGsEKnwhf/kUp7cmLY0GucW4Ie4pVEsZeh5h7YOkj2dX wxaODhlpeOiVrmaxzUB8HiDPEUjc8ukkYfggHGBYp4A9MOVKK0zRbrbvQhi0X3l38RQ9 /gFg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LdMw4mKw; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h13si7143859pgj.204.2019.06.09.04.55.20; Sun, 09 Jun 2019 04:55:21 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LdMw4mKw; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728356AbfFILzT (ORCPT + 3 others); Sun, 9 Jun 2019 07:55:19 -0400 Received: from mail-wm1-f68.google.com ([209.85.128.68]:35095 "EHLO mail-wm1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728342AbfFILzT (ORCPT ); Sun, 9 Jun 2019 07:55:19 -0400 Received: by mail-wm1-f68.google.com with SMTP id c6so5695571wml.0 for ; Sun, 09 Jun 2019 04:55:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=m7UhOxgARbzvIpvGJsH+8xfyECyhVNgpNuXvREMAdUk=; b=LdMw4mKwhoebxNiqcNGFSv7xzG1IwE6qJqc/D3FkPNS0IxeiCPNn2GbRCPID+Fo197 f6A1jgHMbAXQaReQlOAw25NZva4Zu9/4w+BTX1vdCK1V5nWMmRiztDDI57jDnIBxPmY+ vPjMfi3U94ZkP6TcnDTwwPSKwQGGeNICAdpoaNP8eeWHdjq6vl6yK5JelEEtBd+u330Z e99GOmHK1o+pK7o01kRImVt9BgX7tj0gwAnhN1GzElox98X2QLWtEtNPJ12qjMFcG/17 zv/91XatZ3XMzvUYZdfd2qd52vAdw6tXLU+VxZm8o6/gtou1QnxU3OOIZf2C3zmC69Gu SlLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=m7UhOxgARbzvIpvGJsH+8xfyECyhVNgpNuXvREMAdUk=; b=TNcnyrdaj+g9aelVgvKKZEp5Y7n+FtHNWAZo3FV9gIJ5+2BrY6agfKzIIkynpBD+nY o1rvPTPPEjoXSuU9rWhfIZ11RIermNKKnZx4umCJ5hWHjXpmDjuyAoBJpxCUPTCAJ2wy rMmGw6gieJQjxMCZwMoTyjwgc07kNzKkYMcghMJ3UBFpOQ/dok+k3Uy/CbhYJ0qALE7p wFjEGLBPrLHCXIRSVZCbp2fBhgSXnFfy5lnKNKrZD2ZP7LPOUmvXT+2zpmpU8+Ri+1fO zisZN4GFn4l3xe6fUY/ORmExAjaEg8E5c4j+r7Va3KwQCJHgz8scJ7b9lEmkDxMtSDh4 6T8A== X-Gm-Message-State: APjAAAXaUefH+d+B3Ug8GQWmbInkMfAQqevi1F4VuBpOhj6WGO5FMYKj U+a6uodJy8+mtx89dlbblchco1OdjMMBjw== X-Received: by 2002:a1c:f319:: with SMTP id q25mr9491998wmq.129.1560081315279; Sun, 09 Jun 2019 04:55:15 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:5129:23cd:5870:89d4]) by smtp.gmail.com with ESMTPSA id r5sm14954317wrg.10.2019.06.09.04.55.14 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 09 Jun 2019 04:55:14 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , linux-wireless@vger.kernel.org, Johannes Berg Subject: [PATCH v2 2/7] net/mac80211: move WEP handling to ARC4 library interface Date: Sun, 9 Jun 2019 13:55:04 +0200 Message-Id: <20190609115509.26260-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190609115509.26260-1-ard.biesheuvel@linaro.org> References: <20190609115509.26260-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The WEP code in the mac80211 subsystem currently uses the crypto API to access the arc4 (RC4) cipher, which is overly complicated, and doesn't really have an upside in this particular case, since ciphers are always synchronous and therefore always implemented in software. Given that we have no accelerated software implementations either, it is much more straightforward to invoke a generic library interface directly. Cc: linux-wireless@vger.kernel.org Cc: Johannes Berg Signed-off-by: Ard Biesheuvel --- net/mac80211/Kconfig | 2 +- net/mac80211/cfg.c | 3 -- net/mac80211/ieee80211_i.h | 4 +- net/mac80211/key.h | 1 + net/mac80211/main.c | 48 ++------------------ net/mac80211/mlme.c | 2 - net/mac80211/tkip.c | 8 ++-- net/mac80211/tkip.h | 4 +- net/mac80211/wep.c | 47 ++++--------------- net/mac80211/wep.h | 4 +- net/mac80211/wpa.c | 4 +- 11 files changed, 26 insertions(+), 101 deletions(-) -- 2.20.1 diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig index 0227cce9685e..0c93b1b7a826 100644 --- a/net/mac80211/Kconfig +++ b/net/mac80211/Kconfig @@ -3,7 +3,7 @@ config MAC80211 tristate "Generic IEEE 802.11 Networking Stack (mac80211)" depends on CFG80211 select CRYPTO - select CRYPTO_ARC4 + select CRYPTO_LIB_ARC4 select CRYPTO_AES select CRYPTO_CCM select CRYPTO_GCM diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index a1973a26c7fc..9d8a8878a487 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c @@ -402,9 +402,6 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev, case WLAN_CIPHER_SUITE_WEP40: case WLAN_CIPHER_SUITE_TKIP: case WLAN_CIPHER_SUITE_WEP104: - if (IS_ERR(local->wep_tx_tfm)) - return -EINVAL; - break; case WLAN_CIPHER_SUITE_CCMP: case WLAN_CIPHER_SUITE_CCMP_256: case WLAN_CIPHER_SUITE_AES_CMAC: diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h index 073a8235ae1b..b2862e73f1fc 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h @@ -1258,8 +1258,8 @@ struct ieee80211_local { struct rate_control_ref *rate_ctrl; - struct crypto_cipher *wep_tx_tfm; - struct crypto_cipher *wep_rx_tfm; + struct crypto_arc4_ctx wep_tx_ctx; + struct crypto_arc4_ctx wep_rx_ctx; u32 wep_iv; /* see iface.c */ diff --git a/net/mac80211/key.h b/net/mac80211/key.h index f06fbd03d235..6c5bbaebd02c 100644 --- a/net/mac80211/key.h +++ b/net/mac80211/key.h @@ -14,6 +14,7 @@ #include #include #include +#include #include #define NUM_DEFAULT_KEYS 4 diff --git a/net/mac80211/main.c b/net/mac80211/main.c index 2b608044ae23..b339307035d2 100644 --- a/net/mac80211/main.c +++ b/net/mac80211/main.c @@ -733,8 +733,6 @@ EXPORT_SYMBOL(ieee80211_alloc_hw_nm); static int ieee80211_init_cipher_suites(struct ieee80211_local *local) { - bool have_wep = !(IS_ERR(local->wep_tx_tfm) || - IS_ERR(local->wep_rx_tfm)); bool have_mfp = ieee80211_hw_check(&local->hw, MFP_CAPABLE); int n_suites = 0, r = 0, w = 0; u32 *suites; @@ -757,31 +755,7 @@ static int ieee80211_init_cipher_suites(struct ieee80211_local *local) if (ieee80211_hw_check(&local->hw, SW_CRYPTO_CONTROL) || local->hw.wiphy->cipher_suites) { - /* If the driver advertises, or doesn't support SW crypto, - * we only need to remove WEP if necessary. - */ - if (have_wep) - return 0; - - /* well if it has _no_ ciphers ... fine */ - if (!local->hw.wiphy->n_cipher_suites) - return 0; - - /* Driver provides cipher suites, but we need to exclude WEP */ - suites = kmemdup(local->hw.wiphy->cipher_suites, - sizeof(u32) * local->hw.wiphy->n_cipher_suites, - GFP_KERNEL); - if (!suites) - return -ENOMEM; - - for (r = 0; r < local->hw.wiphy->n_cipher_suites; r++) { - u32 suite = local->hw.wiphy->cipher_suites[r]; - - if (suite == WLAN_CIPHER_SUITE_WEP40 || - suite == WLAN_CIPHER_SUITE_WEP104) - continue; - suites[w++] = suite; - } + return 0; } else if (!local->hw.cipher_schemes) { /* If the driver doesn't have cipher schemes, there's nothing * else to do other than assign the (software supported and @@ -793,11 +767,6 @@ static int ieee80211_init_cipher_suites(struct ieee80211_local *local) if (!have_mfp) local->hw.wiphy->n_cipher_suites -= 4; - if (!have_wep) { - local->hw.wiphy->cipher_suites += 2; - local->hw.wiphy->n_cipher_suites -= 2; - } - /* not dynamically allocated, so just return */ return 0; } else { @@ -811,11 +780,7 @@ static int ieee80211_init_cipher_suites(struct ieee80211_local *local) * We start counting ciphers defined by schemes, TKIP, CCMP, * CCMP-256, GCMP, and GCMP-256 */ - n_suites = local->hw.n_cipher_schemes + 5; - - /* check if we have WEP40 and WEP104 */ - if (have_wep) - n_suites += 2; + n_suites = local->hw.n_cipher_schemes + 7; /* check if we have AES_CMAC, BIP-CMAC-256, BIP-GMAC-128, * BIP-GMAC-256 @@ -832,11 +797,8 @@ static int ieee80211_init_cipher_suites(struct ieee80211_local *local) suites[w++] = WLAN_CIPHER_SUITE_TKIP; suites[w++] = WLAN_CIPHER_SUITE_GCMP; suites[w++] = WLAN_CIPHER_SUITE_GCMP_256; - - if (have_wep) { - suites[w++] = WLAN_CIPHER_SUITE_WEP40; - suites[w++] = WLAN_CIPHER_SUITE_WEP104; - } + suites[w++] = WLAN_CIPHER_SUITE_WEP40; + suites[w++] = WLAN_CIPHER_SUITE_WEP104; if (have_mfp) { suites[w++] = WLAN_CIPHER_SUITE_AES_CMAC; @@ -1301,7 +1263,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw) fail_rate: rtnl_unlock(); ieee80211_led_exit(local); - ieee80211_wep_free(local); fail_flows: destroy_workqueue(local->workqueue); fail_workqueue: @@ -1358,7 +1319,6 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw) destroy_workqueue(local->workqueue); wiphy_unregister(local->hw.wiphy); - ieee80211_wep_free(local); ieee80211_led_exit(local); kfree(local->int_scan_req); } diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index b7a9fe3d5fcb..cf8b87cfd619 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c @@ -5038,8 +5038,6 @@ int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata, auth_alg = WLAN_AUTH_OPEN; break; case NL80211_AUTHTYPE_SHARED_KEY: - if (IS_ERR(local->wep_tx_tfm)) - return -EOPNOTSUPP; auth_alg = WLAN_AUTH_SHARED_KEY; break; case NL80211_AUTHTYPE_FT: diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c index b3622823bad2..580b5c3e837e 100644 --- a/net/mac80211/tkip.c +++ b/net/mac80211/tkip.c @@ -222,7 +222,7 @@ EXPORT_SYMBOL(ieee80211_get_tkip_p2k); * @payload_len is the length of payload (_not_ including IV/ICV length). * @ta is the transmitter addresses. */ -int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_encrypt_data(struct crypto_arc4_ctx *ctx, struct ieee80211_key *key, struct sk_buff *skb, u8 *payload, size_t payload_len) @@ -231,7 +231,7 @@ int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, ieee80211_get_tkip_p2k(&key->conf, skb, rc4key); - return ieee80211_wep_encrypt_data(tfm, rc4key, 16, + return ieee80211_wep_encrypt_data(ctx, rc4key, 16, payload, payload_len); } @@ -239,7 +239,7 @@ int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, * beginning of the buffer containing IEEE 802.11 header payload, i.e., * including IV, Ext. IV, real data, Michael MIC, ICV. @payload_len is the * length of payload, including IV, Ext. IV, MIC, ICV. */ -int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_decrypt_data(struct crypto_arc4_ctx *ctx, struct ieee80211_key *key, u8 *payload, size_t payload_len, u8 *ta, u8 *ra, int only_iv, int queue, @@ -297,7 +297,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, tkip_mixing_phase2(tk, &rx_ctx->ctx, iv16, rc4key); - res = ieee80211_wep_decrypt_data(tfm, rc4key, 16, pos, payload_len - 12); + res = ieee80211_wep_decrypt_data(ctx, rc4key, 16, pos, payload_len - 12); done: if (res == TKIP_DECRYPT_OK) { /* diff --git a/net/mac80211/tkip.h b/net/mac80211/tkip.h index a1bcbfbefe7c..42b300773c58 100644 --- a/net/mac80211/tkip.h +++ b/net/mac80211/tkip.h @@ -13,7 +13,7 @@ #include #include "key.h" -int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_encrypt_data(struct crypto_arc4_ctx *ctx, struct ieee80211_key *key, struct sk_buff *skb, u8 *payload, size_t payload_len); @@ -24,7 +24,7 @@ enum { TKIP_DECRYPT_INVALID_KEYIDX = -2, TKIP_DECRYPT_REPLAY = -3, }; -int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_decrypt_data(struct crypto_arc4_ctx *ctx, struct ieee80211_key *key, u8 *payload, size_t payload_len, u8 *ta, u8 *ra, int only_iv, int queue, diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c index bfe9ed9f4c48..9aad40e28374 100644 --- a/net/mac80211/wep.c +++ b/net/mac80211/wep.c @@ -30,30 +30,9 @@ int ieee80211_wep_init(struct ieee80211_local *local) /* start WEP IV from a random value */ get_random_bytes(&local->wep_iv, IEEE80211_WEP_IV_LEN); - local->wep_tx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(local->wep_tx_tfm)) { - local->wep_rx_tfm = ERR_PTR(-EINVAL); - return PTR_ERR(local->wep_tx_tfm); - } - - local->wep_rx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(local->wep_rx_tfm)) { - crypto_free_cipher(local->wep_tx_tfm); - local->wep_tx_tfm = ERR_PTR(-EINVAL); - return PTR_ERR(local->wep_rx_tfm); - } - return 0; } -void ieee80211_wep_free(struct ieee80211_local *local) -{ - if (!IS_ERR(local->wep_tx_tfm)) - crypto_free_cipher(local->wep_tx_tfm); - if (!IS_ERR(local->wep_rx_tfm)) - crypto_free_cipher(local->wep_rx_tfm); -} - static inline bool ieee80211_wep_weak_iv(u32 iv, int keylen) { /* @@ -131,21 +110,16 @@ static void ieee80211_wep_remove_iv(struct ieee80211_local *local, /* Perform WEP encryption using given key. data buffer must have tailroom * for 4-byte ICV. data_len must not include this ICV. Note: this function * does _not_ add IV. data = RC4(data | CRC32(data)) */ -int ieee80211_wep_encrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_encrypt_data(struct crypto_arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len) { __le32 icv; - int i; - - if (IS_ERR(tfm)) - return -1; icv = cpu_to_le32(~crc32_le(~0, data, data_len)); put_unaligned(icv, (__le32 *)(data + data_len)); - crypto_cipher_setkey(tfm, rc4key, klen); - for (i = 0; i < data_len + IEEE80211_WEP_ICV_LEN; i++) - crypto_cipher_encrypt_one(tfm, data + i, data + i); + crypto_arc4_set_key(ctx, rc4key, klen); + crypto_arc4_crypt(ctx, data, data, data_len + IEEE80211_WEP_ICV_LEN); return 0; } @@ -184,7 +158,7 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local, /* Add room for ICV */ skb_put(skb, IEEE80211_WEP_ICV_LEN); - return ieee80211_wep_encrypt_data(local->wep_tx_tfm, rc4key, keylen + 3, + return ieee80211_wep_encrypt_data(&local->wep_tx_ctx, rc4key, keylen + 3, iv + IEEE80211_WEP_IV_LEN, len); } @@ -192,18 +166,13 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local, /* Perform WEP decryption using given key. data buffer includes encrypted * payload, including 4-byte ICV, but _not_ IV. data_len must not include ICV. * Return 0 on success and -1 on ICV mismatch. */ -int ieee80211_wep_decrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_decrypt_data(struct crypto_arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len) { __le32 crc; - int i; - - if (IS_ERR(tfm)) - return -1; - crypto_cipher_setkey(tfm, rc4key, klen); - for (i = 0; i < data_len + IEEE80211_WEP_ICV_LEN; i++) - crypto_cipher_decrypt_one(tfm, data + i, data + i); + crypto_arc4_set_key(ctx, rc4key, klen); + crypto_arc4_crypt(ctx, data, data, data_len + IEEE80211_WEP_ICV_LEN); crc = cpu_to_le32(~crc32_le(~0, data, data_len)); if (memcmp(&crc, data + data_len, IEEE80211_WEP_ICV_LEN) != 0) @@ -256,7 +225,7 @@ static int ieee80211_wep_decrypt(struct ieee80211_local *local, /* Copy rest of the WEP key (the secret part) */ memcpy(rc4key + 3, key->conf.key, key->conf.keylen); - if (ieee80211_wep_decrypt_data(local->wep_rx_tfm, rc4key, klen, + if (ieee80211_wep_decrypt_data(&local->wep_rx_ctx, rc4key, klen, skb->data + hdrlen + IEEE80211_WEP_IV_LEN, len)) ret = -1; diff --git a/net/mac80211/wep.h b/net/mac80211/wep.h index 9615749d1f65..b63dda9dd442 100644 --- a/net/mac80211/wep.h +++ b/net/mac80211/wep.h @@ -18,12 +18,12 @@ int ieee80211_wep_init(struct ieee80211_local *local); void ieee80211_wep_free(struct ieee80211_local *local); -int ieee80211_wep_encrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_encrypt_data(struct crypto_arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len); int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb, const u8 *key, int keylen, int keyidx); -int ieee80211_wep_decrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_decrypt_data(struct crypto_arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len); ieee80211_rx_result diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index 58d0b258b684..02e8ab7b2b4c 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c @@ -242,7 +242,7 @@ static int tkip_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb) /* Add room for ICV */ skb_put(skb, IEEE80211_TKIP_ICV_LEN); - return ieee80211_tkip_encrypt_data(tx->local->wep_tx_tfm, + return ieee80211_tkip_encrypt_data(&tx->local->wep_tx_ctx, key, skb, pos, len); } @@ -293,7 +293,7 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx) if (status->flag & RX_FLAG_DECRYPTED) hwaccel = 1; - res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm, + res = ieee80211_tkip_decrypt_data(&rx->local->wep_rx_ctx, key, skb->data + hdrlen, skb->len - hdrlen, rx->sta->sta.addr, hdr->addr1, hwaccel, rx->security_idx, From patchwork Sun Jun 9 11:55:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166219 Delivered-To: patch@linaro.org Received: by 2002:a92:9e1a:0:0:0:0:0 with SMTP id q26csp2795005ili; Sun, 9 Jun 2019 04:55:25 -0700 (PDT) X-Google-Smtp-Source: APXvYqwz7r4QGGuoriLt06BpBCLl2XV1KDV66X/QV9COa4o4P1DhiZF1966XZxQN/IhYguTUavDF X-Received: by 2002:a63:140c:: with SMTP id u12mr11279386pgl.378.1560081324971; Sun, 09 Jun 2019 04:55:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560081324; cv=none; d=google.com; s=arc-20160816; b=Qik41lgwIOV0JGvi8Sj7hAxEpv87T0U6Nv5mx85mJbvRrJ2pJoFqjjJMa5KWlYWmqC MUPEDpu5UCiYwhD4mbu5INxXT5EgL5LGOUNacQEsfJkd1l+fOgaBiCumNEf5KUmXJk+c l4t8l094vgjoXy+lOiOsRnrqQa4RlaUf4v9kvDIQArS3jOFCAl0JV/ZLlmfIoUTPlsNR rz3D9olg7oMv9BN4elIq0QMV/r8Pd4GScjpQLUARN6NiS5egydKqNKT4NLUZ1nOiUuDE CXpiygw+MFkHfffsw45zArN+niNZ1BkUvsYM5ddfxCvgiQ/psmbzKpXQRTTp/yg6bB/3 W3ow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=RrqId75ysoE9z88I4uq9u9pu8GvMT3RxAtvppEowQeg=; b=bQjWkF/yxRRNel0Ol6sIotSdKIPN7srTnzN+wFReDhAFlHddYrYtwo6BlytQniTXnV 7XJ9/xVHOikaGa+zzIPHpQEpGefrxb46VyjI/0SiDWcU/hr1Ts9hXIxje76hGIWfywnv 7z9BGWWXVj2fT014ybo5F3aWGys152hU583ZlksMDzSOSknNNerk+lMTMs0GPVQlpT2H l9XXEMrqqwkPLWwiRdx2A+WMKlW/N9XUH6l0Zsxo104gMadzYuVKF7Usvf3Xg9D/O+LX UwfArICA5vCm1cw83/+rLlynVNkHo6hegGEC+oouBe1xPDJbJjwL3BtAmg7nnq0HKIHX 7KOw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=DuzTQmf5; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s11si7009259pgp.326.2019.06.09.04.55.24; Sun, 09 Jun 2019 04:55:24 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=DuzTQmf5; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728462AbfFILzW (ORCPT + 3 others); Sun, 9 Jun 2019 07:55:22 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:37654 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728374AbfFILzS (ORCPT ); Sun, 9 Jun 2019 07:55:18 -0400 Received: by mail-wr1-f66.google.com with SMTP id v14so6370309wrr.4 for ; Sun, 09 Jun 2019 04:55:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=RrqId75ysoE9z88I4uq9u9pu8GvMT3RxAtvppEowQeg=; b=DuzTQmf5LsIklRp0smJvKrXxUAxdk1/eUn7byiT81TlJonmNvpjxt1TT/VYq+xolR8 cKTRTPbnSOjqcpHQUnzzZB/x++8yJdQggr3jLB7Y3uSsO0rwp5Q3695RUDIBROeFnkVd OC8m/+DJ47E5MM9xv3/iCuunztKvIn94OfKvgSsU5VpVrumY3U6ir30opJeY72/TpSOG 4Im/uietlHmLeGPkX7fnhUXw5dh5WCsGWNzhzx8w0EYF3mqCBQzfqf826U66IxUrKxfy QbS1a5l29kPuy1u2VKGIYpYDjFy+nhqT8+uvOez3NkNjI6AOTULVhSr+Hk8b2c9d/h+2 OBYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=RrqId75ysoE9z88I4uq9u9pu8GvMT3RxAtvppEowQeg=; b=pPh2qvdeghzFGzplf9OPYROdQWNUZVkPXNsDAObZHQ5Wj/ClgxapRCouMbLHwXLXqr MRUTpDr2iIA8TOpK7g8+/jJCFnO7zM574BzKno3094JYxej8im4ueexveBoWwVnhNtcA HwyYs1Ha22uPNSd5fHhXtK5KL5l+ZQGHcSyDHO3HPqH0PacENebzplrcDF2TW8CqU5C6 nviyneZJUE+f6zOuTV2yAEfoa15nPhpfCxIciCfzVdZS4lUfLkJC6bmrcC4TT/8BnuYp r5EPcQo9A71pXgDtxbXF70IZ6hivruapjYTVgAqn06lMdCHn3gavwi8LD3t2HA9tFisl W/SQ== X-Gm-Message-State: APjAAAXCdZUUrWr7OCqYpXJRQJ80tV3adoCRwcQNG+Nmmsc+tjgkS/8/ CXbv8CH3cGmo3knquds3xMzBlHeG6Jvyaw== X-Received: by 2002:a5d:4f8b:: with SMTP id d11mr5519809wru.264.1560081316553; Sun, 09 Jun 2019 04:55:16 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:5129:23cd:5870:89d4]) by smtp.gmail.com with ESMTPSA id r5sm14954317wrg.10.2019.06.09.04.55.15 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 09 Jun 2019 04:55:15 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , linux-wireless@vger.kernel.org, Johannes Berg Subject: [PATCH v2 3/7] net/lib80211: move WEP handling to ARC4 library code Date: Sun, 9 Jun 2019 13:55:05 +0200 Message-Id: <20190609115509.26260-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190609115509.26260-1-ard.biesheuvel@linaro.org> References: <20190609115509.26260-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The crypto API abstraction is not very useful for invoking ciphers directly, especially in the case of arc4, which only has a generic implementation in C. So let's invoke the library code directly. Cc: linux-wireless@vger.kernel.org Cc: Johannes Berg Signed-off-by: Ard Biesheuvel --- net/wireless/Kconfig | 1 + net/wireless/lib80211_crypt_wep.c | 43 ++++---------------- 2 files changed, 9 insertions(+), 35 deletions(-) -- 2.20.1 diff --git a/net/wireless/Kconfig b/net/wireless/Kconfig index 6310ddede220..6d9c48cea07e 100644 --- a/net/wireless/Kconfig +++ b/net/wireless/Kconfig @@ -213,6 +213,7 @@ config LIB80211 config LIB80211_CRYPT_WEP tristate + select CRYPTO_LIB_ARC4 config LIB80211_CRYPT_CCMP tristate diff --git a/net/wireless/lib80211_crypt_wep.c b/net/wireless/lib80211_crypt_wep.c index 20c1ad63ad44..3db1b2e6a25a 100644 --- a/net/wireless/lib80211_crypt_wep.c +++ b/net/wireless/lib80211_crypt_wep.c @@ -22,7 +22,7 @@ #include -#include +#include #include MODULE_AUTHOR("Jouni Malinen"); @@ -35,8 +35,8 @@ struct lib80211_wep_data { u8 key[WEP_KEY_LEN + 1]; u8 key_len; u8 key_idx; - struct crypto_cipher *tx_tfm; - struct crypto_cipher *rx_tfm; + struct crypto_arc4_ctx tx_ctx; + struct crypto_arc4_ctx rx_ctx; }; static void *lib80211_wep_init(int keyidx) @@ -45,41 +45,17 @@ static void *lib80211_wep_init(int keyidx) priv = kzalloc(sizeof(*priv), GFP_ATOMIC); if (priv == NULL) - goto fail; + return NULL; priv->key_idx = keyidx; - priv->tx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->tx_tfm)) { - priv->tx_tfm = NULL; - goto fail; - } - - priv->rx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->rx_tfm)) { - priv->rx_tfm = NULL; - goto fail; - } /* start WEP IV from a random value */ get_random_bytes(&priv->iv, 4); return priv; - - fail: - if (priv) { - crypto_free_cipher(priv->tx_tfm); - crypto_free_cipher(priv->rx_tfm); - kfree(priv); - } - return NULL; } static void lib80211_wep_deinit(void *priv) { - struct lib80211_wep_data *_priv = priv; - if (_priv) { - crypto_free_cipher(_priv->tx_tfm); - crypto_free_cipher(_priv->rx_tfm); - } kfree(priv); } @@ -160,10 +136,8 @@ static int lib80211_wep_encrypt(struct sk_buff *skb, int hdr_len, void *priv) icv[2] = crc >> 16; icv[3] = crc >> 24; - crypto_cipher_setkey(wep->tx_tfm, key, klen); - - for (i = 0; i < len + 4; i++) - crypto_cipher_encrypt_one(wep->tx_tfm, pos + i, pos + i); + crypto_arc4_set_key(&wep->tx_ctx, key, klen); + crypto_arc4_crypt(&wep->tx_ctx, pos, pos, len + 4); return 0; } @@ -202,9 +176,8 @@ static int lib80211_wep_decrypt(struct sk_buff *skb, int hdr_len, void *priv) /* Apply RC4 to data and compute CRC32 over decrypted data */ plen = skb->len - hdr_len - 8; - crypto_cipher_setkey(wep->rx_tfm, key, klen); - for (i = 0; i < plen + 4; i++) - crypto_cipher_decrypt_one(wep->rx_tfm, pos + i, pos + i); + crypto_arc4_set_key(&wep->rx_ctx, key, klen); + crypto_arc4_crypt(&wep->rx_ctx, pos, pos, plen + 4); crc = ~crc32_le(~0, pos, plen); icv[0] = crc; From patchwork Sun Jun 9 11:55:06 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166218 Delivered-To: patch@linaro.org Received: by 2002:a92:9e1a:0:0:0:0:0 with SMTP id q26csp2794959ili; Sun, 9 Jun 2019 04:55:22 -0700 (PDT) X-Google-Smtp-Source: APXvYqwXNByS25mMftYSUsmpPoq+y0//dUBPglatQOueGXxZD7Lr4kI9qRu+ayAP+3tj4zoMmnYX X-Received: by 2002:aa7:9190:: with SMTP id x16mr56210890pfa.86.1560081322156; Sun, 09 Jun 2019 04:55:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560081322; cv=none; d=google.com; s=arc-20160816; b=lBPJd648BOz6jX1B0nDv6fGrSMcdRD/x8icdBrOI6nUdpy7Jv3/UQPfAos90LVP9X5 etYG86ABLgfLeGVKERXF55F0Z4m6mhqcAuXGpE5EWKOxSE9L0x3L8sUhsqTO92vMXeEc lABOv/biqxmIfNDnXdb8Po/swmkhAttR5lrS0kNpf8xAuaXvQPSWYofXvzKDBh0si1WI XSup9VJckhyP2Nk22p9WXf6wTpZp4WHoGGLwYMtkABvAcVxXneGDZ1UgCdKJrkwrZZ4T 96i1nWOP3lOAV5sh43xPSJUQ0jHYgQ2CcUKvdEEPfwdZm3K410jyXkfpC7MAjzg2DGQD sZ1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=umqQnyDMdpEn6zwG2IG1Sf2HS5jaOEmJ4ynU8GI2sJ0=; b=dQoF0zNNxiws9Jh8y7Q7olzujCFKbxjOFJF2HHXTtDIptFFfrJaN+jLHJGumVsmhnv 98dVI7LodJWfrp8zNYVhzOrQxWkUVhNRkn3EM18iOUG+IbQJCYsCK6cNYZSvr1aeNS33 FKWbeiQHyqp3bJ4ekpvg2RXj7FA8KhSrNMH9oVO7N8+GWULX/8s1y3zgV/JGD6prjAnv HfcTrv4JwFRUvPYAaj80nZewHHqrMHHrV4oOo369KHWzKy5kkvzhV/MJq/FSefsfBpUP 5W4ZjyMZIhTHLCZMraV49H1sHVPs9tq5eMyZ+8qsfm6/LFp6TOLSeqep7+qpfyFFHLBu TMdw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=aZXX2qvy; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s11si7009259pgp.326.2019.06.09.04.55.21; Sun, 09 Jun 2019 04:55:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=aZXX2qvy; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728484AbfFILzU (ORCPT + 3 others); Sun, 9 Jun 2019 07:55:20 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:38317 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728472AbfFILzU (ORCPT ); Sun, 9 Jun 2019 07:55:20 -0400 Received: by mail-wr1-f66.google.com with SMTP id d18so6372366wrs.5 for ; Sun, 09 Jun 2019 04:55:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=umqQnyDMdpEn6zwG2IG1Sf2HS5jaOEmJ4ynU8GI2sJ0=; b=aZXX2qvytl/4knmSgzfZg5z5r0fH5+eQJXF4y2kQoK+eP4tWCQ/DAZNt26x1uPdETu oxqpSnoaNRZ2mr4sHsb1ew5Dq39v4zvCxbNb2jU5ak+Tpkliqi6dMVGjLqKSVRmdYi3U L1OZnE++kxTVwNHR50tC/x4LlQkGs97gXs+N56yp7RbnYIH2O5+7RRRMluZgDIFagiWy bpl705rrhWxdtnFTrYX0RyBWEOCfSXNFvQANnJQM20j+2Cf1Ib+VOgUsrtaXEpa+Hv7r 4vn+M/MZm9rzPuvFYiJMsVI8s3RgckLc7aCb4mJcOw+qogz/5dWcrgwsrYVSd1XYiTdP TOXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=umqQnyDMdpEn6zwG2IG1Sf2HS5jaOEmJ4ynU8GI2sJ0=; b=kecoO2gvV1momeSBXNzkFrjEP7JMx+8i4hjWQIJu+fzbPBuLeF35i4eTZJ50qwywF3 eD5dx2vcInxiOr59G8v1h3AtVQ4UISr0eEx7ERvq74p3g33+dyoLibWgnYTKqOvXdPlA Itx7aql0TSUUZL5lCiATvody4IFOeZ1MG3et0Qblr8O+v6rKVGw0MmimARepCU20K5yh QmxOkJdi2ULPIXXgY00h8reavpzKqzURHWik+IWh4JUY2PS5lVFJeAAjalovVLDTINp2 YJwDbqCI4Hp2rAqoGGEbu780lFy8icjhSHrVZdPPAaN+F8BVteB8Uwbq3rxoXzgGq7T4 wtDQ== X-Gm-Message-State: APjAAAU2iDgaLc9SM+PlM4kRIuIFCOYNn8m27e9r/BTtRZXRmXWbZQUy WgLylkVZK1euffn3IrJIuXlqoeUGPBETZg== X-Received: by 2002:adf:e808:: with SMTP id o8mr8767859wrm.191.1560081317763; Sun, 09 Jun 2019 04:55:17 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:5129:23cd:5870:89d4]) by smtp.gmail.com with ESMTPSA id r5sm14954317wrg.10.2019.06.09.04.55.16 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 09 Jun 2019 04:55:17 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , linux-wireless@vger.kernel.org, Johannes Berg Subject: [PATCH v2 4/7] net/lib80211: move TKIP handling to ARC4 library code Date: Sun, 9 Jun 2019 13:55:06 +0200 Message-Id: <20190609115509.26260-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190609115509.26260-1-ard.biesheuvel@linaro.org> References: <20190609115509.26260-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The crypto API abstraction is not very useful for invoking ciphers directly, especially in the case of arc4, which only has a generic implementation in C. So let's invoke the library code directly. Cc: linux-wireless@vger.kernel.org Cc: Johannes Berg Signed-off-by: Ard Biesheuvel --- net/wireless/lib80211_crypt_tkip.c | 42 ++++++-------------- 1 file changed, 12 insertions(+), 30 deletions(-) -- 2.20.1 diff --git a/net/wireless/lib80211_crypt_tkip.c b/net/wireless/lib80211_crypt_tkip.c index 11eaa5956f00..c19528a39563 100644 --- a/net/wireless/lib80211_crypt_tkip.c +++ b/net/wireless/lib80211_crypt_tkip.c @@ -29,6 +29,7 @@ #include #include +#include #include #include #include @@ -64,9 +65,9 @@ struct lib80211_tkip_data { int key_idx; - struct crypto_cipher *rx_tfm_arc4; + struct crypto_arc4_ctx rx_ctx_arc4; + struct crypto_arc4_ctx tx_ctx_arc4; struct crypto_shash *rx_tfm_michael; - struct crypto_cipher *tx_tfm_arc4; struct crypto_shash *tx_tfm_michael; /* scratch buffers for virt_to_page() (crypto API) */ @@ -99,24 +100,12 @@ static void *lib80211_tkip_init(int key_idx) priv->key_idx = key_idx; - priv->tx_tfm_arc4 = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->tx_tfm_arc4)) { - priv->tx_tfm_arc4 = NULL; - goto fail; - } - priv->tx_tfm_michael = crypto_alloc_shash("michael_mic", 0, 0); if (IS_ERR(priv->tx_tfm_michael)) { priv->tx_tfm_michael = NULL; goto fail; } - priv->rx_tfm_arc4 = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->rx_tfm_arc4)) { - priv->rx_tfm_arc4 = NULL; - goto fail; - } - priv->rx_tfm_michael = crypto_alloc_shash("michael_mic", 0, 0); if (IS_ERR(priv->rx_tfm_michael)) { priv->rx_tfm_michael = NULL; @@ -128,9 +117,7 @@ static void *lib80211_tkip_init(int key_idx) fail: if (priv) { crypto_free_shash(priv->tx_tfm_michael); - crypto_free_cipher(priv->tx_tfm_arc4); crypto_free_shash(priv->rx_tfm_michael); - crypto_free_cipher(priv->rx_tfm_arc4); kfree(priv); } @@ -142,9 +129,7 @@ static void lib80211_tkip_deinit(void *priv) struct lib80211_tkip_data *_priv = priv; if (_priv) { crypto_free_shash(_priv->tx_tfm_michael); - crypto_free_cipher(_priv->tx_tfm_arc4); crypto_free_shash(_priv->rx_tfm_michael); - crypto_free_cipher(_priv->rx_tfm_arc4); } kfree(priv); } @@ -345,7 +330,6 @@ static int lib80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) int len; u8 rc4key[16], *pos, *icv; u32 crc; - int i; if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) { struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; @@ -370,9 +354,9 @@ static int lib80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) icv[2] = crc >> 16; icv[3] = crc >> 24; - crypto_cipher_setkey(tkey->tx_tfm_arc4, rc4key, 16); - for (i = 0; i < len + 4; i++) - crypto_cipher_encrypt_one(tkey->tx_tfm_arc4, pos + i, pos + i); + crypto_arc4_set_key(&tkey->tx_ctx_arc4, rc4key, 16); + crypto_arc4_crypt(&tkey->tx_ctx_arc4, pos, pos, len + 4); + return 0; } @@ -400,7 +384,6 @@ static int lib80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) u8 icv[4]; u32 crc; int plen; - int i; hdr = (struct ieee80211_hdr *)skb->data; @@ -453,9 +436,8 @@ static int lib80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) plen = skb->len - hdr_len - 12; - crypto_cipher_setkey(tkey->rx_tfm_arc4, rc4key, 16); - for (i = 0; i < plen + 4; i++) - crypto_cipher_decrypt_one(tkey->rx_tfm_arc4, pos + i, pos + i); + crypto_arc4_set_key(&tkey->rx_ctx_arc4, rc4key, 16); + crypto_arc4_crypt(&tkey->rx_ctx_arc4, pos, pos, plen + 4); crc = ~crc32_le(~0, pos, plen); icv[0] = crc; @@ -640,17 +622,17 @@ static int lib80211_tkip_set_key(void *key, int len, u8 * seq, void *priv) struct lib80211_tkip_data *tkey = priv; int keyidx; struct crypto_shash *tfm = tkey->tx_tfm_michael; - struct crypto_cipher *tfm2 = tkey->tx_tfm_arc4; + struct crypto_arc4_ctx *tfm2 = &tkey->tx_ctx_arc4; struct crypto_shash *tfm3 = tkey->rx_tfm_michael; - struct crypto_cipher *tfm4 = tkey->rx_tfm_arc4; + struct crypto_arc4_ctx *tfm4 = &tkey->rx_ctx_arc4; keyidx = tkey->key_idx; memset(tkey, 0, sizeof(*tkey)); tkey->key_idx = keyidx; tkey->tx_tfm_michael = tfm; - tkey->tx_tfm_arc4 = tfm2; + tkey->tx_ctx_arc4 = *tfm2; tkey->rx_tfm_michael = tfm3; - tkey->rx_tfm_arc4 = tfm4; + tkey->rx_ctx_arc4 = *tfm4; if (len == TKIP_KEY_LEN) { memcpy(tkey->key, key, TKIP_KEY_LEN); tkey->key_set = 1; From patchwork Sun Jun 9 11:55:07 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166222 Delivered-To: patch@linaro.org Received: by 2002:a92:9e1a:0:0:0:0:0 with SMTP id q26csp2795030ili; Sun, 9 Jun 2019 04:55:26 -0700 (PDT) X-Google-Smtp-Source: APXvYqyseVkyEX15dlDmpSWBKSA1aai04EDXbrJOTXnrrA+hrJNNRjcJzc7lW4GDVXY/ti6AnLN0 X-Received: by 2002:a17:90a:ab0c:: with SMTP id m12mr16046135pjq.87.1560081326719; Sun, 09 Jun 2019 04:55:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560081326; cv=none; d=google.com; s=arc-20160816; b=xNzTltDqzvm45NSJlAa7vSEeKit/Sn0EIw7IzV/qq+9nbhEFXshVyGDTIattvF1ASw 05kiKjczMUQN1Rn6ifbQbtObtgIxwkzE41NWfue4uDQWqV/0e07HcLtOz2ljPHaH0q7U rAdsG7vwVIwK6uPd0wR+NaLsD8mbdcMZT1V1vUEEiVJ/f061uGsCVrYp0CImcxZ2O0Ax IMvbRa9wj1bUvyw8cRsC0D6geShnIPK0cujFMIPS0Ck814k/+PSVYpoZEeyQrx3Xn5t2 BQ96JaCfWnK1BdHZI8dF8sEJVB16DSt369v38gPyuMge1NeW5Eq+lbKfs1J6SijRFadN ZziQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=KCbpo8tnaYKrv2j1lDPpryYW7uZhax3jjlheYdiONDU=; b=ZOTv8OOLWXihU+I5S/UrHfiTUzQhSSKjoA6wc5YTDA3F8EsZBh3MLb7rtBnWegwshX lpcGd+NzOJjvXHQBtI3Rfre/NssNZKeaYZdLUAI63BAyWDhii83PN/ZWD5xIh3VTCjW+ KlYGukTnxS3dW5JgpYL1/Ac6z32kVHVoeaXwCFpRjhHpKkj0UuQy0if3FyZHlSKbvkm7 HZwKUo7p3zEouFlATb0XSV4OwUSCMq7w6Rn8gK2N2kpRMKcL2oZcdGhXk6iQydn0leE4 I/IY4S55wV0FU/DcYu3l+rkTutlFe101GZf5sK2tCn5grFfnlEARGbMVPnaDSHXc0vA6 n5Zw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=l13Au7VE; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s11si7009259pgp.326.2019.06.09.04.55.26; Sun, 09 Jun 2019 04:55:26 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=l13Au7VE; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728341AbfFILzZ (ORCPT + 3 others); Sun, 9 Jun 2019 07:55:25 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:39884 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728342AbfFILzU (ORCPT ); Sun, 9 Jun 2019 07:55:20 -0400 Received: by mail-wr1-f66.google.com with SMTP id x4so3713986wrt.6 for ; Sun, 09 Jun 2019 04:55:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=KCbpo8tnaYKrv2j1lDPpryYW7uZhax3jjlheYdiONDU=; b=l13Au7VE/9s2L57Uo7UyE8FQaKgLUT2TfiWqxhNmzbgKwXQfWEpCs6n0ba9v1DlS1q DtFoFzNTPtIItR/afepMSGay/bb0GmDrj0SiV8igULkWvOZeXz1hGqNgyD5C+jdDCyA3 mWVbjv2vTe+v+BLkixm7pUWbIMw3GNkl8MavjDeCZIgH7oqBvS0BfTBHYzpwDggDuHUc 4CTxbPAPecPHQwWhH0Bv/Hh04B3Qr5criSWn5NFG4zmpKebjCfyfb4fRIQnRr9mRdmgV Jcho3ZQsikt0rCsu4Z7FYaQnaJIi9cYdJGcbWu3QUuXHC+RHWs8nNN/9MPNV04/yuQ4N wo8Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=KCbpo8tnaYKrv2j1lDPpryYW7uZhax3jjlheYdiONDU=; b=epCYy0WuAtRamz4mBhmzl4f2COpg2TBfH7XJXLf8Spd1jEjKmXusF/4Q/XBVMP0oPa 9icri56763CN7+yjrMFdx799JXMdhdaMIXN8VWzK1KnizDrHGsQykMTA9R0gBMstoflK mxIyZlNA7bOkvMG81DzJ/ayxeIk5m+BsvxVmKFZJFtVI33/7fcnvscDJK9CJrXyTqIGY tDaa/sIaJnP2mEEUdyfN8g5mkQxnuKfpi1infG69ztoMY/2cs5C8JEOAeMKbbWB0YXxa wXtrR5LBh4F8SY70L+lxh7aIvaDCSqXUuAxJrAErZ7QyNhclUA6vsqIRujh0M1PUWZN1 db+w== X-Gm-Message-State: APjAAAWhzeOtyyTcIq/jpxmUHTBkynEnyV1/OObmhA668/5QmGdzFgNf sWyFQVPNlXiHsnkDbm/dv4OOdu54H6Ltew== X-Received: by 2002:a5d:4a0b:: with SMTP id m11mr30740019wrq.251.1560081318756; Sun, 09 Jun 2019 04:55:18 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:5129:23cd:5870:89d4]) by smtp.gmail.com with ESMTPSA id r5sm14954317wrg.10.2019.06.09.04.55.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 09 Jun 2019 04:55:18 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers Subject: [PATCH v2 5/7] crypto: arc4 - remove cipher implementation Date: Sun, 9 Jun 2019 13:55:07 +0200 Message-Id: <20190609115509.26260-6-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190609115509.26260-1-ard.biesheuvel@linaro.org> References: <20190609115509.26260-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org There are no remaining users of the cipher implementation, and there are no meaningful ways in which the arc4 cipher can be combined with templates other than ECB (and the way we do provide that combination is highly dubious to begin with). So let's drop the arc4 cipher altogether, and only keep the ecb(arc4) skcipher, which is used in various places in the kernel. Signed-off-by: Ard Biesheuvel --- crypto/arc4.c | 36 ++------------------ 1 file changed, 2 insertions(+), 34 deletions(-) -- 2.20.1 diff --git a/crypto/arc4.c b/crypto/arc4.c index 7f80623aa66a..3cdfd12110ea 100644 --- a/crypto/arc4.c +++ b/crypto/arc4.c @@ -27,11 +27,6 @@ static int arc4_set_key_skcipher(struct crypto_skcipher *tfm, const u8 *in_key, return arc4_set_key(&tfm->base, in_key, key_len); } -static void arc4_crypt_one(struct crypto_tfm *tfm, u8 *out, const u8 *in) -{ - crypto_arc4_crypt(crypto_tfm_ctx(tfm), out, in, 1); -} - static int ecb_arc4_crypt(struct skcipher_request *req) { struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); @@ -50,23 +45,6 @@ static int ecb_arc4_crypt(struct skcipher_request *req) return err; } -static struct crypto_alg arc4_cipher = { - .cra_name = "arc4", - .cra_flags = CRYPTO_ALG_TYPE_CIPHER, - .cra_blocksize = ARC4_BLOCK_SIZE, - .cra_ctxsize = sizeof(struct crypto_arc4_ctx), - .cra_module = THIS_MODULE, - .cra_u = { - .cipher = { - .cia_min_keysize = ARC4_MIN_KEY_SIZE, - .cia_max_keysize = ARC4_MAX_KEY_SIZE, - .cia_setkey = arc4_set_key, - .cia_encrypt = arc4_crypt_one, - .cia_decrypt = arc4_crypt_one, - }, - }, -}; - static struct skcipher_alg arc4_skcipher = { .base.cra_name = "ecb(arc4)", .base.cra_priority = 100, @@ -82,21 +60,11 @@ static struct skcipher_alg arc4_skcipher = { static int __init arc4_init(void) { - int err; - - err = crypto_register_alg(&arc4_cipher); - if (err) - return err; - - err = crypto_register_skcipher(&arc4_skcipher); - if (err) - crypto_unregister_alg(&arc4_cipher); - return err; + return crypto_register_skcipher(&arc4_skcipher); } static void __exit arc4_exit(void) { - crypto_unregister_alg(&arc4_cipher); crypto_unregister_skcipher(&arc4_skcipher); } @@ -106,4 +74,4 @@ module_exit(arc4_exit); MODULE_LICENSE("GPL"); MODULE_DESCRIPTION("ARC4 Cipher Algorithm"); MODULE_AUTHOR("Jon Oberheide "); -MODULE_ALIAS_CRYPTO("arc4"); +MODULE_ALIAS_CRYPTO("ecb(arc4)"); From patchwork Sun Jun 9 11:55:08 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166221 Delivered-To: patch@linaro.org Received: by 2002:a92:9e1a:0:0:0:0:0 with SMTP id q26csp2795026ili; Sun, 9 Jun 2019 04:55:26 -0700 (PDT) X-Google-Smtp-Source: APXvYqyauiJ6Bz5ZipfY+iRDFNfh0MOhwKfQJzP7P6DQdWg+sK07PVDr1kOCBUmT7jWOuqQiVp2M X-Received: by 2002:a17:90a:6544:: with SMTP id f4mr16018660pjs.17.1560081326444; Sun, 09 Jun 2019 04:55:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560081326; cv=none; d=google.com; s=arc-20160816; b=fLv0YzozIOq97lBTmiBskFGJV8b4U1hlwY+ACgbbN+qmjzEp1ZzUi6vH3GsAoydT5F p6mP4AaweTmIzf1sZGj1wgFAPA0oqJEXRpQd1acNvEL9sOitVBNqCQJS6MD+C+JC5Ej+ uxw3KBzO06obUo+sJPg7RxaCFudK/2/5SJnvpfJVT5qXK7uN/PVa9uynXfmUXPFRTOlH Mneo4VfQWOtw8hiBgSGyGkZUuLuqeqJ7BkAfILed6+YrFw2SDN2mRUmrLXX4Z6ZOPdiY 85vTtZt71+aygbvsgY+uVzvWrM6Z2cjNHHGyYy6ODqtsSUoNVD475i9OJ8spyr7ujiOc 9a6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=BGh1nQ+3pPLbvJ532NZqIHSD0NqkCT3YHGSqeIYC+j8=; b=cXsWU1bdCv+Zb9cQohPuCMG1Z/s6AZqx/ywlVxSlzB3+PX4gb4AygG+XWx8qy0mNUg aJ2fTzddH3I3P1CP3SMCIFASOreVRT44WqpXUPcWZi8T+aLFJz9fdhopi3+XZsXMS/Tx LURfBcSuaW9+YnplT+aQeHKu4ZeklCo1jcpzzr1l9B44j0c8bEMFDh5I6eZlE3cNxHPf uX1rhHwunw6TFIuGojohaqO5hg5zPb4npNTrD0WW+/xh0XTFUzdQFI2HuZezJYhRklQ1 d/hu36SKAj3epq2gjCV/QTjWrDkIyOFKO96xCdk6D0zGB2t2iYba4VeG4qDCia1gLyMb 4LFw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ylZSItI1; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s11si7009259pgp.326.2019.06.09.04.55.26; Sun, 09 Jun 2019 04:55:26 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ylZSItI1; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728489AbfFILzZ (ORCPT + 3 others); Sun, 9 Jun 2019 07:55:25 -0400 Received: from mail-wm1-f65.google.com ([209.85.128.65]:32879 "EHLO mail-wm1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728472AbfFILzW (ORCPT ); Sun, 9 Jun 2019 07:55:22 -0400 Received: by mail-wm1-f65.google.com with SMTP id h19so7102838wme.0 for ; Sun, 09 Jun 2019 04:55:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=BGh1nQ+3pPLbvJ532NZqIHSD0NqkCT3YHGSqeIYC+j8=; b=ylZSItI1v3xB2W/HUWy1J+MCmXnsj5xHiMwA+VjVZtD4/EoHD2caz/9Bvdj1jVIhjf B+w+lb4ImJBbSLQLGkFZHK670wr57MoYoZYpkfq1ZUfdGs/DfovT8+depsGgKZIYAB44 F7SaUiZaqL5XCDd1dOt6yWyGqJaYok31QoQS2InvYM0uMkNf9UHoo13s1WOghG0o0zp5 cd01tgFRrx448aqLOQYizldo9BYDLhdQAV/T07aO9GZ2zNWYdMtLJNB7G6zm8cG5Fa0B r4I+HjEMBvxUoBTV9aJnUZomcSZnuCs06OLfJ0tD+kuKfEJqWQS8ai12GYA40wXVoKqQ R5GQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=BGh1nQ+3pPLbvJ532NZqIHSD0NqkCT3YHGSqeIYC+j8=; b=nu5wWzhGNA6PctXYKE46R4Z8URiPGwVEjotUhwKZ7v24htPQd7u+HHyfyaB/dgTyvG AdS5REvViOiI+9CK1gliqXMTQlTphdjUF94Lw1LH39ImlxRtfey63NDa8Iba1E4S/8g3 Ng5MvIHzG/k3kdGiqKKlbHuLHvsytM7XzNC9M7Esmsy0OSj7I+moi9Wk1jJoID/iSl5w Zl/XJnKIE8P5RrDRrQMlZYbtzdpKU979DiLEq8bGPdSRTAWM0WiaXgpZVDA70gsLttXw AB7k/Hcwvj6uPqVc/PcEY94q0dP6EobtCeW6D2iHpYU9FiObvyPVP1jFWiwtGo59Ag1W MCew== X-Gm-Message-State: APjAAAVuS8Wf7vqmEq9g6Jke61SxLSU0bLbuc4FcnRbwJ7N5A95VSohK d3Cz/U/LV8mqu+sFhDyrhGD02QK8eV+JiQ== X-Received: by 2002:a1c:5687:: with SMTP id k129mr9381543wmb.133.1560081319962; Sun, 09 Jun 2019 04:55:19 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:5129:23cd:5870:89d4]) by smtp.gmail.com with ESMTPSA id r5sm14954317wrg.10.2019.06.09.04.55.18 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 09 Jun 2019 04:55:19 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , linux-ppp@vger.kernel.org, Paul Mackerras Subject: [PATCH v2 6/7] ppp: mppe: switch to RC4 library interface Date: Sun, 9 Jun 2019 13:55:08 +0200 Message-Id: <20190609115509.26260-7-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190609115509.26260-1-ard.biesheuvel@linaro.org> References: <20190609115509.26260-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The MPPE code uses the sync skcipher to invoke the ecb(arc4) skcipher, of which only a single generic C code implementation exists. This means that going through all the trouble of using scatterlists etc buys us very little, and we're better off just invoking the arc4 library directly. Note that the SHA1 shash used by this driver has several accelerated implementations for various architectures, so retaining that part does make sense. Cc: linux-ppp@vger.kernel.org Cc: Paul Mackerras Signed-off-by: Ard Biesheuvel --- drivers/net/ppp/Kconfig | 3 +- drivers/net/ppp/ppp_mppe.c | 92 +++----------------- 2 files changed, 12 insertions(+), 83 deletions(-) -- 2.20.1 diff --git a/drivers/net/ppp/Kconfig b/drivers/net/ppp/Kconfig index bf395df3bb37..1a2e2f7629f3 100644 --- a/drivers/net/ppp/Kconfig +++ b/drivers/net/ppp/Kconfig @@ -87,8 +87,7 @@ config PPP_MPPE depends on PPP select CRYPTO select CRYPTO_SHA1 - select CRYPTO_ARC4 - select CRYPTO_ECB + select CRYPTO_LIB_ARC4 ---help--- Support for the MPPE Encryption protocol, as employed by the Microsoft Point-to-Point Tunneling Protocol. diff --git a/drivers/net/ppp/ppp_mppe.c b/drivers/net/ppp/ppp_mppe.c index ff61dd8748de..00be8143b0b6 100644 --- a/drivers/net/ppp/ppp_mppe.c +++ b/drivers/net/ppp/ppp_mppe.c @@ -42,8 +42,8 @@ * deprecated in 2.6 */ +#include #include -#include #include #include #include @@ -65,13 +65,6 @@ MODULE_LICENSE("Dual BSD/GPL"); MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE)); MODULE_VERSION("1.0.2"); -static unsigned int -setup_sg(struct scatterlist *sg, const void *address, unsigned int length) -{ - sg_set_buf(sg, address, length); - return length; -} - #define SHA1_PAD_SIZE 40 /* @@ -95,7 +88,7 @@ static inline void sha_pad_init(struct sha_pad *shapad) * State for an MPPE (de)compressor. */ struct ppp_mppe_state { - struct crypto_sync_skcipher *arc4; + struct crypto_arc4_ctx arc4; struct shash_desc *sha1; unsigned char *sha1_digest; unsigned char master_key[MPPE_MAX_KEY_LEN]; @@ -154,24 +147,12 @@ static void get_new_key_from_sha(struct ppp_mppe_state * state) */ static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) { - struct scatterlist sg_in[1], sg_out[1]; - SYNC_SKCIPHER_REQUEST_ON_STACK(req, state->arc4); - - skcipher_request_set_sync_tfm(req, state->arc4); - skcipher_request_set_callback(req, 0, NULL, NULL); - get_new_key_from_sha(state); if (!initial_key) { - crypto_sync_skcipher_setkey(state->arc4, state->sha1_digest, - state->keylen); - sg_init_table(sg_in, 1); - sg_init_table(sg_out, 1); - setup_sg(sg_in, state->sha1_digest, state->keylen); - setup_sg(sg_out, state->session_key, state->keylen); - skcipher_request_set_crypt(req, sg_in, sg_out, state->keylen, - NULL); - if (crypto_skcipher_encrypt(req)) - printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n"); + crypto_arc4_set_key(&state->arc4, state->sha1_digest, + state->keylen); + crypto_arc4_crypt(&state->arc4, state->session_key, + state->sha1_digest, state->keylen); } else { memcpy(state->session_key, state->sha1_digest, state->keylen); } @@ -181,9 +162,7 @@ static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) state->session_key[1] = 0x26; state->session_key[2] = 0x9e; } - crypto_sync_skcipher_setkey(state->arc4, state->session_key, - state->keylen); - skcipher_request_zero(req); + crypto_arc4_set_key(&state->arc4, state->session_key, state->keylen); } /* @@ -204,12 +183,6 @@ static void *mppe_alloc(unsigned char *options, int optlen) goto out; - state->arc4 = crypto_alloc_sync_skcipher("ecb(arc4)", 0, 0); - if (IS_ERR(state->arc4)) { - state->arc4 = NULL; - goto out_free; - } - shash = crypto_alloc_shash("sha1", 0, 0); if (IS_ERR(shash)) goto out_free; @@ -250,7 +223,6 @@ static void *mppe_alloc(unsigned char *options, int optlen) crypto_free_shash(state->sha1->tfm); kzfree(state->sha1); } - crypto_free_sync_skcipher(state->arc4); kfree(state); out: return NULL; @@ -266,7 +238,6 @@ static void mppe_free(void *arg) kfree(state->sha1_digest); crypto_free_shash(state->sha1->tfm); kzfree(state->sha1); - crypto_free_sync_skcipher(state->arc4); kfree(state); } } @@ -366,10 +337,7 @@ mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, int isize, int osize) { struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; - SYNC_SKCIPHER_REQUEST_ON_STACK(req, state->arc4); int proto; - int err; - struct scatterlist sg_in[1], sg_out[1]; /* * Check that the protocol is in the range we handle. @@ -420,21 +388,7 @@ mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, ibuf += 2; /* skip to proto field */ isize -= 2; - /* Encrypt packet */ - sg_init_table(sg_in, 1); - sg_init_table(sg_out, 1); - setup_sg(sg_in, ibuf, isize); - setup_sg(sg_out, obuf, osize); - - skcipher_request_set_sync_tfm(req, state->arc4); - skcipher_request_set_callback(req, 0, NULL, NULL); - skcipher_request_set_crypt(req, sg_in, sg_out, isize, NULL); - err = crypto_skcipher_encrypt(req); - skcipher_request_zero(req); - if (err) { - printk(KERN_DEBUG "crypto_cypher_encrypt failed\n"); - return -1; - } + crypto_arc4_crypt(&state->arc4, obuf, ibuf, isize); state->stats.unc_bytes += isize; state->stats.unc_packets++; @@ -480,10 +434,8 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, int osize) { struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; - SYNC_SKCIPHER_REQUEST_ON_STACK(req, state->arc4); unsigned ccount; int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED; - struct scatterlist sg_in[1], sg_out[1]; if (isize <= PPP_HDRLEN + MPPE_OVHD) { if (state->debug) @@ -610,19 +562,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, * Decrypt the first byte in order to check if it is * a compressed or uncompressed protocol field. */ - sg_init_table(sg_in, 1); - sg_init_table(sg_out, 1); - setup_sg(sg_in, ibuf, 1); - setup_sg(sg_out, obuf, 1); - - skcipher_request_set_sync_tfm(req, state->arc4); - skcipher_request_set_callback(req, 0, NULL, NULL); - skcipher_request_set_crypt(req, sg_in, sg_out, 1, NULL); - if (crypto_skcipher_decrypt(req)) { - printk(KERN_DEBUG "crypto_cypher_decrypt failed\n"); - osize = DECOMP_ERROR; - goto out_zap_req; - } + crypto_arc4_crypt(&state->arc4, obuf, ibuf, 1); /* * Do PFC decompression. @@ -637,14 +577,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, } /* And finally, decrypt the rest of the packet. */ - setup_sg(sg_in, ibuf + 1, isize - 1); - setup_sg(sg_out, obuf + 1, osize - 1); - skcipher_request_set_crypt(req, sg_in, sg_out, isize - 1, NULL); - if (crypto_skcipher_decrypt(req)) { - printk(KERN_DEBUG "crypto_cypher_decrypt failed\n"); - osize = DECOMP_ERROR; - goto out_zap_req; - } + crypto_arc4_crypt(&state->arc4, obuf + 1, ibuf + 1, isize - 1); state->stats.unc_bytes += osize; state->stats.unc_packets++; @@ -654,8 +587,6 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, /* good packet credit */ state->sanity_errors >>= 1; -out_zap_req: - skcipher_request_zero(req); return osize; sanity_error: @@ -728,8 +659,7 @@ static struct compressor ppp_mppe = { static int __init ppp_mppe_init(void) { int answer; - if (!(crypto_has_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC) && - crypto_has_ahash("sha1", 0, CRYPTO_ALG_ASYNC))) + if (!crypto_has_ahash("sha1", 0, CRYPTO_ALG_ASYNC)) return -ENODEV; sha_pad = kmalloc(sizeof(struct sha_pad), GFP_KERNEL); From patchwork Sun Jun 9 11:55:09 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166220 Delivered-To: patch@linaro.org Received: by 2002:a92:9e1a:0:0:0:0:0 with SMTP id q26csp2795018ili; Sun, 9 Jun 2019 04:55:26 -0700 (PDT) X-Google-Smtp-Source: APXvYqxnG6EMdqcT6jMpI0f8XMC9Ct3TxEy2a+ZiAKx/fald+6u88aom1I2OLyzJ+vQsISckpFxS X-Received: by 2002:a63:ec02:: with SMTP id j2mr11631921pgh.340.1560081326056; Sun, 09 Jun 2019 04:55:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560081326; cv=none; d=google.com; s=arc-20160816; b=Q1CZKB8ZydnbXMGpl9Z48BXrmLu2hmc07mPPZFuptqbrn+ZtAH3g/wE0yeXpbFGO+C 6yepbtX13F0DmuLJfwyBluS0VwRPDGWCkGOa5V2tFTrkeI/o0JRY70DXxaY4AtCfp9Vv h6AibS2AU9ZeinffP0cZdQ8gu+pncEYOX0DXLyt00MzEZybB10yWIHDJkcP5ZYJt8Msw z5XqjzYhsSIA+LxyT4PujC0jEQsYUszsiODN6AvQ1zZJn3QHhkkWo9lijcAW3qa5lDL4 n7n8PiA1e8b++XsrPDgShuKRancS+GjJDKMGkiQeZ4VdPlpTRS7mKCsHdruQafBjsz0d 0DcQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=FtvYOYxztxbWsU9/lKjUQ/gy5B0HYQB6YbiXWNKXOpM=; b=vpWAzdcivUXQvjkDe62MWfdNx3u7gdua3M/ZWN16ImX+pilzX5iDMbB+NNANf8BqM2 STNtrNrwiOpdVqhm3VEHruGn1P9Mz72cNgpDKKFWWdqqTU/bYm2w+hkLFqcsRybrII46 4yLdSdhRmf0ynrdd7jVuMylPIeMqWAuMdxlwV7fAprVQjGIJxfKpRoD5Amq1D4gWRVqh 6tCA0AT1k6VNp+kk6HNC58Cz7hYavX72uxNxoSsaBs2mp+lyMOKMJWI5mPgwoKzJwZmw gV5QIKXe0ZytLDV06q4528Ri9fvAN3fF9rXZNhRrTeCfYLBB11oF8D0+tDRIN4lrF+lP okOA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=OLPdHgSz; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s11si7009259pgp.326.2019.06.09.04.55.25; Sun, 09 Jun 2019 04:55:26 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=OLPdHgSz; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728491AbfFILzY (ORCPT + 3 others); Sun, 9 Jun 2019 07:55:24 -0400 Received: from mail-wr1-f68.google.com ([209.85.221.68]:35770 "EHLO mail-wr1-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728489AbfFILzX (ORCPT ); Sun, 9 Jun 2019 07:55:23 -0400 Received: by mail-wr1-f68.google.com with SMTP id m3so6397118wrv.2 for ; Sun, 09 Jun 2019 04:55:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=FtvYOYxztxbWsU9/lKjUQ/gy5B0HYQB6YbiXWNKXOpM=; b=OLPdHgSzFB1MTVBS8K5hN47PvE3j+y5cIZLb7UZa7CDVK/icDJolMMoWsbaqWXQv90 x1Uyb3jdC/qOgYOZQ4n3JzM6V4z8GVqcsfslB8g9iYALbttFmCPU2yRlCiE4arLI81o7 Rr3soYdiw5TX3oCMUthupMc3zsVq9Ad57qRFRZQQxZIGiqVAM2IhLjLFrh9wRIKBjuew rvDgmxUQ56Im6FRBJaaiRkGTHQ9C8rt/xhVuevjCHhB5MzDPnGsovMws+nUtovpB1qkO V5pvXQgOVA2g4BWXViD89dSuaqk781I1QwjuBTxSU8vCS/LSbirAgatG5S38vvcf1Ock wYlg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=FtvYOYxztxbWsU9/lKjUQ/gy5B0HYQB6YbiXWNKXOpM=; b=ScPtAPdMX1gUP4wMIzsjFM62N+8aKPwKub4ab7ywpODFOOJdAdOOaSVQOXH3IyRxml 5cdpPZhfA3s4sL60I63ul6U/4qxtQPyjP8mWzlVUqZptZ5mLovABpEvXcHYqjowFNIYF TCeGaAq3XpJ0HKqZbuRqWAl/V+k/XpK70eR1U4FbF/Hcc63NNaUrNtDhvdjVHG311KmP 5B2xa1GjzQeZ14HRyJDOxM+WNPXOkkvGhfAyWiISFYiOXQ4fTVPXTEK1q3eC8mXlj5V8 RHyZVCRw6Tm4enXmT7XIsbtfjl17Pscw/7lsrJ32l0wf0MmI9mRbk69ohKj1zzz027hb qq7g== X-Gm-Message-State: APjAAAX8A5W6kctl1I0vjArC+1bjGpwKTA4eQFFXwm1j3rfgupw9RcEs hiMAdRhQJKdZsrnKTk1hbnXPGft0A6qbdA== X-Received: by 2002:adf:ee48:: with SMTP id w8mr18631727wro.308.1560081321031; Sun, 09 Jun 2019 04:55:21 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:5129:23cd:5870:89d4]) by smtp.gmail.com with ESMTPSA id r5sm14954317wrg.10.2019.06.09.04.55.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 09 Jun 2019 04:55:20 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , linux-cifs@vger.kernel.org, Steve French Subject: [PATCH v2 7/7] fs: cifs: switch to RC4 library interface Date: Sun, 9 Jun 2019 13:55:09 +0200 Message-Id: <20190609115509.26260-8-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190609115509.26260-1-ard.biesheuvel@linaro.org> References: <20190609115509.26260-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The CIFS code uses the sync skcipher API to invoke the ecb(arc4) skcipher, of which only a single generic C code implementation exists. This means that going through all the trouble of using scatterlists etc buys us very little, and we're better off just invoking the arc4 library directly. Cc: linux-cifs@vger.kernel.org Cc: Steve French Signed-off-by: Ard Biesheuvel --- fs/cifs/Kconfig | 2 +- fs/cifs/cifsencrypt.c | 50 +++++--------------- 2 files changed, 13 insertions(+), 39 deletions(-) -- 2.20.1 diff --git a/fs/cifs/Kconfig b/fs/cifs/Kconfig index aae2b8b2adf5..523e9ea78a28 100644 --- a/fs/cifs/Kconfig +++ b/fs/cifs/Kconfig @@ -10,7 +10,7 @@ config CIFS select CRYPTO_SHA512 select CRYPTO_CMAC select CRYPTO_HMAC - select CRYPTO_ARC4 + select CRYPTO_LIB_ARC4 select CRYPTO_AEAD2 select CRYPTO_CCM select CRYPTO_ECB diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index d2a05e46d6f5..d0ab5a38e5d2 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -33,7 +33,7 @@ #include #include #include -#include +#include #include int __cifs_calc_signature(struct smb_rqst *rqst, @@ -772,11 +772,9 @@ setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp) int calc_seckey(struct cifs_ses *ses) { - int rc; - struct crypto_skcipher *tfm_arc4; - struct scatterlist sgin, sgout; - struct skcipher_request *req; + struct crypto_arc4_ctx *ctx_arc4; unsigned char *sec_key; + int rc = 0; sec_key = kmalloc(CIFS_SESS_KEY_SIZE, GFP_KERNEL); if (sec_key == NULL) @@ -784,49 +782,25 @@ calc_seckey(struct cifs_ses *ses) get_random_bytes(sec_key, CIFS_SESS_KEY_SIZE); - tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC); - if (IS_ERR(tfm_arc4)) { - rc = PTR_ERR(tfm_arc4); - cifs_dbg(VFS, "could not allocate crypto API arc4\n"); - goto out; - } - - rc = crypto_skcipher_setkey(tfm_arc4, ses->auth_key.response, - CIFS_SESS_KEY_SIZE); - if (rc) { - cifs_dbg(VFS, "%s: Could not set response as a key\n", - __func__); - goto out_free_cipher; - } - - req = skcipher_request_alloc(tfm_arc4, GFP_KERNEL); - if (!req) { + ctx_arc4 = kmalloc(sizeof(*ctx_arc4), GFP_KERNEL); + if (!ctx_arc4) { rc = -ENOMEM; - cifs_dbg(VFS, "could not allocate crypto API arc4 request\n"); - goto out_free_cipher; + cifs_dbg(VFS, "could not allocate arc4 context\n"); + goto out; } - sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE); - sg_init_one(&sgout, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE); - - skcipher_request_set_callback(req, 0, NULL, NULL); - skcipher_request_set_crypt(req, &sgin, &sgout, CIFS_CPHTXT_SIZE, NULL); - - rc = crypto_skcipher_encrypt(req); - skcipher_request_free(req); - if (rc) { - cifs_dbg(VFS, "could not encrypt session key rc: %d\n", rc); - goto out_free_cipher; - } + crypto_arc4_set_key(ctx_arc4, ses->auth_key.response, + CIFS_SESS_KEY_SIZE); + crypto_arc4_crypt(ctx_arc4, ses->ntlmssp->ciphertext, sec_key, + CIFS_CPHTXT_SIZE); /* make secondary_key/nonce as session key */ memcpy(ses->auth_key.response, sec_key, CIFS_SESS_KEY_SIZE); /* and make len as that of session key only */ ses->auth_key.len = CIFS_SESS_KEY_SIZE; -out_free_cipher: - crypto_free_skcipher(tfm_arc4); out: + kfree(ctx_arc4); kfree(sec_key); return rc; }