From patchwork Tue Jun 11 23:09:32 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166497 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2934703ilk; Tue, 11 Jun 2019 16:09:49 -0700 (PDT) X-Google-Smtp-Source: APXvYqzZlWVwF3jHkdOZMzVPxOL901Fzag/fafl+GC+WDWSJtYjh79Vi7+hodmPAR/C5RaYFvf1w X-Received: by 2002:a63:ee0a:: with SMTP id e10mr22037451pgi.28.1560294589377; Tue, 11 Jun 2019 16:09:49 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560294589; cv=none; d=google.com; s=arc-20160816; b=dgiGxhks3F6VDDViNT8YMVx/WfFLRvNcycL+kY2wG3aBdX0XZmxnBtLB+19W0GOV65 ENWyoWDbcwXTbYu/RZTqKN3O7JieQ/2RNH58XGLyjLLK9nzFA8ycYT3AhkR1eIB3rjUk 7UFpmEYNbJCqX6vxU1HoqlGhBGDh/XFX+XVsvcufs5rffIs8oqmhhgCMbvqTgZwCDFKp /2ndlPUu5sEfXTQaEKkCWo2NVC/XmJRW/IQ6wVEJ/dSYkR0MGx5FV1K0AIdAmH0Gg8mn Va6X+8n7PfH2tt37cKVadYi8wQvGYIvyQQ53mh94TOynlmDkFzpUTm/nURGvOWkgTKae 9voA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=stBj9R470eTrFxTy8rUh9qMz0b4KHQ3ldsc1vJio+Ns=; b=f5kLcK8kkBsI/EmRheJVFvGwUCleZqLBdlqxx5nukEzVtHnh/XcGtwkF2NnVhDz4jJ MVo6f2TXl+nit+hp2BofQ6QOgfnOsibynQW1goSXhZ+kSFsmsKA5O16OYJWckucBHbeO dWn/tqaoNzwPXyLvd4Arq3nVVUhmixu8fPNkaaKBQvfLPdABpFAZVyCYT3Gd85NIiIXp moHinMchhhy9qqAX3XFhOislMGNGUYbygtalGX9qR5fZe0K+lu+9X6le63/6GnTRaT69 5dH4iXWdiHDGhVBWRx0jJfc7TkEpecgBiG289+h8Ks9mHXT3Bp4fj/wbUJzEsjFWSRqf 1ULQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=sEUwrC6t; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h21si13653976pgv.266.2019.06.11.16.09.49; Tue, 11 Jun 2019 16:09:49 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=sEUwrC6t; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2407943AbfFKXJs (ORCPT + 3 others); Tue, 11 Jun 2019 19:09:48 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:51630 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2405298AbfFKXJs (ORCPT ); Tue, 11 Jun 2019 19:09:48 -0400 Received: by mail-wm1-f67.google.com with SMTP id 207so4615514wma.1 for ; Tue, 11 Jun 2019 16:09:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=stBj9R470eTrFxTy8rUh9qMz0b4KHQ3ldsc1vJio+Ns=; b=sEUwrC6tHnbBL9+crAN77U9UrNWzyrKbg4jxXQ4RuWZyPSjKDTpwtSBRs1Cq3XveHK 8y93bE+7e7pIJpw3owo9Eqx6lb6W1Iwp/OyKZ0QuMT37C9dc7bwz/FpRyBHf5LNYQJUI qGVQkjnWj5GSulGXQaGi2x3P9tZbjzHe4BGw22MxxSWcIIhQ+e8By5kDhcfxjJkGuWFK SYYJLtBHfKd3I5YnpNAD3wMVnUMtbU4coNQddR9I8RsKNfnIpi2LTtEVCCY6npOyNieY SCRt7Tg6MLsyfcVpaMNttvR7o2ATtlZgTm+kigz07EpD8mK6/7s3nvFy+hl+jJwEhHVZ AyEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=stBj9R470eTrFxTy8rUh9qMz0b4KHQ3ldsc1vJio+Ns=; b=X2McYUYVZ6emWvC6l5aWu8uMelMnXrtULOKarOil3aX08plziyXBDrv89CqtIJ1SBN LC6w53o0o4qOX3zLU8WGUtOonBOK3MDZUSy2IIkhBdYvXp8JGoUZQS6+lpCLmVDNaQMv MGmxkfGydoNZg1vE/l2h1NDsJWzRRl+lIp081KiqNvmW1hRE8xonVyk6XsTj4dxGO91/ cczr6mPXPMRsVTU9SHnORj9l10ig35tbQt3E57djoilmLBv+BW6hZcP3W/MQAllNPbNh QYn2X0Y0BYLB4cJ0CmpgJNvfZ2cKhGv5pNY/uezBntVOJAczarkg2mgcb8S9npe0ih3d 3YBg== X-Gm-Message-State: APjAAAVYCylDxz+/kUiajoa1S7PK5vYe1tiDAJSEuzvtu8Zv1tIFy2vq DnC95YZQjVVixK5iElDQpMY354/jy/bWnNm7 X-Received: by 2002:a1c:ef10:: with SMTP id n16mr17637860wmh.134.1560294585049; Tue, 11 Jun 2019 16:09:45 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id g11sm10827813wrq.89.2019.06.11.16.09.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 16:09:44 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg Subject: [PATCH v4 1/7] crypto: arc4 - refactor arc4 core code into separate library Date: Wed, 12 Jun 2019 01:09:32 +0200 Message-Id: <20190611230938.19265-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611230938.19265-1-ard.biesheuvel@linaro.org> References: <20190611230938.19265-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org Refactor the core rc4 handling so we can move most users to a library interface, permitting us to drop the cipher interface entirely in a future patch. This is part of an effort to simplify the crypto API and improve its robustness against incorrect use. Signed-off-by: Ard Biesheuvel --- MAINTAINERS | 1 + crypto/Kconfig | 4 ++ crypto/arc4.c | 60 +--------------- include/crypto/arc4.h | 10 +++ lib/Makefile | 2 +- lib/crypto/Makefile | 4 ++ lib/crypto/arc4.c | 72 ++++++++++++++++++++ 7 files changed, 93 insertions(+), 60 deletions(-) -- 2.20.1 diff --git a/MAINTAINERS b/MAINTAINERS index 57f496cff999..112f21066141 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -4241,6 +4241,7 @@ F: crypto/ F: drivers/crypto/ F: include/crypto/ F: include/linux/crypto* +F: lib/crypto/ CRYPTOGRAPHIC RANDOM NUMBER GENERATOR M: Neil Horman diff --git a/crypto/Kconfig b/crypto/Kconfig index 3d056e7da65f..5114b35ef3b4 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -1230,9 +1230,13 @@ config CRYPTO_ANUBIS +config CRYPTO_LIB_ARC4 + tristate + config CRYPTO_ARC4 tristate "ARC4 cipher algorithm" select CRYPTO_BLKCIPHER + select CRYPTO_LIB_ARC4 help ARC4 cipher algorithm. diff --git a/crypto/arc4.c b/crypto/arc4.c index a2120e06bf84..6974dba1b7b9 100644 --- a/crypto/arc4.c +++ b/crypto/arc4.c @@ -13,33 +13,12 @@ #include #include -struct arc4_ctx { - u32 S[256]; - u32 x, y; -}; - static int arc4_set_key(struct crypto_tfm *tfm, const u8 *in_key, unsigned int key_len) { struct arc4_ctx *ctx = crypto_tfm_ctx(tfm); - int i, j = 0, k = 0; - - ctx->x = 1; - ctx->y = 0; - for (i = 0; i < 256; i++) - ctx->S[i] = i; - - for (i = 0; i < 256; i++) { - u32 a = ctx->S[i]; - j = (j + in_key[k] + a) & 0xff; - ctx->S[i] = ctx->S[j]; - ctx->S[j] = a; - if (++k >= key_len) - k = 0; - } - - return 0; + return arc4_setkey(ctx, in_key, key_len); } static int arc4_set_key_skcipher(struct crypto_skcipher *tfm, const u8 *in_key, @@ -48,43 +27,6 @@ static int arc4_set_key_skcipher(struct crypto_skcipher *tfm, const u8 *in_key, return arc4_set_key(&tfm->base, in_key, key_len); } -static void arc4_crypt(struct arc4_ctx *ctx, u8 *out, const u8 *in, - unsigned int len) -{ - u32 *const S = ctx->S; - u32 x, y, a, b; - u32 ty, ta, tb; - - if (len == 0) - return; - - x = ctx->x; - y = ctx->y; - - a = S[x]; - y = (y + a) & 0xff; - b = S[y]; - - do { - S[y] = a; - a = (a + b) & 0xff; - S[x] = b; - x = (x + 1) & 0xff; - ta = S[x]; - ty = (y + ta) & 0xff; - tb = S[ty]; - *out++ = *in++ ^ S[a]; - if (--len == 0) - break; - y = ty; - a = ta; - b = tb; - } while (true); - - ctx->x = x; - ctx->y = y; -} - static void arc4_crypt_one(struct crypto_tfm *tfm, u8 *out, const u8 *in) { arc4_crypt(crypto_tfm_ctx(tfm), out, in, 1); diff --git a/include/crypto/arc4.h b/include/crypto/arc4.h index 5b2c24ab0139..f3c22fe01704 100644 --- a/include/crypto/arc4.h +++ b/include/crypto/arc4.h @@ -6,8 +6,18 @@ #ifndef _CRYPTO_ARC4_H #define _CRYPTO_ARC4_H +#include + #define ARC4_MIN_KEY_SIZE 1 #define ARC4_MAX_KEY_SIZE 256 #define ARC4_BLOCK_SIZE 1 +struct arc4_ctx { + u32 S[256]; + u32 x, y; +}; + +int arc4_setkey(struct arc4_ctx *ctx, const u8 *in_key, unsigned int key_len); +void arc4_crypt(struct arc4_ctx *ctx, u8 *out, const u8 *in, unsigned int len); + #endif /* _CRYPTO_ARC4_H */ diff --git a/lib/Makefile b/lib/Makefile index fb7697031a79..d3daedf93c5a 100644 --- a/lib/Makefile +++ b/lib/Makefile @@ -102,7 +102,7 @@ endif obj-$(CONFIG_DEBUG_INFO_REDUCED) += debug_info.o CFLAGS_debug_info.o += $(call cc-option, -femit-struct-debug-detailed=any) -obj-y += math/ +obj-y += math/ crypto/ obj-$(CONFIG_GENERIC_IOMAP) += iomap.o obj-$(CONFIG_GENERIC_PCI_IOMAP) += pci_iomap.o diff --git a/lib/crypto/Makefile b/lib/crypto/Makefile new file mode 100644 index 000000000000..88195c34932d --- /dev/null +++ b/lib/crypto/Makefile @@ -0,0 +1,4 @@ +# SPDX-License-Identifier: GPL-2.0 + +obj-$(CONFIG_CRYPTO_LIB_ARC4) += libarc4.o +libarc4-y := arc4.o diff --git a/lib/crypto/arc4.c b/lib/crypto/arc4.c new file mode 100644 index 000000000000..fa589eba3d50 --- /dev/null +++ b/lib/crypto/arc4.c @@ -0,0 +1,72 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * Cryptographic API + * + * ARC4 Cipher Algorithm + * + * Jon Oberheide + */ + +#include +#include + +int arc4_setkey(struct arc4_ctx *ctx, const u8 *in_key, unsigned int key_len) +{ + int i, j = 0, k = 0; + + ctx->x = 1; + ctx->y = 0; + + for (i = 0; i < 256; i++) + ctx->S[i] = i; + + for (i = 0; i < 256; i++) { + u32 a = ctx->S[i]; + + j = (j + in_key[k] + a) & 0xff; + ctx->S[i] = ctx->S[j]; + ctx->S[j] = a; + if (++k >= key_len) + k = 0; + } + + return 0; +} +EXPORT_SYMBOL(arc4_setkey); + +void arc4_crypt(struct arc4_ctx *ctx, u8 *out, const u8 *in, unsigned int len) +{ + u32 *const S = ctx->S; + u32 x, y, a, b; + u32 ty, ta, tb; + + if (len == 0) + return; + + x = ctx->x; + y = ctx->y; + + a = S[x]; + y = (y + a) & 0xff; + b = S[y]; + + do { + S[y] = a; + a = (a + b) & 0xff; + S[x] = b; + x = (x + 1) & 0xff; + ta = S[x]; + ty = (y + ta) & 0xff; + tb = S[ty]; + *out++ = *in++ ^ S[a]; + if (--len == 0) + break; + y = ty; + a = ta; + b = tb; + } while (true); + + ctx->x = x; + ctx->y = y; +} +EXPORT_SYMBOL(arc4_crypt); From patchwork Tue Jun 11 23:09:33 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166498 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2934716ilk; Tue, 11 Jun 2019 16:09:50 -0700 (PDT) X-Google-Smtp-Source: APXvYqxPPAtPRIuLutJxO5g6Rj3ExpAQfrfuGfnouWTIbRx3vXKxqjv6km0oIYV0lVgAQ2v/WwFN X-Received: by 2002:a17:90a:9281:: with SMTP id n1mr28346042pjo.25.1560294590132; Tue, 11 Jun 2019 16:09:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560294590; cv=none; d=google.com; s=arc-20160816; b=iwp9qiMCLMrFavEB/bSHNP6s5yBIgHM8iA3G0ZlA6ulgodpcuRjVC855fvPVKUqksi 6QIiwoKXUgJWHeAeQh2cDYm4j3BNGLxEJV9klpRs6kQVlUTA5hC+v84zzH3RNtAXH5i8 NG8NtfXr7/TGk64tcxv8PDBvECfeLZuBP4sPmeLREsQpHzjGbB7mNeIGNaugWCKVPrBU L4ZcO4B5EZMVq1r4E5YG1qq8sYhRhqByJ0/iwCpgsPegPgNBGYM5u0eVIHDBlecp1r8m Z1m69MHw3c0EiOMzuoUSfsMmNRr7EXEsbUPyqi4t8r3KwWJVMLmknntHXp9c2umpDjZY CVWQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=NaiILqgzAo1oM2kDQ2vG7b0YVf55acSEfY/Ju2B3Oi8=; b=kGzipMo65GQ+RcYBUYs88obqgo3+bAFayn6YknLHnk0Xs4v05bpWh9nU4pZLyEu1II 07yLV+jW4cJ/kvIFkms3Mq25AM28HcKfTdFiHI/gYMYp/AuvBZNoi5Jzqh4wNt7W+yhA 7+0gQTlkfDASH3uaU+iXNLcdJgC22RIIi1hgQfwvEqrj+HCyVOuQVnZ4OFGYZ4ICYbuc 80DcKiM8ud5VpvJ4+l/d+IY2i4xWUeKi8ZlhgRzO/P+YukPgil/Y75pR7ElPKtLtm2UV Xl8kzG1x1C8bJbiRBCncT70kS9N5BO4qfu2Fp8PRhyFmqJntGlk8HL18HWHdx29hBRgH uAxg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ZJd6DKeD; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h21si13653976pgv.266.2019.06.11.16.09.49; Tue, 11 Jun 2019 16:09:50 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ZJd6DKeD; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2405298AbfFKXJt (ORCPT + 3 others); Tue, 11 Jun 2019 19:09:49 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:43081 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2404669AbfFKXJt (ORCPT ); Tue, 11 Jun 2019 19:09:49 -0400 Received: by mail-wr1-f65.google.com with SMTP id p13so4696947wru.10 for ; Tue, 11 Jun 2019 16:09:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=NaiILqgzAo1oM2kDQ2vG7b0YVf55acSEfY/Ju2B3Oi8=; b=ZJd6DKeD1AzxELcM7gSOw56dlK9S+YNKBJusK8wo0dJlJzkqnq01vXncEmLd66Rlhd p0owB7NGeTVvPzaKGK71o5HaQXrKxn4UaQOaiD65m0qMkG4nRSvpsgQ9DkTs1GEzZqt0 Hd4opH3CPAjuhphznsiP0v4cluxkU4OeyU6cyoaKKg6VCrkLkXc2TJ91YAlImJtBYqIK XxOnVyAtkopQfjQCRpikcGGPQyiS4sHwZeHwFWBqA3e6HNImDW/bpRqtDlwpiAp1WBsu LEbnaBUBJdagwwHKFpKxE3TEG2JR8q2yyRN8413dS7PN8SX3FXk9rhcAcArC+TvB7iGW /ELg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=NaiILqgzAo1oM2kDQ2vG7b0YVf55acSEfY/Ju2B3Oi8=; b=c6uaOvwHI9JS/47kZ3P0SaqG5ar3HxwPQwhdLiN2/QPcxnE97VIZEkzKbzTp5sJ20Q vT7ravQJN+19oKdXJBLq2VckVZkSdRC/K44U6fAArl5hNvbppxNoLPciFB0k7FP8tgws juM3sC9wdkRQzObiZJAIz7X3txrgp7beny6lt3dOF9KF/yeQbPkLYDaxn5iowAhSIysG m1xl0bPBVOIzAw8MqhF87ucSa9ZK0kLZoKkQP41rAqSOGE4t8UuB+CntywTgXzefeHvR PtSCeG98cbt39iwNOJvOwJ4MBQ/M87kd3hjRZ6M+V8ztTvbgOcEorUxzt444LVBMrqh9 6nqw== X-Gm-Message-State: APjAAAWBcy8+CjaCGPgBPplGrEZKbQVdehyctaM6kliYbvvwq19G8wA1 Fn6ToMwEeHM5tuZoIc9gOdxboFzjGIZ3B17c X-Received: by 2002:a05:6000:1289:: with SMTP id f9mr13404989wrx.125.1560294586194; Tue, 11 Jun 2019 16:09:46 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id g11sm10827813wrq.89.2019.06.11.16.09.45 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 16:09:45 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg Subject: [PATCH v4 2/7] net/mac80211: move WEP handling to ARC4 library interface Date: Wed, 12 Jun 2019 01:09:33 +0200 Message-Id: <20190611230938.19265-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611230938.19265-1-ard.biesheuvel@linaro.org> References: <20190611230938.19265-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The WEP code in the mac80211 subsystem currently uses the crypto API to access the arc4 (RC4) cipher, which is overly complicated, and doesn't really have an upside in this particular case, since ciphers are always synchronous and therefore always implemented in software. Given that we have no accelerated software implementations either, it is much more straightforward to invoke a generic library interface directly. Signed-off-by: Ard Biesheuvel --- net/mac80211/Kconfig | 2 +- net/mac80211/cfg.c | 4 +- net/mac80211/ieee80211_i.h | 4 +- net/mac80211/key.h | 1 + net/mac80211/main.c | 6 +-- net/mac80211/mlme.c | 3 +- net/mac80211/tkip.c | 8 ++-- net/mac80211/tkip.h | 4 +- net/mac80211/wep.c | 49 ++++---------------- net/mac80211/wep.h | 5 +- net/mac80211/wpa.c | 4 +- 11 files changed, 30 insertions(+), 60 deletions(-) -- 2.20.1 diff --git a/net/mac80211/Kconfig b/net/mac80211/Kconfig index 0227cce9685e..0c93b1b7a826 100644 --- a/net/mac80211/Kconfig +++ b/net/mac80211/Kconfig @@ -3,7 +3,7 @@ config MAC80211 tristate "Generic IEEE 802.11 Networking Stack (mac80211)" depends on CFG80211 select CRYPTO - select CRYPTO_ARC4 + select CRYPTO_LIB_ARC4 select CRYPTO_AES select CRYPTO_CCM select CRYPTO_GCM diff --git a/net/mac80211/cfg.c b/net/mac80211/cfg.c index a1973a26c7fc..3fae902937fd 100644 --- a/net/mac80211/cfg.c +++ b/net/mac80211/cfg.c @@ -14,6 +14,7 @@ #include #include #include +#include #include #include #include "ieee80211_i.h" @@ -402,9 +403,8 @@ static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev, case WLAN_CIPHER_SUITE_WEP40: case WLAN_CIPHER_SUITE_TKIP: case WLAN_CIPHER_SUITE_WEP104: - if (IS_ERR(local->wep_tx_tfm)) + if (WARN_ON_ONCE(fips_enabled)) return -EINVAL; - break; case WLAN_CIPHER_SUITE_CCMP: case WLAN_CIPHER_SUITE_CCMP_256: case WLAN_CIPHER_SUITE_AES_CMAC: diff --git a/net/mac80211/ieee80211_i.h b/net/mac80211/ieee80211_i.h index 073a8235ae1b..412da8cfbc36 100644 --- a/net/mac80211/ieee80211_i.h +++ b/net/mac80211/ieee80211_i.h @@ -1258,8 +1258,8 @@ struct ieee80211_local { struct rate_control_ref *rate_ctrl; - struct crypto_cipher *wep_tx_tfm; - struct crypto_cipher *wep_rx_tfm; + struct arc4_ctx wep_tx_ctx; + struct arc4_ctx wep_rx_ctx; u32 wep_iv; /* see iface.c */ diff --git a/net/mac80211/key.h b/net/mac80211/key.h index f06fbd03d235..6c5bbaebd02c 100644 --- a/net/mac80211/key.h +++ b/net/mac80211/key.h @@ -14,6 +14,7 @@ #include #include #include +#include #include #define NUM_DEFAULT_KEYS 4 diff --git a/net/mac80211/main.c b/net/mac80211/main.c index 2b608044ae23..93c4a2d0623e 100644 --- a/net/mac80211/main.c +++ b/net/mac80211/main.c @@ -13,6 +13,7 @@ #include #include +#include #include #include #include @@ -733,8 +734,7 @@ EXPORT_SYMBOL(ieee80211_alloc_hw_nm); static int ieee80211_init_cipher_suites(struct ieee80211_local *local) { - bool have_wep = !(IS_ERR(local->wep_tx_tfm) || - IS_ERR(local->wep_rx_tfm)); + bool have_wep = !fips_enabled; /* FIPS does not permit the use of RC4 */ bool have_mfp = ieee80211_hw_check(&local->hw, MFP_CAPABLE); int n_suites = 0, r = 0, w = 0; u32 *suites; @@ -1301,7 +1301,6 @@ int ieee80211_register_hw(struct ieee80211_hw *hw) fail_rate: rtnl_unlock(); ieee80211_led_exit(local); - ieee80211_wep_free(local); fail_flows: destroy_workqueue(local->workqueue); fail_workqueue: @@ -1358,7 +1357,6 @@ void ieee80211_unregister_hw(struct ieee80211_hw *hw) destroy_workqueue(local->workqueue); wiphy_unregister(local->hw.wiphy); - ieee80211_wep_free(local); ieee80211_led_exit(local); kfree(local->int_scan_req); } diff --git a/net/mac80211/mlme.c b/net/mac80211/mlme.c index b7a9fe3d5fcb..048a07b101b4 100644 --- a/net/mac80211/mlme.c +++ b/net/mac80211/mlme.c @@ -15,6 +15,7 @@ */ #include +#include #include #include #include @@ -5038,7 +5039,7 @@ int ieee80211_mgd_auth(struct ieee80211_sub_if_data *sdata, auth_alg = WLAN_AUTH_OPEN; break; case NL80211_AUTHTYPE_SHARED_KEY: - if (IS_ERR(local->wep_tx_tfm)) + if (fips_enabled) return -EOPNOTSUPP; auth_alg = WLAN_AUTH_SHARED_KEY; break; diff --git a/net/mac80211/tkip.c b/net/mac80211/tkip.c index b3622823bad2..96b87fc7122e 100644 --- a/net/mac80211/tkip.c +++ b/net/mac80211/tkip.c @@ -222,7 +222,7 @@ EXPORT_SYMBOL(ieee80211_get_tkip_p2k); * @payload_len is the length of payload (_not_ including IV/ICV length). * @ta is the transmitter addresses. */ -int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_encrypt_data(struct arc4_ctx *ctx, struct ieee80211_key *key, struct sk_buff *skb, u8 *payload, size_t payload_len) @@ -231,7 +231,7 @@ int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, ieee80211_get_tkip_p2k(&key->conf, skb, rc4key); - return ieee80211_wep_encrypt_data(tfm, rc4key, 16, + return ieee80211_wep_encrypt_data(ctx, rc4key, 16, payload, payload_len); } @@ -239,7 +239,7 @@ int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, * beginning of the buffer containing IEEE 802.11 header payload, i.e., * including IV, Ext. IV, real data, Michael MIC, ICV. @payload_len is the * length of payload, including IV, Ext. IV, MIC, ICV. */ -int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_decrypt_data(struct arc4_ctx *ctx, struct ieee80211_key *key, u8 *payload, size_t payload_len, u8 *ta, u8 *ra, int only_iv, int queue, @@ -297,7 +297,7 @@ int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, tkip_mixing_phase2(tk, &rx_ctx->ctx, iv16, rc4key); - res = ieee80211_wep_decrypt_data(tfm, rc4key, 16, pos, payload_len - 12); + res = ieee80211_wep_decrypt_data(ctx, rc4key, 16, pos, payload_len - 12); done: if (res == TKIP_DECRYPT_OK) { /* diff --git a/net/mac80211/tkip.h b/net/mac80211/tkip.h index a1bcbfbefe7c..798583056201 100644 --- a/net/mac80211/tkip.h +++ b/net/mac80211/tkip.h @@ -13,7 +13,7 @@ #include #include "key.h" -int ieee80211_tkip_encrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_encrypt_data(struct arc4_ctx *ctx, struct ieee80211_key *key, struct sk_buff *skb, u8 *payload, size_t payload_len); @@ -24,7 +24,7 @@ enum { TKIP_DECRYPT_INVALID_KEYIDX = -2, TKIP_DECRYPT_REPLAY = -3, }; -int ieee80211_tkip_decrypt_data(struct crypto_cipher *tfm, +int ieee80211_tkip_decrypt_data(struct arc4_ctx *ctx, struct ieee80211_key *key, u8 *payload, size_t payload_len, u8 *ta, u8 *ra, int only_iv, int queue, diff --git a/net/mac80211/wep.c b/net/mac80211/wep.c index bfe9ed9f4c48..9f5673736967 100644 --- a/net/mac80211/wep.c +++ b/net/mac80211/wep.c @@ -30,30 +30,9 @@ int ieee80211_wep_init(struct ieee80211_local *local) /* start WEP IV from a random value */ get_random_bytes(&local->wep_iv, IEEE80211_WEP_IV_LEN); - local->wep_tx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(local->wep_tx_tfm)) { - local->wep_rx_tfm = ERR_PTR(-EINVAL); - return PTR_ERR(local->wep_tx_tfm); - } - - local->wep_rx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(local->wep_rx_tfm)) { - crypto_free_cipher(local->wep_tx_tfm); - local->wep_tx_tfm = ERR_PTR(-EINVAL); - return PTR_ERR(local->wep_rx_tfm); - } - return 0; } -void ieee80211_wep_free(struct ieee80211_local *local) -{ - if (!IS_ERR(local->wep_tx_tfm)) - crypto_free_cipher(local->wep_tx_tfm); - if (!IS_ERR(local->wep_rx_tfm)) - crypto_free_cipher(local->wep_rx_tfm); -} - static inline bool ieee80211_wep_weak_iv(u32 iv, int keylen) { /* @@ -131,21 +110,17 @@ static void ieee80211_wep_remove_iv(struct ieee80211_local *local, /* Perform WEP encryption using given key. data buffer must have tailroom * for 4-byte ICV. data_len must not include this ICV. Note: this function * does _not_ add IV. data = RC4(data | CRC32(data)) */ -int ieee80211_wep_encrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_encrypt_data(struct arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len) { __le32 icv; - int i; - - if (IS_ERR(tfm)) - return -1; icv = cpu_to_le32(~crc32_le(~0, data, data_len)); put_unaligned(icv, (__le32 *)(data + data_len)); - crypto_cipher_setkey(tfm, rc4key, klen); - for (i = 0; i < data_len + IEEE80211_WEP_ICV_LEN; i++) - crypto_cipher_encrypt_one(tfm, data + i, data + i); + arc4_setkey(ctx, rc4key, klen); + arc4_crypt(ctx, data, data, data_len + IEEE80211_WEP_ICV_LEN); + memzero_explicit(ctx, sizeof(*ctx)); return 0; } @@ -184,7 +159,7 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local, /* Add room for ICV */ skb_put(skb, IEEE80211_WEP_ICV_LEN); - return ieee80211_wep_encrypt_data(local->wep_tx_tfm, rc4key, keylen + 3, + return ieee80211_wep_encrypt_data(&local->wep_tx_ctx, rc4key, keylen + 3, iv + IEEE80211_WEP_IV_LEN, len); } @@ -192,18 +167,14 @@ int ieee80211_wep_encrypt(struct ieee80211_local *local, /* Perform WEP decryption using given key. data buffer includes encrypted * payload, including 4-byte ICV, but _not_ IV. data_len must not include ICV. * Return 0 on success and -1 on ICV mismatch. */ -int ieee80211_wep_decrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_decrypt_data(struct arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len) { __le32 crc; - int i; - - if (IS_ERR(tfm)) - return -1; - crypto_cipher_setkey(tfm, rc4key, klen); - for (i = 0; i < data_len + IEEE80211_WEP_ICV_LEN; i++) - crypto_cipher_decrypt_one(tfm, data + i, data + i); + arc4_setkey(ctx, rc4key, klen); + arc4_crypt(ctx, data, data, data_len + IEEE80211_WEP_ICV_LEN); + memzero_explicit(ctx, sizeof(*ctx)); crc = cpu_to_le32(~crc32_le(~0, data, data_len)); if (memcmp(&crc, data + data_len, IEEE80211_WEP_ICV_LEN) != 0) @@ -256,7 +227,7 @@ static int ieee80211_wep_decrypt(struct ieee80211_local *local, /* Copy rest of the WEP key (the secret part) */ memcpy(rc4key + 3, key->conf.key, key->conf.keylen); - if (ieee80211_wep_decrypt_data(local->wep_rx_tfm, rc4key, klen, + if (ieee80211_wep_decrypt_data(&local->wep_rx_ctx, rc4key, klen, skb->data + hdrlen + IEEE80211_WEP_IV_LEN, len)) ret = -1; diff --git a/net/mac80211/wep.h b/net/mac80211/wep.h index 9615749d1f65..3644f4a5bb87 100644 --- a/net/mac80211/wep.h +++ b/net/mac80211/wep.h @@ -17,13 +17,12 @@ #include "key.h" int ieee80211_wep_init(struct ieee80211_local *local); -void ieee80211_wep_free(struct ieee80211_local *local); -int ieee80211_wep_encrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_encrypt_data(struct arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len); int ieee80211_wep_encrypt(struct ieee80211_local *local, struct sk_buff *skb, const u8 *key, int keylen, int keyidx); -int ieee80211_wep_decrypt_data(struct crypto_cipher *tfm, u8 *rc4key, +int ieee80211_wep_decrypt_data(struct arc4_ctx *ctx, u8 *rc4key, size_t klen, u8 *data, size_t data_len); ieee80211_rx_result diff --git a/net/mac80211/wpa.c b/net/mac80211/wpa.c index 58d0b258b684..02e8ab7b2b4c 100644 --- a/net/mac80211/wpa.c +++ b/net/mac80211/wpa.c @@ -242,7 +242,7 @@ static int tkip_encrypt_skb(struct ieee80211_tx_data *tx, struct sk_buff *skb) /* Add room for ICV */ skb_put(skb, IEEE80211_TKIP_ICV_LEN); - return ieee80211_tkip_encrypt_data(tx->local->wep_tx_tfm, + return ieee80211_tkip_encrypt_data(&tx->local->wep_tx_ctx, key, skb, pos, len); } @@ -293,7 +293,7 @@ ieee80211_crypto_tkip_decrypt(struct ieee80211_rx_data *rx) if (status->flag & RX_FLAG_DECRYPTED) hwaccel = 1; - res = ieee80211_tkip_decrypt_data(rx->local->wep_rx_tfm, + res = ieee80211_tkip_decrypt_data(&rx->local->wep_rx_ctx, key, skb->data + hdrlen, skb->len - hdrlen, rx->sta->sta.addr, hdr->addr1, hwaccel, rx->security_idx, From patchwork Tue Jun 11 23:09:34 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166499 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2934777ilk; Tue, 11 Jun 2019 16:09:53 -0700 (PDT) X-Google-Smtp-Source: APXvYqzYo/0iz/1RtUYYdaTiINWaV6b2gamVmf7MKO1QdKXwqFsOoHH9+BSdxfcBIGAIMX6z6uQl X-Received: by 2002:a63:b547:: with SMTP id u7mr22867110pgo.322.1560294593134; Tue, 11 Jun 2019 16:09:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560294593; cv=none; d=google.com; s=arc-20160816; b=G3+tX2kkgLRBicCIS9rXJrWLarJJXkJVgi0WK9m4BoE7biLizSW59YRCyLSd2JeV2s LlhfL+CMyfhmHAx7s1IDSmb2zD00ogHXzAT3xY/3BLsukw070eeejEK9/vwMBHvvi3an kdUM4jXbvjFghiRKZanQeRqFCjwq/BNLiZNeKxnEb3IL7+WX9bLGBT5BXlr3REY8zDwg ukVibWcyweEpLWGyAw+YkwSIvDGZ642V01sP58+g4gPT1ugZ8Eghopu5tP0sXh2r/bi2 BFU09FgrVVmCFV5zx7RYRNQR9GnQySpQMaTyy6q8SlUr8Y9obw0y6MQIDMvWF23pcVuP BVbg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=OwqgljQ1B81ow4cCya6JJaWKyb9eZkcUJZbKrShyt74=; b=P2DX6ly+gPiV3GtjMA5wzC8U0EmpeaUcxOjjC3S30pGqUaPLDbd0pxLdtJWFHLze7S 8eg0ggDloXasee6kAkJMN/aa+LbzLkuSl1OOZihiE/4AvD++IGQw2uqBQgn497MMKXJx Zwa27wHC/XyTWSLfIJln/FnzmAqsoXss/b0UcbZgXLC8kKfxVomWNog0pyenzZ36xPGC /m66tRrU0+3aDn9gg2+YTBh/cQ6zsy1In971rnbrcKWSypvWjPOwllfu9VGmZEmDRnWu wOE0lDfFj8fQtTA0bOH2c+CKdmYQMAOUWWMf3GpwPSJ2qkaJHjw7MdhZ8xBtqJ0m4bT9 V1kA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ego+R3yL; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h21si13653976pgv.266.2019.06.11.16.09.52; Tue, 11 Jun 2019 16:09:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ego+R3yL; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2407946AbfFKXJw (ORCPT + 3 others); Tue, 11 Jun 2019 19:09:52 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:44379 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2407944AbfFKXJt (ORCPT ); Tue, 11 Jun 2019 19:09:49 -0400 Received: by mail-wr1-f67.google.com with SMTP id b17so14781735wrq.11 for ; Tue, 11 Jun 2019 16:09:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=OwqgljQ1B81ow4cCya6JJaWKyb9eZkcUJZbKrShyt74=; b=ego+R3yLJjqYVtyUtNrsfCkWcown+rLk6UiEMaUUHboV16q9o9u6eUIx0pPbTGUl78 s6l9Eu2dLFAUXEJSrIG7rQ61m8dSJTtKMZpGXd9Lgq2sYQ2Hxv0PYjiVM6KiIVw3ZZN9 ID6Vfmj69tmcxnAFhIfTX+OPddLrTow8v5bwRUSP/5Cqn3IW6ovVvxbtFdoYxzWBP4cH yG/1DomuX7SwXvJfGcoN5JZMLi0Y724gkGMCMmvwc6QfJCeClju1uT5MKaO0fU4u9RPS iN2Jd/S/SyT8tgfJtjpnSt4nG99xaUsy3Jodom3iaoq0SzmQlFYjCf/drbf+HQLfQMVz h4gA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=OwqgljQ1B81ow4cCya6JJaWKyb9eZkcUJZbKrShyt74=; b=W7LiGRXOY/aU+KpkJNiMur3YOrLW7BHV3tvpAeTYfonAX8rBluwC0kBfd+zUn+kHa/ D6dAU54g+TdTwNYvvHO9IkbzSc9pIj9sil6RhcsmpADejEFAsK59zLAKxTE1RR647Snl +G4lWYWBiulCfbqJ9ZjQa1Yqam7HccZ4cp7tS0GF8+Ab3dW4R4cnwrT3j989FT1J/p4H 0nQSlu3zC/NB+A1u9gnIpeKsDsLLVlsFNZvk3C2J6gu60sk8balGB8r4qLRji0hgo6gf 43TJl1PLDCEh0Rk/5ooRzRV3G1D2m/BjneUybZpucyjryRwKc98JsvdrLPZfFIC+ikkn Zkgw== X-Gm-Message-State: APjAAAWPEkP/wDdFTuvVCUFwbdG2jflbe5m1XfTp44Whmub6eaYkZshi OStLcyQtP25fFHT0D8z/2WHWAUsxwDauxmco X-Received: by 2002:a05:6000:1c9:: with SMTP id t9mr26667190wrx.187.1560294587363; Tue, 11 Jun 2019 16:09:47 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id g11sm10827813wrq.89.2019.06.11.16.09.46 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 16:09:46 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg Subject: [PATCH v4 3/7] net/lib80211: move WEP handling to ARC4 library code Date: Wed, 12 Jun 2019 01:09:34 +0200 Message-Id: <20190611230938.19265-4-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611230938.19265-1-ard.biesheuvel@linaro.org> References: <20190611230938.19265-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The crypto API abstraction is not very useful for invoking ciphers directly, especially in the case of arc4, which only has a generic implementation in C. So let's invoke the library code directly. Signed-off-by: Ard Biesheuvel --- net/wireless/Kconfig | 1 + net/wireless/lib80211_crypt_wep.c | 51 +++++--------------- 2 files changed, 14 insertions(+), 38 deletions(-) -- 2.20.1 diff --git a/net/wireless/Kconfig b/net/wireless/Kconfig index 6310ddede220..6d9c48cea07e 100644 --- a/net/wireless/Kconfig +++ b/net/wireless/Kconfig @@ -213,6 +213,7 @@ config LIB80211 config LIB80211_CRYPT_WEP tristate + select CRYPTO_LIB_ARC4 config LIB80211_CRYPT_CCMP tristate diff --git a/net/wireless/lib80211_crypt_wep.c b/net/wireless/lib80211_crypt_wep.c index 20c1ad63ad44..04e4d66ea19d 100644 --- a/net/wireless/lib80211_crypt_wep.c +++ b/net/wireless/lib80211_crypt_wep.c @@ -11,6 +11,7 @@ */ #include +#include #include #include #include @@ -22,7 +23,7 @@ #include -#include +#include #include MODULE_AUTHOR("Jouni Malinen"); @@ -35,52 +36,31 @@ struct lib80211_wep_data { u8 key[WEP_KEY_LEN + 1]; u8 key_len; u8 key_idx; - struct crypto_cipher *tx_tfm; - struct crypto_cipher *rx_tfm; + struct arc4_ctx tx_ctx; + struct arc4_ctx rx_ctx; }; static void *lib80211_wep_init(int keyidx) { struct lib80211_wep_data *priv; + if (fips_enabled) + return NULL; + priv = kzalloc(sizeof(*priv), GFP_ATOMIC); if (priv == NULL) - goto fail; + return NULL; priv->key_idx = keyidx; - priv->tx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->tx_tfm)) { - priv->tx_tfm = NULL; - goto fail; - } - - priv->rx_tfm = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->rx_tfm)) { - priv->rx_tfm = NULL; - goto fail; - } /* start WEP IV from a random value */ get_random_bytes(&priv->iv, 4); return priv; - - fail: - if (priv) { - crypto_free_cipher(priv->tx_tfm); - crypto_free_cipher(priv->rx_tfm); - kfree(priv); - } - return NULL; } static void lib80211_wep_deinit(void *priv) { - struct lib80211_wep_data *_priv = priv; - if (_priv) { - crypto_free_cipher(_priv->tx_tfm); - crypto_free_cipher(_priv->rx_tfm); - } - kfree(priv); + kzfree(priv); } /* Add WEP IV/key info to a frame that has at least 4 bytes of headroom */ @@ -132,7 +112,6 @@ static int lib80211_wep_encrypt(struct sk_buff *skb, int hdr_len, void *priv) u32 crc, klen, len; u8 *pos, *icv; u8 key[WEP_KEY_LEN + 3]; - int i; /* other checks are in lib80211_wep_build_iv */ if (skb_tailroom(skb) < 4) @@ -160,10 +139,8 @@ static int lib80211_wep_encrypt(struct sk_buff *skb, int hdr_len, void *priv) icv[2] = crc >> 16; icv[3] = crc >> 24; - crypto_cipher_setkey(wep->tx_tfm, key, klen); - - for (i = 0; i < len + 4; i++) - crypto_cipher_encrypt_one(wep->tx_tfm, pos + i, pos + i); + arc4_setkey(&wep->tx_ctx, key, klen); + arc4_crypt(&wep->tx_ctx, pos, pos, len + 4); return 0; } @@ -181,7 +158,6 @@ static int lib80211_wep_decrypt(struct sk_buff *skb, int hdr_len, void *priv) u32 crc, klen, plen; u8 key[WEP_KEY_LEN + 3]; u8 keyidx, *pos, icv[4]; - int i; if (skb->len < hdr_len + 8) return -1; @@ -202,9 +178,8 @@ static int lib80211_wep_decrypt(struct sk_buff *skb, int hdr_len, void *priv) /* Apply RC4 to data and compute CRC32 over decrypted data */ plen = skb->len - hdr_len - 8; - crypto_cipher_setkey(wep->rx_tfm, key, klen); - for (i = 0; i < plen + 4; i++) - crypto_cipher_decrypt_one(wep->rx_tfm, pos + i, pos + i); + arc4_setkey(&wep->rx_ctx, key, klen); + arc4_crypt(&wep->rx_ctx, pos, pos, plen + 4); crc = ~crc32_le(~0, pos, plen); icv[0] = crc; From patchwork Tue Jun 11 23:09:35 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166501 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2934787ilk; Tue, 11 Jun 2019 16:09:53 -0700 (PDT) X-Google-Smtp-Source: APXvYqzhh8p49SBNtaFj3adHHMpLM8rQyLmcneivDanWjlNsAdUBlablF6jwpDkdfGqa3RlQdNzm X-Received: by 2002:aa7:919a:: with SMTP id x26mr68993653pfa.134.1560294593799; Tue, 11 Jun 2019 16:09:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560294593; cv=none; d=google.com; s=arc-20160816; b=h0uUlDh9E8LzW9T+71N7o/8JI0oBMWmidjs74RN6vS4dauDviEjoypPO2wKF2UkAs3 DHp7mjkj8jK1+JlwDUnTwcwX59KSWBLGp7N10bM0YbYojtmicYOh330hTtzvscEojDLq jUZ3T1SvqAgCYH7L4AjiLli0Q60IoW1Ta6B/pfa8pFOxON1e6VFLV5LE2QdGaGGnkkuw UkcZd1d6CwqT/vzmPha57jIrJaITaF2MlCb+lzL2RaiQqAJHbtcaHN5kr0R1NVj1Moai je7HClwjJcJybxe+t6Xwru+cAx9Yq8Iw7oe9on1gYy3Yl3H7q9B7y6Odxsw5mEC6Oeoi 8JSg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=m6lrx96N+/HTU2cRYNepLqRT1HXoGD2ZJBZ5Rjzicn4=; b=OzloEB7ZgzKR++dohFgzpTYwtWNXJZOwelGH0voJdeV0n2U4tbuJkSHrkz1aE0sKvH RyA9LEwtsKcJl6VsDE/vmRKRYtgt1Vtk7tswvegdttDLHDNHg1D24Scop7EObFvTWi8Q WYCMUWrnt8XpbOnjjvMoNsVdb+J/K5D+5N5FwPVF9LF/CxRdGpG85kqy2hdadoEUDEad fqrwxjmIQIP8zxsFx9DmQsw+tIkosxOmWdgTO5MsG5VVif5AMtmC1xj9p4Ao5E2SAFde tu4XeTDRb2gMMGDe4Jvu0znBax/NiQ8T9ypDdQ93OxUupwh1wGr5y1coJ4Vr20n6FuK+ g07w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=IAYd2yE7; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h21si13653976pgv.266.2019.06.11.16.09.53; Tue, 11 Jun 2019 16:09:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=IAYd2yE7; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2407947AbfFKXJw (ORCPT + 3 others); Tue, 11 Jun 2019 19:09:52 -0400 Received: from mail-wr1-f67.google.com ([209.85.221.67]:43086 "EHLO mail-wr1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2404669AbfFKXJv (ORCPT ); Tue, 11 Jun 2019 19:09:51 -0400 Received: by mail-wr1-f67.google.com with SMTP id p13so4697008wru.10 for ; Tue, 11 Jun 2019 16:09:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=m6lrx96N+/HTU2cRYNepLqRT1HXoGD2ZJBZ5Rjzicn4=; b=IAYd2yE7uLIkXSx1AbP0/RxZdmrVhO3G70eJypgZyLFMr4mDN+owMR/Ub8fYn+2N7B DwiLaJ1lfDs1UxPtxIaRnPz0fAiTZfJHbGN/oxr3Y102QQf408l0ArIN/oHTcLKrS72i 2Nl56OMEyL77bQBo3++xDTWh5LvDU6AmgQofxeKJeDZ+MYlYZ9kxaPbv01zgJFsAP8Gl Yqz5taSjXzoXs0oL1HcJY2XU/1hdyQLUPtRBTnfX+4gUTBaNV5th+hvxVPkoeGv6hnn7 AH42QuDzt0MDP139cU38akAY1Z+mZcuvwm7xRvB7YZVW8ueAKJl7dkXkuVSP1euA1qmD gJdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=m6lrx96N+/HTU2cRYNepLqRT1HXoGD2ZJBZ5Rjzicn4=; b=sJWPK0JsTWlBJw5qZVbh/+p2RiX03RIvjDeq7/4HS1BoN3y/HGXY4OWIJ2qIWY5+dP IwQgq+Wt3lm+BLQ5Sxt/LGU9Uabv0SrJ8M9bUWxzwSNTeE70lLz9idWFIwcvBbfvma1F 4sAp8s7YC3yL0G0cMNNveiqjkJ25++H6Lkywf3jN9tJz6VlCxGvy6Gdi1USqccQ2i0oU MnQWP9JYlZMQpgz3pY4I6QFYLPG86g0E1m8z5UgvBxUWShCc0QmbDau3zM28wXOq2Y2X 56xezUwjGcUj/2S7SJT30EVnABc5R9T6YH39l7a8eNvWdHEy7sJ388CkhDKkFYhp6eue NahQ== X-Gm-Message-State: APjAAAXBeq40c45Bvl7IfIfHE6Y3IyGvp9CaqY1vJvvo+ja8mHZ5iaUf yqP/ZzmFZGcrbtAuJ692fkHlJOpFDQmhdx/W X-Received: by 2002:a05:6000:181:: with SMTP id p1mr28182832wrx.247.1560294588640; Tue, 11 Jun 2019 16:09:48 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id g11sm10827813wrq.89.2019.06.11.16.09.47 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 16:09:47 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg Subject: [PATCH v4 4/7] net/lib80211: move TKIP handling to ARC4 library code Date: Wed, 12 Jun 2019 01:09:35 +0200 Message-Id: <20190611230938.19265-5-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611230938.19265-1-ard.biesheuvel@linaro.org> References: <20190611230938.19265-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The crypto API abstraction is not very useful for invoking ciphers directly, especially in the case of arc4, which only has a generic implementation in C. So let's invoke the library code directly. Signed-off-by: Ard Biesheuvel --- net/wireless/lib80211_crypt_tkip.c | 48 +++++++------------- 1 file changed, 17 insertions(+), 31 deletions(-) -- 2.20.1 diff --git a/net/wireless/lib80211_crypt_tkip.c b/net/wireless/lib80211_crypt_tkip.c index 11eaa5956f00..0fd155c4e0a6 100644 --- a/net/wireless/lib80211_crypt_tkip.c +++ b/net/wireless/lib80211_crypt_tkip.c @@ -13,6 +13,7 @@ #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt #include +#include #include #include #include @@ -29,6 +30,7 @@ #include #include +#include #include #include #include @@ -64,9 +66,9 @@ struct lib80211_tkip_data { int key_idx; - struct crypto_cipher *rx_tfm_arc4; + struct arc4_ctx rx_ctx_arc4; + struct arc4_ctx tx_ctx_arc4; struct crypto_shash *rx_tfm_michael; - struct crypto_cipher *tx_tfm_arc4; struct crypto_shash *tx_tfm_michael; /* scratch buffers for virt_to_page() (crypto API) */ @@ -93,30 +95,21 @@ static void *lib80211_tkip_init(int key_idx) { struct lib80211_tkip_data *priv; + if (fips_enabled) + return NULL; + priv = kzalloc(sizeof(*priv), GFP_ATOMIC); if (priv == NULL) goto fail; priv->key_idx = key_idx; - priv->tx_tfm_arc4 = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->tx_tfm_arc4)) { - priv->tx_tfm_arc4 = NULL; - goto fail; - } - priv->tx_tfm_michael = crypto_alloc_shash("michael_mic", 0, 0); if (IS_ERR(priv->tx_tfm_michael)) { priv->tx_tfm_michael = NULL; goto fail; } - priv->rx_tfm_arc4 = crypto_alloc_cipher("arc4", 0, 0); - if (IS_ERR(priv->rx_tfm_arc4)) { - priv->rx_tfm_arc4 = NULL; - goto fail; - } - priv->rx_tfm_michael = crypto_alloc_shash("michael_mic", 0, 0); if (IS_ERR(priv->rx_tfm_michael)) { priv->rx_tfm_michael = NULL; @@ -128,9 +121,7 @@ static void *lib80211_tkip_init(int key_idx) fail: if (priv) { crypto_free_shash(priv->tx_tfm_michael); - crypto_free_cipher(priv->tx_tfm_arc4); crypto_free_shash(priv->rx_tfm_michael); - crypto_free_cipher(priv->rx_tfm_arc4); kfree(priv); } @@ -142,11 +133,9 @@ static void lib80211_tkip_deinit(void *priv) struct lib80211_tkip_data *_priv = priv; if (_priv) { crypto_free_shash(_priv->tx_tfm_michael); - crypto_free_cipher(_priv->tx_tfm_arc4); crypto_free_shash(_priv->rx_tfm_michael); - crypto_free_cipher(_priv->rx_tfm_arc4); } - kfree(priv); + kzfree(priv); } static inline u16 RotR1(u16 val) @@ -345,7 +334,6 @@ static int lib80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) int len; u8 rc4key[16], *pos, *icv; u32 crc; - int i; if (tkey->flags & IEEE80211_CRYPTO_TKIP_COUNTERMEASURES) { struct ieee80211_hdr *hdr = (struct ieee80211_hdr *)skb->data; @@ -370,9 +358,9 @@ static int lib80211_tkip_encrypt(struct sk_buff *skb, int hdr_len, void *priv) icv[2] = crc >> 16; icv[3] = crc >> 24; - crypto_cipher_setkey(tkey->tx_tfm_arc4, rc4key, 16); - for (i = 0; i < len + 4; i++) - crypto_cipher_encrypt_one(tkey->tx_tfm_arc4, pos + i, pos + i); + arc4_setkey(&tkey->tx_ctx_arc4, rc4key, 16); + arc4_crypt(&tkey->tx_ctx_arc4, pos, pos, len + 4); + return 0; } @@ -400,7 +388,6 @@ static int lib80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) u8 icv[4]; u32 crc; int plen; - int i; hdr = (struct ieee80211_hdr *)skb->data; @@ -453,9 +440,8 @@ static int lib80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) plen = skb->len - hdr_len - 12; - crypto_cipher_setkey(tkey->rx_tfm_arc4, rc4key, 16); - for (i = 0; i < plen + 4; i++) - crypto_cipher_decrypt_one(tkey->rx_tfm_arc4, pos + i, pos + i); + arc4_setkey(&tkey->rx_ctx_arc4, rc4key, 16); + arc4_crypt(&tkey->rx_ctx_arc4, pos, pos, plen + 4); crc = ~crc32_le(~0, pos, plen); icv[0] = crc; @@ -640,17 +626,17 @@ static int lib80211_tkip_set_key(void *key, int len, u8 * seq, void *priv) struct lib80211_tkip_data *tkey = priv; int keyidx; struct crypto_shash *tfm = tkey->tx_tfm_michael; - struct crypto_cipher *tfm2 = tkey->tx_tfm_arc4; + struct arc4_ctx *tfm2 = &tkey->tx_ctx_arc4; struct crypto_shash *tfm3 = tkey->rx_tfm_michael; - struct crypto_cipher *tfm4 = tkey->rx_tfm_arc4; + struct arc4_ctx *tfm4 = &tkey->rx_ctx_arc4; keyidx = tkey->key_idx; memset(tkey, 0, sizeof(*tkey)); tkey->key_idx = keyidx; tkey->tx_tfm_michael = tfm; - tkey->tx_tfm_arc4 = tfm2; + tkey->tx_ctx_arc4 = *tfm2; tkey->rx_tfm_michael = tfm3; - tkey->rx_tfm_arc4 = tfm4; + tkey->rx_ctx_arc4 = *tfm4; if (len == TKIP_KEY_LEN) { memcpy(tkey->key, key, TKIP_KEY_LEN); tkey->key_set = 1; From patchwork Tue Jun 11 23:09:36 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166500 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2934782ilk; Tue, 11 Jun 2019 16:09:53 -0700 (PDT) X-Google-Smtp-Source: APXvYqzZZBlnd8oK2vzuEVHyNQfpSl5YoMGAO5riRoyELEpznrouBOerMzZVtMrjquaccB2UMwE9 X-Received: by 2002:a17:902:ab83:: with SMTP id f3mr30543832plr.146.1560294593524; Tue, 11 Jun 2019 16:09:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560294593; cv=none; d=google.com; s=arc-20160816; b=SfJywvH3r34cXhgSWVFf1LpjQZbRWGoPeScmGU6QmEiwAxXpZ6eUFI27qDFwV4hict otZJZQJVROs/0padDx7mchtpIaIq06CXZ4p7al83WGVOvYhun87Ibu3A+KDVekhsbdpG uin8e7UbKP6lqj0YNJvTvyBA103Fzp5w6wpofd99XI6tfBthZnyPnCmsaBFQCZ7zKwqZ 2ULrSlq1YXzg6wRWbHtQzGbNgBoqd0Rqcl//gs6tkRS/9Wt7Vi8MABOBczwlD1iYDiUZ cYli8UJomeKz6eF6EECsdhFyw1oayoNmHgrFKVkxniWNwJYzuGQrJy5f4gwSGdqrHPjd A2iQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=fbFfAJKsga0PzbfD0B7XAZEFIq7kpWzA1cLLaRgcgAY=; b=WLqfTzI3SrNTZS3JjcfncfvJhp6BS2uPkp8WmrLKz5RSaNK0/PfwDH3nU3Cs/DoVa4 YGihlh0C82J8GiezfaWplES4FWa1jlVLgO6rIiNVs/0OhBqvUPEdGpSYYcEtYVeM/sPH OXAfiM97cJLOHsZXYdGofJ5T1P0gODYk5N8xD5FbA0B30P8PAcV8rIt6I7HKjFfIxVKx x8DHlX7Q6KDOpwFX6U/qsroIBKz7TGwrmqSM9YRcc0DOvpUfswNqyh4lk9yPcD0OTUzJ CI6xsBfYVht1t6GDEMPbe1oGwubbPeV7nZf4jFF44RgctabnhB+LaJOmEslEZQWRLV0w 9sCA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bOMcCobR; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h21si13653976pgv.266.2019.06.11.16.09.53; Tue, 11 Jun 2019 16:09:53 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bOMcCobR; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2407948AbfFKXJw (ORCPT + 3 others); Tue, 11 Jun 2019 19:09:52 -0400 Received: from mail-wr1-f66.google.com ([209.85.221.66]:44382 "EHLO mail-wr1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2407947AbfFKXJw (ORCPT ); Tue, 11 Jun 2019 19:09:52 -0400 Received: by mail-wr1-f66.google.com with SMTP id b17so14781806wrq.11 for ; Tue, 11 Jun 2019 16:09:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=fbFfAJKsga0PzbfD0B7XAZEFIq7kpWzA1cLLaRgcgAY=; b=bOMcCobRUQbk/QWR7eKt7dvcIO0/PB+C9MITBHROZlDjRAiTT8Bjqy/Bjq2LgiSVgt 0aXXFQ/4ztEH4TNl9zvaHP5v8QAwk06nExUBzQBEFgAIHrFrav+jY+9iP1dFGMhanL8i vSWbPhzdmHjTRZknabgxbs5fQ8V5AIjvziK31DYU0GeQ7vO1DomiSd/eDWpSjPoVwO/d /dYeL/KU71bfm60u1owCxpUgVvxp4KJe9CKSCZ4+nOWgkWMiCInPvHlYJcVcXlDUvXrz mEcfH5MJURvp3RYnxSfOBTentrrM22AC1DVf6TjyQB5p2O2oh2SBfLFlJXfJPStCgS/n rUbQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=fbFfAJKsga0PzbfD0B7XAZEFIq7kpWzA1cLLaRgcgAY=; b=EIYcc0qsH7qmR+BkzrS+bACLGvrS9jQ2mMtIMbda05V8tJ7uDWugGjEG3Ay5Qnyn1D hB4KPKauC9iDfVZsRZaWb77oHl72FAHFP+OALxmNv3QodadIruA4yNU6QChOHH6N3TiB r/1LY8u8FKL0OCJsoBi5AW2gS4jfhKK8aQ60whLJ5GELOL9mOx00qEtoXrYB/K8D1noM 2uuLttR69I+gVtU7+LGTYLHUXZN0gNvxfAvDLa+tnFV+abEl0N5txDyiU/uDPilgI9b7 v5NfTdV42aZECR0RhYVe7cBRgr2PnHdrrpPfezmzL3phVhveD1t0glWIkBKFbcQQtc7U /E8w== X-Gm-Message-State: APjAAAXhCcbWnnvqC0aJ8yWLPxPJKfbl+EPZO5w8QgDu3qqiKvLpFae/ lSxWG5y5ZN6jJRdY9PmksDk/QpvQDHak1ik5 X-Received: by 2002:a5d:618d:: with SMTP id j13mr29159735wru.195.1560294590135; Tue, 11 Jun 2019 16:09:50 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id g11sm10827813wrq.89.2019.06.11.16.09.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 16:09:49 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg Subject: [PATCH v4 5/7] crypto: arc4 - remove cipher implementation Date: Wed, 12 Jun 2019 01:09:36 +0200 Message-Id: <20190611230938.19265-6-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611230938.19265-1-ard.biesheuvel@linaro.org> References: <20190611230938.19265-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org There are no remaining users of the cipher implementation, and there are no meaningful ways in which the arc4 cipher can be combined with templates other than ECB (and the way we do provide that combination is highly dubious to begin with). So let's drop the arc4 cipher altogether, and only keep the ecb(arc4) skcipher, which is used in various places in the kernel. Signed-off-by: Ard Biesheuvel --- crypto/arc4.c | 56 ++++---------------- 1 file changed, 9 insertions(+), 47 deletions(-) -- 2.20.1 diff --git a/crypto/arc4.c b/crypto/arc4.c index 6974dba1b7b9..35a44e84158e 100644 --- a/crypto/arc4.c +++ b/crypto/arc4.c @@ -13,26 +13,15 @@ #include #include -static int arc4_set_key(struct crypto_tfm *tfm, const u8 *in_key, - unsigned int key_len) +static int crypto_arc4_setkey(struct crypto_skcipher *tfm, const u8 *in_key, + unsigned int key_len) { - struct arc4_ctx *ctx = crypto_tfm_ctx(tfm); + struct arc4_ctx *ctx = crypto_skcipher_ctx(tfm); return arc4_setkey(ctx, in_key, key_len); } -static int arc4_set_key_skcipher(struct crypto_skcipher *tfm, const u8 *in_key, - unsigned int key_len) -{ - return arc4_set_key(&tfm->base, in_key, key_len); -} - -static void arc4_crypt_one(struct crypto_tfm *tfm, u8 *out, const u8 *in) -{ - arc4_crypt(crypto_tfm_ctx(tfm), out, in, 1); -} - -static int ecb_arc4_crypt(struct skcipher_request *req) +static int crypto_arc4_crypt(struct skcipher_request *req) { struct crypto_skcipher *tfm = crypto_skcipher_reqtfm(req); struct arc4_ctx *ctx = crypto_skcipher_ctx(tfm); @@ -50,23 +39,6 @@ static int ecb_arc4_crypt(struct skcipher_request *req) return err; } -static struct crypto_alg arc4_cipher = { - .cra_name = "arc4", - .cra_flags = CRYPTO_ALG_TYPE_CIPHER, - .cra_blocksize = ARC4_BLOCK_SIZE, - .cra_ctxsize = sizeof(struct arc4_ctx), - .cra_module = THIS_MODULE, - .cra_u = { - .cipher = { - .cia_min_keysize = ARC4_MIN_KEY_SIZE, - .cia_max_keysize = ARC4_MAX_KEY_SIZE, - .cia_setkey = arc4_set_key, - .cia_encrypt = arc4_crypt_one, - .cia_decrypt = arc4_crypt_one, - }, - }, -}; - static struct skcipher_alg arc4_skcipher = { .base.cra_name = "ecb(arc4)", .base.cra_priority = 100, @@ -75,28 +47,18 @@ static struct skcipher_alg arc4_skcipher = { .base.cra_module = THIS_MODULE, .min_keysize = ARC4_MIN_KEY_SIZE, .max_keysize = ARC4_MAX_KEY_SIZE, - .setkey = arc4_set_key_skcipher, - .encrypt = ecb_arc4_crypt, - .decrypt = ecb_arc4_crypt, + .setkey = crypto_arc4_setkey, + .encrypt = crypto_arc4_crypt, + .decrypt = crypto_arc4_crypt, }; static int __init arc4_init(void) { - int err; - - err = crypto_register_alg(&arc4_cipher); - if (err) - return err; - - err = crypto_register_skcipher(&arc4_skcipher); - if (err) - crypto_unregister_alg(&arc4_cipher); - return err; + return crypto_register_skcipher(&arc4_skcipher); } static void __exit arc4_exit(void) { - crypto_unregister_alg(&arc4_cipher); crypto_unregister_skcipher(&arc4_skcipher); } @@ -106,4 +68,4 @@ module_exit(arc4_exit); MODULE_LICENSE("GPL"); MODULE_DESCRIPTION("ARC4 Cipher Algorithm"); MODULE_AUTHOR("Jon Oberheide "); -MODULE_ALIAS_CRYPTO("arc4"); +MODULE_ALIAS_CRYPTO("ecb(arc4)"); From patchwork Tue Jun 11 23:09:37 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166502 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2934820ilk; Tue, 11 Jun 2019 16:09:56 -0700 (PDT) X-Google-Smtp-Source: APXvYqxHXOLBzxt7zlCSDJnbF7tViXW/grPlXSgX0v6h+PSlSA1tvfdX0SH8BHlUBa/t3SJ2ygfq X-Received: by 2002:a17:902:e591:: with SMTP id cl17mr45208143plb.59.1560294596094; Tue, 11 Jun 2019 16:09:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560294596; cv=none; d=google.com; s=arc-20160816; b=XDjriQAjjXnF0Ij1Cxb9762OxidzQnMApGSENlvN+l3wj4FPthI75Iwjp1r6PYeTRn LyqxD+Fb6vP7FMBMVXBLLodCWGQmQ/1eG0DqJJSTshXC6LKFQBq/wBxV+3bW2qfLtIOr nEhl18+YP2c5U5BJvnIw/+0ttdczC5zwJqqgYvYcvn4TXJs8zcvdemfn2ukSlFt3XmW1 WwN3THLl0El4ntlqaJsqvU1omXiPq3Qh2dazNj6kN3alCbUcI04DdlZtsEIadwip6pne EjEaMlIongE2ze+CZLNoKw3mFYml8W1/ubWwinR2ABw+fEOVMFaqET507pw3CFz9bKr2 9luw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=eTEZv0K1lF9tA5eNEQyGpuRSHV9usD2RVcNmVJMhy6c=; b=JmRco1iqDYKnUTPZJTPa8ngGbvvbbLp+EldqLVB13lg+PnzMsj5WlewCDnq6gAFHAT O2bYSpveXctiNLg+ZM6eO9HAnghXWkEU1ror3zLURPc+kDaVJky0eGsGxdT0DsiH7tKo ocNMCYxl8gJvVKcp35Qzb+J+E0bwqcHeSKu0yHkCcOZ7n9dM/tFOl60fGCDhTy4p0r2U KExtQUMyV2LxvTNnGVYqnyC9eJKBhnJH6QHFdWYps59+e8Hl7e/Oi31B4qEEMhrYL/h2 IJfFvE8/1q3R2zK2+ufrddCO5uSdyY0Lhjy6u+x8ZZDwlXa8GsRDReOnIS0/gRXgVObo KNww== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=H1abtSRn; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d5si13371299pgc.596.2019.06.11.16.09.55; Tue, 11 Jun 2019 16:09:56 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=H1abtSRn; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2407945AbfFKXJz (ORCPT + 3 others); Tue, 11 Jun 2019 19:09:55 -0400 Received: from mail-wr1-f65.google.com ([209.85.221.65]:37408 "EHLO mail-wr1-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2407944AbfFKXJy (ORCPT ); Tue, 11 Jun 2019 19:09:54 -0400 Received: by mail-wr1-f65.google.com with SMTP id v14so14787857wrr.4 for ; Tue, 11 Jun 2019 16:09:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=eTEZv0K1lF9tA5eNEQyGpuRSHV9usD2RVcNmVJMhy6c=; b=H1abtSRnx6N5T81k0VGsqn+9tRmk4pAbxzr3lRfQ+j4SmDl1RkrvCAE7BPiJf2lBJZ 10kB5jUCvqgiByC3idIosbVez/e4+1xGGu3jbhAVoM16jnfoy6s+pSuZL+7LL4UMU7DF l7WVxRmklXxwDEqB70kmfZIM6nJrt/2gAS0srMegbNXaTOkpQjE3XpM4z4Sft9BYjOa4 DWouJqSTlzOUS8WLONrOzU6zqEevcM596K8N8yvHeE9uzRP2jYSyE6XRIZy6ngUElYiM 4gNqfrB0OWs2ndVVGIm4kmrxS7bMBTEW4MqWSPOhk2JcOswRG1FlM5n52JChODddugc+ 28oQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=eTEZv0K1lF9tA5eNEQyGpuRSHV9usD2RVcNmVJMhy6c=; b=HrfK7p1yAF7Rv1a2TirgtugSgBjcYcOWJ9XBf9JJvt+Iv8r7y6jlvSDucf8xNu7GjA dxfmvlMQuj60ZD87xZDsguourKsjhVcq4Ln5DjAtLBMmJUkXQq1Y9LZoYXZdvWQIeJfR fuCMbrZ/K+SqtUQSaEZFax2PzdwCHkpptg0nQQqPr5d9Np4tolQ0AOFr/zQtBLsfqMb3 hAZ6GP9jGGThMxK4zbi2W3FTQsRD8BtatUSEl5wpxEGJdRrnghj9i+/WGD5RKsylVZ2v ZzJs+xROZws4qDENOGNrO8u8yjKWLDkKm7dF8+vmBosnO4xkbYQJPwxmqV7f2AUBvUHG lMqQ== X-Gm-Message-State: APjAAAW0REYMDN/T4CaRwQ5ZoyEewui4wALlzQo1l/+8oC5/p2dxLS+E 9nusqWhfBCdVEOQRf2HBQQJ+cS8sZvMxHIGH X-Received: by 2002:a5d:6312:: with SMTP id i18mr11440352wru.203.1560294591558; Tue, 11 Jun 2019 16:09:51 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id g11sm10827813wrq.89.2019.06.11.16.09.50 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 16:09:50 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg , linux-ppp@vger.kernel.org, Paul Mackerras Subject: [PATCH v4 6/7] ppp: mppe: switch to RC4 library interface Date: Wed, 12 Jun 2019 01:09:37 +0200 Message-Id: <20190611230938.19265-7-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611230938.19265-1-ard.biesheuvel@linaro.org> References: <20190611230938.19265-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The MPPE code uses the sync skcipher to invoke the ecb(arc4) skcipher, of which only a single generic C code implementation exists. This means that going through all the trouble of using scatterlists etc buys us very little, and we're better off just invoking the arc4 library directly. Note that the SHA1 shash used by this driver has several accelerated implementations for various architectures, so retaining that part does make sense. Cc: linux-ppp@vger.kernel.org Cc: Paul Mackerras Signed-off-by: Ard Biesheuvel --- drivers/net/ppp/Kconfig | 3 +- drivers/net/ppp/ppp_mppe.c | 97 +++----------------- 2 files changed, 15 insertions(+), 85 deletions(-) -- 2.20.1 diff --git a/drivers/net/ppp/Kconfig b/drivers/net/ppp/Kconfig index bf395df3bb37..1a2e2f7629f3 100644 --- a/drivers/net/ppp/Kconfig +++ b/drivers/net/ppp/Kconfig @@ -87,8 +87,7 @@ config PPP_MPPE depends on PPP select CRYPTO select CRYPTO_SHA1 - select CRYPTO_ARC4 - select CRYPTO_ECB + select CRYPTO_LIB_ARC4 ---help--- Support for the MPPE Encryption protocol, as employed by the Microsoft Point-to-Point Tunneling Protocol. diff --git a/drivers/net/ppp/ppp_mppe.c b/drivers/net/ppp/ppp_mppe.c index ff61dd8748de..de3b57d09d0c 100644 --- a/drivers/net/ppp/ppp_mppe.c +++ b/drivers/net/ppp/ppp_mppe.c @@ -42,9 +42,10 @@ * deprecated in 2.6 */ +#include #include -#include #include +#include #include #include #include @@ -65,13 +66,6 @@ MODULE_LICENSE("Dual BSD/GPL"); MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE)); MODULE_VERSION("1.0.2"); -static unsigned int -setup_sg(struct scatterlist *sg, const void *address, unsigned int length) -{ - sg_set_buf(sg, address, length); - return length; -} - #define SHA1_PAD_SIZE 40 /* @@ -95,7 +89,7 @@ static inline void sha_pad_init(struct sha_pad *shapad) * State for an MPPE (de)compressor. */ struct ppp_mppe_state { - struct crypto_sync_skcipher *arc4; + struct arc4_ctx arc4; struct shash_desc *sha1; unsigned char *sha1_digest; unsigned char master_key[MPPE_MAX_KEY_LEN]; @@ -154,24 +148,11 @@ static void get_new_key_from_sha(struct ppp_mppe_state * state) */ static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) { - struct scatterlist sg_in[1], sg_out[1]; - SYNC_SKCIPHER_REQUEST_ON_STACK(req, state->arc4); - - skcipher_request_set_sync_tfm(req, state->arc4); - skcipher_request_set_callback(req, 0, NULL, NULL); - get_new_key_from_sha(state); if (!initial_key) { - crypto_sync_skcipher_setkey(state->arc4, state->sha1_digest, - state->keylen); - sg_init_table(sg_in, 1); - sg_init_table(sg_out, 1); - setup_sg(sg_in, state->sha1_digest, state->keylen); - setup_sg(sg_out, state->session_key, state->keylen); - skcipher_request_set_crypt(req, sg_in, sg_out, state->keylen, - NULL); - if (crypto_skcipher_encrypt(req)) - printk(KERN_WARNING "mppe_rekey: cipher_encrypt failed\n"); + arc4_setkey(&state->arc4, state->sha1_digest, state->keylen); + arc4_crypt(&state->arc4, state->session_key, state->sha1_digest, + state->keylen); } else { memcpy(state->session_key, state->sha1_digest, state->keylen); } @@ -181,9 +162,7 @@ static void mppe_rekey(struct ppp_mppe_state * state, int initial_key) state->session_key[1] = 0x26; state->session_key[2] = 0x9e; } - crypto_sync_skcipher_setkey(state->arc4, state->session_key, - state->keylen); - skcipher_request_zero(req); + arc4_setkey(&state->arc4, state->session_key, state->keylen); } /* @@ -196,7 +175,8 @@ static void *mppe_alloc(unsigned char *options, int optlen) unsigned int digestsize; if (optlen != CILEN_MPPE + sizeof(state->master_key) || - options[0] != CI_MPPE || options[1] != CILEN_MPPE) + options[0] != CI_MPPE || options[1] != CILEN_MPPE || + fips_enabled) goto out; state = kzalloc(sizeof(*state), GFP_KERNEL); @@ -204,12 +184,6 @@ static void *mppe_alloc(unsigned char *options, int optlen) goto out; - state->arc4 = crypto_alloc_sync_skcipher("ecb(arc4)", 0, 0); - if (IS_ERR(state->arc4)) { - state->arc4 = NULL; - goto out_free; - } - shash = crypto_alloc_shash("sha1", 0, 0); if (IS_ERR(shash)) goto out_free; @@ -250,7 +224,6 @@ static void *mppe_alloc(unsigned char *options, int optlen) crypto_free_shash(state->sha1->tfm); kzfree(state->sha1); } - crypto_free_sync_skcipher(state->arc4); kfree(state); out: return NULL; @@ -266,8 +239,7 @@ static void mppe_free(void *arg) kfree(state->sha1_digest); crypto_free_shash(state->sha1->tfm); kzfree(state->sha1); - crypto_free_sync_skcipher(state->arc4); - kfree(state); + kzfree(state); } } @@ -366,10 +338,7 @@ mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, int isize, int osize) { struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; - SYNC_SKCIPHER_REQUEST_ON_STACK(req, state->arc4); int proto; - int err; - struct scatterlist sg_in[1], sg_out[1]; /* * Check that the protocol is in the range we handle. @@ -420,21 +389,7 @@ mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, ibuf += 2; /* skip to proto field */ isize -= 2; - /* Encrypt packet */ - sg_init_table(sg_in, 1); - sg_init_table(sg_out, 1); - setup_sg(sg_in, ibuf, isize); - setup_sg(sg_out, obuf, osize); - - skcipher_request_set_sync_tfm(req, state->arc4); - skcipher_request_set_callback(req, 0, NULL, NULL); - skcipher_request_set_crypt(req, sg_in, sg_out, isize, NULL); - err = crypto_skcipher_encrypt(req); - skcipher_request_zero(req); - if (err) { - printk(KERN_DEBUG "crypto_cypher_encrypt failed\n"); - return -1; - } + arc4_crypt(&state->arc4, obuf, ibuf, isize); state->stats.unc_bytes += isize; state->stats.unc_packets++; @@ -480,10 +435,8 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, int osize) { struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; - SYNC_SKCIPHER_REQUEST_ON_STACK(req, state->arc4); unsigned ccount; int flushed = MPPE_BITS(ibuf) & MPPE_BIT_FLUSHED; - struct scatterlist sg_in[1], sg_out[1]; if (isize <= PPP_HDRLEN + MPPE_OVHD) { if (state->debug) @@ -610,19 +563,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, * Decrypt the first byte in order to check if it is * a compressed or uncompressed protocol field. */ - sg_init_table(sg_in, 1); - sg_init_table(sg_out, 1); - setup_sg(sg_in, ibuf, 1); - setup_sg(sg_out, obuf, 1); - - skcipher_request_set_sync_tfm(req, state->arc4); - skcipher_request_set_callback(req, 0, NULL, NULL); - skcipher_request_set_crypt(req, sg_in, sg_out, 1, NULL); - if (crypto_skcipher_decrypt(req)) { - printk(KERN_DEBUG "crypto_cypher_decrypt failed\n"); - osize = DECOMP_ERROR; - goto out_zap_req; - } + arc4_crypt(&state->arc4, obuf, ibuf, 1); /* * Do PFC decompression. @@ -637,14 +578,7 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, } /* And finally, decrypt the rest of the packet. */ - setup_sg(sg_in, ibuf + 1, isize - 1); - setup_sg(sg_out, obuf + 1, osize - 1); - skcipher_request_set_crypt(req, sg_in, sg_out, isize - 1, NULL); - if (crypto_skcipher_decrypt(req)) { - printk(KERN_DEBUG "crypto_cypher_decrypt failed\n"); - osize = DECOMP_ERROR; - goto out_zap_req; - } + arc4_crypt(&state->arc4, obuf + 1, ibuf + 1, isize - 1); state->stats.unc_bytes += osize; state->stats.unc_packets++; @@ -654,8 +588,6 @@ mppe_decompress(void *arg, unsigned char *ibuf, int isize, unsigned char *obuf, /* good packet credit */ state->sanity_errors >>= 1; -out_zap_req: - skcipher_request_zero(req); return osize; sanity_error: @@ -728,8 +660,7 @@ static struct compressor ppp_mppe = { static int __init ppp_mppe_init(void) { int answer; - if (!(crypto_has_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC) && - crypto_has_ahash("sha1", 0, CRYPTO_ALG_ASYNC))) + if (fips_enabled || !crypto_has_ahash("sha1", 0, CRYPTO_ALG_ASYNC)) return -ENODEV; sha_pad = kmalloc(sizeof(struct sha_pad), GFP_KERNEL); From patchwork Tue Jun 11 23:09:38 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 166503 Delivered-To: patch@linaro.org Received: by 2002:a92:4782:0:0:0:0:0 with SMTP id e2csp2934842ilk; Tue, 11 Jun 2019 16:09:57 -0700 (PDT) X-Google-Smtp-Source: APXvYqwz5Y83/UTXbYcteLm9SWtQlfkPAP5TT7mqr46y1qvPFWQCYOGm2JnSROz4dofBoBZlLOdS X-Received: by 2002:a65:4806:: with SMTP id h6mr21549241pgs.299.1560294597152; Tue, 11 Jun 2019 16:09:57 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1560294597; cv=none; d=google.com; s=arc-20160816; b=WMG1/tEvcCTfyD2idrwNMFGfosHeoEhpsnl2oLdTKxFoZvvUcupGobxOd0O36P8Xba v8D1S2sG3PXFIZTCxYMoTvEbQn6eQy+yQ4xygpIuDXixUHR5pCSVgFM+/MT3nt4751gy 6x8ucG7x4QmIKYOhZ5eoivBwx7LJliZL3DKDYaXoc00FYZNYdYcwgFLosUYZCJ7tR8VZ VlOTb4YIV+yBg62hdUAlB7R16n/pHBKK66MJyjlsUFai/Ia1NI3rmCqmtBRRe+BsoFkB F91JyRXZYgVnobPnZbexd4Rr+QndgMTn9hBXk7iMtN3n/hg/2+wv9kA/8UEBFAH8YFHz +umA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=pcVl9rz8wdPQIbvWbTWkIx9A5zksK1bSEdXxVyTfU04=; b=fNIRmTl8DPPyR29jIVRYtMmL3pn2HYy7BSLBbkKU2Li93tflAzvE0csesKtH6s0TWs RqygswmSVgXmuaQBhJKw+ysrK2dHuIgt2fmipUA4e/cN7h3YJqAqtReDsSYyUWxn6HRA tKLCjc3JYb58B5R6JD4RLMAwQ/rTQAO1Q1T4QGR2Fbl9TEaEFpG4F3MYvNYNGfeg9ZdU SzmfryKyKt4c2T6cTDSSN317eccrbyj4aur5R6y07FeQrfP/yZaNYESzWCv15xBJZF8D HQsyaf2XFb8rH2PXu/oLSlzJopH06/AJ9/ikto5yQsogC7K8x7SUAhSF85CZ0Ug0SJyP xsbQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LultKpVs; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d5si13371299pgc.596.2019.06.11.16.09.56; Tue, 11 Jun 2019 16:09:57 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=LultKpVs; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2407951AbfFKXJ4 (ORCPT + 3 others); Tue, 11 Jun 2019 19:09:56 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:35610 "EHLO mail-wm1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2407949AbfFKXJ4 (ORCPT ); Tue, 11 Jun 2019 19:09:56 -0400 Received: by mail-wm1-f67.google.com with SMTP id c6so4600161wml.0 for ; Tue, 11 Jun 2019 16:09:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=pcVl9rz8wdPQIbvWbTWkIx9A5zksK1bSEdXxVyTfU04=; b=LultKpVs+ZyWYS4B7p0E4oNY5tofY/00+gUA9E6/KHX7ZyefpHt4v43CaQD262NQIt 4+xgUlvWZ1HMIEocfxvODtLt6OO1UgM8fX5sWFiEDIt3vJNkN/rr0Dc4Px6q7/xAFP8s WiRc9K6DFFTCfm+V+GRp116GaLDmNSU+Wbn0KSVJcD5DyCdpWxoC25NC4Xqi9QdM2RXV 8NM20AjEluabPhyNSDFei0KC5AslhURWH5kv86/IpoX+S/GruCHog8QzDUH3Bzh40B3n 3KX5I+I+VkoOWLfVfvoMmvs8yg+lDZ123hbOcvzf+UOvwk6KyoHNp4a+/ntWMp9J1R8l n0zw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=pcVl9rz8wdPQIbvWbTWkIx9A5zksK1bSEdXxVyTfU04=; b=DhF7Evm4qnv/4KRMjokxlj5VNHFpdZHM7z2RcVkfLfTuJFIw03mvd9zusL7Y6lYArd xSXPSIjkc02GAIcblX77NuvpzR+Mt4FVm9/6KBL+HeZKGYOCbrIdRz4nBcbKvoeYmlWW bbV9nN2uGdQWxx65eZs8j2QZciequ1NJSwQlSPgxe2J44LIkozckpT0IbIEL+5mSYfc6 U0+/xeDtV+x/tnn9jd9a+rDw64LCBXchftlxSiwcJBtqoDgkZz37XFIlVhp56J3O5K6F RiVHxtUUEL7Xfm6sD91SkDg9er67unrpUCjI6WqRNfDE6lfr5RR3WEdz54lpDLkU+8OB yf+A== X-Gm-Message-State: APjAAAVGGQbiYCXbNNtbYDOXk9azQ8CFM0qqIC1sDbSJa1NLfCH+N+0W CiZ6PzhnlokKIQTmQwKsQF8E6eOgMnhIf/9/ X-Received: by 2002:a7b:c774:: with SMTP id x20mr372887wmk.30.1560294592714; Tue, 11 Jun 2019 16:09:52 -0700 (PDT) Received: from sudo.home ([2a01:cb1d:112:6f00:24bb:7f31:25fe:43a7]) by smtp.gmail.com with ESMTPSA id g11sm10827813wrq.89.2019.06.11.16.09.51 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 11 Jun 2019 16:09:52 -0700 (PDT) From: Ard Biesheuvel To: linux-crypto@vger.kernel.org Cc: Ard Biesheuvel , Herbert Xu , "David S. Miller" , Eric Biggers , Johannes Berg , linux-cifs@vger.kernel.org, Steve French Subject: [PATCH v4 7/7] fs: cifs: switch to RC4 library interface Date: Wed, 12 Jun 2019 01:09:38 +0200 Message-Id: <20190611230938.19265-8-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190611230938.19265-1-ard.biesheuvel@linaro.org> References: <20190611230938.19265-1-ard.biesheuvel@linaro.org> MIME-Version: 1.0 Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org The CIFS code uses the sync skcipher API to invoke the ecb(arc4) skcipher, of which only a single generic C code implementation exists. This means that going through all the trouble of using scatterlists etc buys us very little, and we're better off just invoking the arc4 library directly. This also reverts commit 5f4b55699aaf ("CIFS: Fix BUG() in calc_seckey()"), since it is no longer necessary to allocate sec_key on the heap. Cc: linux-cifs@vger.kernel.org Cc: Steve French Signed-off-by: Ard Biesheuvel --- fs/cifs/Kconfig | 2 +- fs/cifs/cifsencrypt.c | 62 +++++--------------- fs/cifs/cifsfs.c | 1 - 3 files changed, 17 insertions(+), 48 deletions(-) -- 2.20.1 diff --git a/fs/cifs/Kconfig b/fs/cifs/Kconfig index aae2b8b2adf5..523e9ea78a28 100644 --- a/fs/cifs/Kconfig +++ b/fs/cifs/Kconfig @@ -10,7 +10,7 @@ config CIFS select CRYPTO_SHA512 select CRYPTO_CMAC select CRYPTO_HMAC - select CRYPTO_ARC4 + select CRYPTO_LIB_ARC4 select CRYPTO_AEAD2 select CRYPTO_CCM select CRYPTO_ECB diff --git a/fs/cifs/cifsencrypt.c b/fs/cifs/cifsencrypt.c index d2a05e46d6f5..97b7497c13ef 100644 --- a/fs/cifs/cifsencrypt.c +++ b/fs/cifs/cifsencrypt.c @@ -33,7 +33,8 @@ #include #include #include -#include +#include +#include #include int __cifs_calc_signature(struct smb_rqst *rqst, @@ -772,63 +773,32 @@ setup_ntlmv2_rsp(struct cifs_ses *ses, const struct nls_table *nls_cp) int calc_seckey(struct cifs_ses *ses) { - int rc; - struct crypto_skcipher *tfm_arc4; - struct scatterlist sgin, sgout; - struct skcipher_request *req; - unsigned char *sec_key; + unsigned char sec_key[CIFS_SESS_KEY_SIZE]; /* a nonce */ + struct arc4_ctx *ctx_arc4; - sec_key = kmalloc(CIFS_SESS_KEY_SIZE, GFP_KERNEL); - if (sec_key == NULL) - return -ENOMEM; + if (fips_enabled) + return -ENODEV; get_random_bytes(sec_key, CIFS_SESS_KEY_SIZE); - tfm_arc4 = crypto_alloc_skcipher("ecb(arc4)", 0, CRYPTO_ALG_ASYNC); - if (IS_ERR(tfm_arc4)) { - rc = PTR_ERR(tfm_arc4); - cifs_dbg(VFS, "could not allocate crypto API arc4\n"); - goto out; - } - - rc = crypto_skcipher_setkey(tfm_arc4, ses->auth_key.response, - CIFS_SESS_KEY_SIZE); - if (rc) { - cifs_dbg(VFS, "%s: Could not set response as a key\n", - __func__); - goto out_free_cipher; - } - - req = skcipher_request_alloc(tfm_arc4, GFP_KERNEL); - if (!req) { - rc = -ENOMEM; - cifs_dbg(VFS, "could not allocate crypto API arc4 request\n"); - goto out_free_cipher; + ctx_arc4 = kmalloc(sizeof(*ctx_arc4), GFP_KERNEL); + if (!ctx_arc4) { + cifs_dbg(VFS, "could not allocate arc4 context\n"); + return -ENOMEM; } - sg_init_one(&sgin, sec_key, CIFS_SESS_KEY_SIZE); - sg_init_one(&sgout, ses->ntlmssp->ciphertext, CIFS_CPHTXT_SIZE); - - skcipher_request_set_callback(req, 0, NULL, NULL); - skcipher_request_set_crypt(req, &sgin, &sgout, CIFS_CPHTXT_SIZE, NULL); - - rc = crypto_skcipher_encrypt(req); - skcipher_request_free(req); - if (rc) { - cifs_dbg(VFS, "could not encrypt session key rc: %d\n", rc); - goto out_free_cipher; - } + arc4_setkey(ctx_arc4, ses->auth_key.response, CIFS_SESS_KEY_SIZE); + arc4_crypt(ctx_arc4, ses->ntlmssp->ciphertext, sec_key, + CIFS_CPHTXT_SIZE); /* make secondary_key/nonce as session key */ memcpy(ses->auth_key.response, sec_key, CIFS_SESS_KEY_SIZE); /* and make len as that of session key only */ ses->auth_key.len = CIFS_SESS_KEY_SIZE; -out_free_cipher: - crypto_free_skcipher(tfm_arc4); -out: - kfree(sec_key); - return rc; + memzero_explicit(sec_key, CIFS_SESS_KEY_SIZE); + kzfree(ctx_arc4); + return 0; } void diff --git a/fs/cifs/cifsfs.c b/fs/cifs/cifsfs.c index f5fcd6360056..e55afaf9e5a3 100644 --- a/fs/cifs/cifsfs.c +++ b/fs/cifs/cifsfs.c @@ -1590,7 +1590,6 @@ MODULE_DESCRIPTION ("VFS to access SMB3 servers e.g. Samba, Macs, Azure and Windows (and " "also older servers complying with the SNIA CIFS Specification)"); MODULE_VERSION(CIFS_VERSION); -MODULE_SOFTDEP("pre: arc4"); MODULE_SOFTDEP("pre: des"); MODULE_SOFTDEP("pre: ecb"); MODULE_SOFTDEP("pre: hmac");