1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * Cryptographic API for algorithms (i.e., low-level API).
4  *
5  * Copyright (c) 2006 Herbert Xu <herbert@gondor.apana.org.au>
6  */
7 
8 #include <crypto/algapi.h>
9 #include <crypto/internal/simd.h>
10 #include <linux/err.h>
11 #include <linux/errno.h>
12 #include <linux/fips.h>
13 #include <linux/init.h>
14 #include <linux/kernel.h>
15 #include <linux/list.h>
16 #include <linux/module.h>
17 #include <linux/rtnetlink.h>
18 #include <linux/slab.h>
19 #include <linux/string.h>
20 #include <linux/workqueue.h>
21 
22 #include "internal.h"
23 
24 static LIST_HEAD(crypto_template_list);
25 
26 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
27 DEFINE_PER_CPU(bool, crypto_simd_disabled_for_test);
28 EXPORT_PER_CPU_SYMBOL_GPL(crypto_simd_disabled_for_test);
29 #endif
30 
crypto_check_module_sig(struct module * mod)31 static inline void crypto_check_module_sig(struct module *mod)
32 {
33 	if (fips_enabled && mod && !module_sig_ok(mod))
34 		panic("Module %s signature verification failed in FIPS mode\n",
35 		      module_name(mod));
36 }
37 
crypto_check_alg(struct crypto_alg * alg)38 static int crypto_check_alg(struct crypto_alg *alg)
39 {
40 	crypto_check_module_sig(alg->cra_module);
41 
42 	if (!alg->cra_name[0] || !alg->cra_driver_name[0])
43 		return -EINVAL;
44 
45 	if (alg->cra_alignmask & (alg->cra_alignmask + 1))
46 		return -EINVAL;
47 
48 	/* General maximums for all algs. */
49 	if (alg->cra_alignmask > MAX_ALGAPI_ALIGNMASK)
50 		return -EINVAL;
51 
52 	if (alg->cra_blocksize > MAX_ALGAPI_BLOCKSIZE)
53 		return -EINVAL;
54 
55 	/* Lower maximums for specific alg types. */
56 	if (!alg->cra_type && (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) ==
57 			       CRYPTO_ALG_TYPE_CIPHER) {
58 		if (alg->cra_alignmask > MAX_CIPHER_ALIGNMASK)
59 			return -EINVAL;
60 
61 		if (alg->cra_blocksize > MAX_CIPHER_BLOCKSIZE)
62 			return -EINVAL;
63 	}
64 
65 	if (alg->cra_priority < 0)
66 		return -EINVAL;
67 
68 	refcount_set(&alg->cra_refcnt, 1);
69 
70 	return 0;
71 }
72 
crypto_free_instance(struct crypto_instance * inst)73 static void crypto_free_instance(struct crypto_instance *inst)
74 {
75 	inst->alg.cra_type->free(inst);
76 }
77 
crypto_destroy_instance_workfn(struct work_struct * w)78 static void crypto_destroy_instance_workfn(struct work_struct *w)
79 {
80 	struct crypto_instance *inst = container_of(w, struct crypto_instance,
81 						    free_work);
82 	struct crypto_template *tmpl = inst->tmpl;
83 
84 	crypto_free_instance(inst);
85 	crypto_tmpl_put(tmpl);
86 }
87 
crypto_destroy_instance(struct crypto_alg * alg)88 static void crypto_destroy_instance(struct crypto_alg *alg)
89 {
90 	struct crypto_instance *inst = container_of(alg,
91 						    struct crypto_instance,
92 						    alg);
93 
94 	INIT_WORK(&inst->free_work, crypto_destroy_instance_workfn);
95 	schedule_work(&inst->free_work);
96 }
97 
98 /*
99  * This function adds a spawn to the list secondary_spawns which
100  * will be used at the end of crypto_remove_spawns to unregister
101  * instances, unless the spawn happens to be one that is depended
102  * on by the new algorithm (nalg in crypto_remove_spawns).
103  *
104  * This function is also responsible for resurrecting any algorithms
105  * in the dependency chain of nalg by unsetting n->dead.
106  */
crypto_more_spawns(struct crypto_alg * alg,struct list_head * stack,struct list_head * top,struct list_head * secondary_spawns)107 static struct list_head *crypto_more_spawns(struct crypto_alg *alg,
108 					    struct list_head *stack,
109 					    struct list_head *top,
110 					    struct list_head *secondary_spawns)
111 {
112 	struct crypto_spawn *spawn, *n;
113 
114 	spawn = list_first_entry_or_null(stack, struct crypto_spawn, list);
115 	if (!spawn)
116 		return NULL;
117 
118 	n = list_prev_entry(spawn, list);
119 	list_move(&spawn->list, secondary_spawns);
120 
121 	if (list_is_last(&n->list, stack))
122 		return top;
123 
124 	n = list_next_entry(n, list);
125 	if (!spawn->dead)
126 		n->dead = false;
127 
128 	return &n->inst->alg.cra_users;
129 }
130 
crypto_remove_instance(struct crypto_instance * inst,struct list_head * list)131 static void crypto_remove_instance(struct crypto_instance *inst,
132 				   struct list_head *list)
133 {
134 	struct crypto_template *tmpl = inst->tmpl;
135 
136 	if (crypto_is_dead(&inst->alg))
137 		return;
138 
139 	inst->alg.cra_flags |= CRYPTO_ALG_DEAD;
140 
141 	if (!tmpl || !crypto_tmpl_get(tmpl))
142 		return;
143 
144 	list_move(&inst->alg.cra_list, list);
145 	hlist_del(&inst->list);
146 	inst->alg.cra_destroy = crypto_destroy_instance;
147 
148 	BUG_ON(!list_empty(&inst->alg.cra_users));
149 }
150 
151 /*
152  * Given an algorithm alg, remove all algorithms that depend on it
153  * through spawns.  If nalg is not null, then exempt any algorithms
154  * that is depended on by nalg.  This is useful when nalg itself
155  * depends on alg.
156  */
crypto_remove_spawns(struct crypto_alg * alg,struct list_head * list,struct crypto_alg * nalg)157 void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list,
158 			  struct crypto_alg *nalg)
159 {
160 	u32 new_type = (nalg ?: alg)->cra_flags;
161 	struct crypto_spawn *spawn, *n;
162 	LIST_HEAD(secondary_spawns);
163 	struct list_head *spawns;
164 	LIST_HEAD(stack);
165 	LIST_HEAD(top);
166 
167 	spawns = &alg->cra_users;
168 	list_for_each_entry_safe(spawn, n, spawns, list) {
169 		if ((spawn->alg->cra_flags ^ new_type) & spawn->mask)
170 			continue;
171 
172 		list_move(&spawn->list, &top);
173 	}
174 
175 	/*
176 	 * Perform a depth-first walk starting from alg through
177 	 * the cra_users tree.  The list stack records the path
178 	 * from alg to the current spawn.
179 	 */
180 	spawns = &top;
181 	do {
182 		while (!list_empty(spawns)) {
183 			struct crypto_instance *inst;
184 
185 			spawn = list_first_entry(spawns, struct crypto_spawn,
186 						 list);
187 			inst = spawn->inst;
188 
189 			list_move(&spawn->list, &stack);
190 			spawn->dead = !spawn->registered || &inst->alg != nalg;
191 
192 			if (!spawn->registered)
193 				break;
194 
195 			BUG_ON(&inst->alg == alg);
196 
197 			if (&inst->alg == nalg)
198 				break;
199 
200 			spawns = &inst->alg.cra_users;
201 
202 			/*
203 			 * Even if spawn->registered is true, the
204 			 * instance itself may still be unregistered.
205 			 * This is because it may have failed during
206 			 * registration.  Therefore we still need to
207 			 * make the following test.
208 			 *
209 			 * We may encounter an unregistered instance here, since
210 			 * an instance's spawns are set up prior to the instance
211 			 * being registered.  An unregistered instance will have
212 			 * NULL ->cra_users.next, since ->cra_users isn't
213 			 * properly initialized until registration.  But an
214 			 * unregistered instance cannot have any users, so treat
215 			 * it the same as ->cra_users being empty.
216 			 */
217 			if (spawns->next == NULL)
218 				break;
219 		}
220 	} while ((spawns = crypto_more_spawns(alg, &stack, &top,
221 					      &secondary_spawns)));
222 
223 	/*
224 	 * Remove all instances that are marked as dead.  Also
225 	 * complete the resurrection of the others by moving them
226 	 * back to the cra_users list.
227 	 */
228 	list_for_each_entry_safe(spawn, n, &secondary_spawns, list) {
229 		if (!spawn->dead)
230 			list_move(&spawn->list, &spawn->alg->cra_users);
231 		else if (spawn->registered)
232 			crypto_remove_instance(spawn->inst, list);
233 	}
234 }
235 EXPORT_SYMBOL_GPL(crypto_remove_spawns);
236 
crypto_alg_finish_registration(struct crypto_alg * alg,bool fulfill_requests,struct list_head * algs_to_put)237 static void crypto_alg_finish_registration(struct crypto_alg *alg,
238 					   bool fulfill_requests,
239 					   struct list_head *algs_to_put)
240 {
241 	struct crypto_alg *q;
242 
243 	list_for_each_entry(q, &crypto_alg_list, cra_list) {
244 		if (q == alg)
245 			continue;
246 
247 		if (crypto_is_moribund(q))
248 			continue;
249 
250 		if (crypto_is_larval(q)) {
251 			struct crypto_larval *larval = (void *)q;
252 
253 			/*
254 			 * Check to see if either our generic name or
255 			 * specific name can satisfy the name requested
256 			 * by the larval entry q.
257 			 */
258 			if (strcmp(alg->cra_name, q->cra_name) &&
259 			    strcmp(alg->cra_driver_name, q->cra_name))
260 				continue;
261 
262 			if (larval->adult)
263 				continue;
264 			if ((q->cra_flags ^ alg->cra_flags) & larval->mask)
265 				continue;
266 
267 			if (fulfill_requests && crypto_mod_get(alg))
268 				larval->adult = alg;
269 			else
270 				larval->adult = ERR_PTR(-EAGAIN);
271 
272 			continue;
273 		}
274 
275 		if (strcmp(alg->cra_name, q->cra_name))
276 			continue;
277 
278 		if (strcmp(alg->cra_driver_name, q->cra_driver_name) &&
279 		    q->cra_priority > alg->cra_priority)
280 			continue;
281 
282 		crypto_remove_spawns(q, algs_to_put, alg);
283 	}
284 
285 	crypto_notify(CRYPTO_MSG_ALG_LOADED, alg);
286 }
287 
crypto_alloc_test_larval(struct crypto_alg * alg)288 static struct crypto_larval *crypto_alloc_test_larval(struct crypto_alg *alg)
289 {
290 	struct crypto_larval *larval;
291 
292 	if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER) ||
293 	    IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS) ||
294 	    (alg->cra_flags & CRYPTO_ALG_INTERNAL))
295 		return NULL; /* No self-test needed */
296 
297 	larval = crypto_larval_alloc(alg->cra_name,
298 				     alg->cra_flags | CRYPTO_ALG_TESTED, 0);
299 	if (IS_ERR(larval))
300 		return larval;
301 
302 	larval->adult = crypto_mod_get(alg);
303 	if (!larval->adult) {
304 		kfree(larval);
305 		return ERR_PTR(-ENOENT);
306 	}
307 
308 	refcount_set(&larval->alg.cra_refcnt, 1);
309 	memcpy(larval->alg.cra_driver_name, alg->cra_driver_name,
310 	       CRYPTO_MAX_ALG_NAME);
311 	larval->alg.cra_priority = alg->cra_priority;
312 
313 	return larval;
314 }
315 
316 static struct crypto_larval *
__crypto_register_alg(struct crypto_alg * alg,struct list_head * algs_to_put)317 __crypto_register_alg(struct crypto_alg *alg, struct list_head *algs_to_put)
318 {
319 	struct crypto_alg *q;
320 	struct crypto_larval *larval;
321 	int ret = -EAGAIN;
322 
323 	if (crypto_is_dead(alg))
324 		goto err;
325 
326 	INIT_LIST_HEAD(&alg->cra_users);
327 
328 	ret = -EEXIST;
329 
330 	list_for_each_entry(q, &crypto_alg_list, cra_list) {
331 		if (q == alg)
332 			goto err;
333 
334 		if (crypto_is_moribund(q))
335 			continue;
336 
337 		if (crypto_is_larval(q)) {
338 			if (!strcmp(alg->cra_driver_name, q->cra_driver_name))
339 				goto err;
340 			continue;
341 		}
342 
343 		if (!strcmp(q->cra_driver_name, alg->cra_name) ||
344 		    !strcmp(q->cra_name, alg->cra_driver_name))
345 			goto err;
346 	}
347 
348 	larval = crypto_alloc_test_larval(alg);
349 	if (IS_ERR(larval))
350 		goto out;
351 
352 	list_add(&alg->cra_list, &crypto_alg_list);
353 
354 	if (larval) {
355 		/* No cheating! */
356 		alg->cra_flags &= ~CRYPTO_ALG_TESTED;
357 
358 		list_add(&larval->alg.cra_list, &crypto_alg_list);
359 	} else {
360 		alg->cra_flags |= CRYPTO_ALG_TESTED;
361 		crypto_alg_finish_registration(alg, true, algs_to_put);
362 	}
363 
364 out:
365 	return larval;
366 
367 err:
368 	larval = ERR_PTR(ret);
369 	goto out;
370 }
371 
crypto_alg_tested(const char * name,int err)372 void crypto_alg_tested(const char *name, int err)
373 {
374 	struct crypto_larval *test;
375 	struct crypto_alg *alg;
376 	struct crypto_alg *q;
377 	LIST_HEAD(list);
378 	bool best;
379 
380 	down_write(&crypto_alg_sem);
381 	list_for_each_entry(q, &crypto_alg_list, cra_list) {
382 		if (crypto_is_moribund(q) || !crypto_is_larval(q))
383 			continue;
384 
385 		test = (struct crypto_larval *)q;
386 
387 		if (!strcmp(q->cra_driver_name, name))
388 			goto found;
389 	}
390 
391 	pr_err("alg: Unexpected test result for %s: %d\n", name, err);
392 	goto unlock;
393 
394 found:
395 	q->cra_flags |= CRYPTO_ALG_DEAD;
396 	alg = test->adult;
397 
398 	if (list_empty(&alg->cra_list))
399 		goto complete;
400 
401 	if (err == -ECANCELED)
402 		alg->cra_flags |= CRYPTO_ALG_FIPS_INTERNAL;
403 	else if (err)
404 		goto complete;
405 	else
406 		alg->cra_flags &= ~CRYPTO_ALG_FIPS_INTERNAL;
407 
408 	alg->cra_flags |= CRYPTO_ALG_TESTED;
409 
410 	/*
411 	 * If a higher-priority implementation of the same algorithm is
412 	 * currently being tested, then don't fulfill request larvals.
413 	 */
414 	best = true;
415 	list_for_each_entry(q, &crypto_alg_list, cra_list) {
416 		if (crypto_is_moribund(q) || !crypto_is_larval(q))
417 			continue;
418 
419 		if (strcmp(alg->cra_name, q->cra_name))
420 			continue;
421 
422 		if (q->cra_priority > alg->cra_priority) {
423 			best = false;
424 			break;
425 		}
426 	}
427 
428 	crypto_alg_finish_registration(alg, best, &list);
429 
430 complete:
431 	complete_all(&test->completion);
432 
433 unlock:
434 	up_write(&crypto_alg_sem);
435 
436 	crypto_remove_final(&list);
437 }
438 EXPORT_SYMBOL_GPL(crypto_alg_tested);
439 
crypto_remove_final(struct list_head * list)440 void crypto_remove_final(struct list_head *list)
441 {
442 	struct crypto_alg *alg;
443 	struct crypto_alg *n;
444 
445 	list_for_each_entry_safe(alg, n, list, cra_list) {
446 		list_del_init(&alg->cra_list);
447 		crypto_alg_put(alg);
448 	}
449 }
450 EXPORT_SYMBOL_GPL(crypto_remove_final);
451 
crypto_register_alg(struct crypto_alg * alg)452 int crypto_register_alg(struct crypto_alg *alg)
453 {
454 	struct crypto_larval *larval;
455 	LIST_HEAD(algs_to_put);
456 	bool test_started = false;
457 	int err;
458 
459 	alg->cra_flags &= ~CRYPTO_ALG_DEAD;
460 	err = crypto_check_alg(alg);
461 	if (err)
462 		return err;
463 
464 	down_write(&crypto_alg_sem);
465 	larval = __crypto_register_alg(alg, &algs_to_put);
466 	if (!IS_ERR_OR_NULL(larval)) {
467 		test_started = crypto_boot_test_finished();
468 		larval->test_started = test_started;
469 	}
470 	up_write(&crypto_alg_sem);
471 
472 	if (IS_ERR(larval))
473 		return PTR_ERR(larval);
474 	if (test_started)
475 		crypto_wait_for_test(larval);
476 	crypto_remove_final(&algs_to_put);
477 	return 0;
478 }
479 EXPORT_SYMBOL_GPL(crypto_register_alg);
480 
crypto_remove_alg(struct crypto_alg * alg,struct list_head * list)481 static int crypto_remove_alg(struct crypto_alg *alg, struct list_head *list)
482 {
483 	if (unlikely(list_empty(&alg->cra_list)))
484 		return -ENOENT;
485 
486 	alg->cra_flags |= CRYPTO_ALG_DEAD;
487 
488 	list_del_init(&alg->cra_list);
489 	crypto_remove_spawns(alg, list, NULL);
490 
491 	return 0;
492 }
493 
crypto_unregister_alg(struct crypto_alg * alg)494 void crypto_unregister_alg(struct crypto_alg *alg)
495 {
496 	int ret;
497 	LIST_HEAD(list);
498 
499 	down_write(&crypto_alg_sem);
500 	ret = crypto_remove_alg(alg, &list);
501 	up_write(&crypto_alg_sem);
502 
503 	if (WARN(ret, "Algorithm %s is not registered", alg->cra_driver_name))
504 		return;
505 
506 	if (WARN_ON(refcount_read(&alg->cra_refcnt) != 1))
507 		return;
508 
509 	if (alg->cra_destroy)
510 		alg->cra_destroy(alg);
511 
512 	crypto_remove_final(&list);
513 }
514 EXPORT_SYMBOL_GPL(crypto_unregister_alg);
515 
crypto_register_algs(struct crypto_alg * algs,int count)516 int crypto_register_algs(struct crypto_alg *algs, int count)
517 {
518 	int i, ret;
519 
520 	for (i = 0; i < count; i++) {
521 		ret = crypto_register_alg(&algs[i]);
522 		if (ret)
523 			goto err;
524 	}
525 
526 	return 0;
527 
528 err:
529 	for (--i; i >= 0; --i)
530 		crypto_unregister_alg(&algs[i]);
531 
532 	return ret;
533 }
534 EXPORT_SYMBOL_GPL(crypto_register_algs);
535 
crypto_unregister_algs(struct crypto_alg * algs,int count)536 void crypto_unregister_algs(struct crypto_alg *algs, int count)
537 {
538 	int i;
539 
540 	for (i = 0; i < count; i++)
541 		crypto_unregister_alg(&algs[i]);
542 }
543 EXPORT_SYMBOL_GPL(crypto_unregister_algs);
544 
crypto_register_template(struct crypto_template * tmpl)545 int crypto_register_template(struct crypto_template *tmpl)
546 {
547 	struct crypto_template *q;
548 	int err = -EEXIST;
549 
550 	down_write(&crypto_alg_sem);
551 
552 	crypto_check_module_sig(tmpl->module);
553 
554 	list_for_each_entry(q, &crypto_template_list, list) {
555 		if (q == tmpl)
556 			goto out;
557 	}
558 
559 	list_add(&tmpl->list, &crypto_template_list);
560 	err = 0;
561 out:
562 	up_write(&crypto_alg_sem);
563 	return err;
564 }
565 EXPORT_SYMBOL_GPL(crypto_register_template);
566 
crypto_register_templates(struct crypto_template * tmpls,int count)567 int crypto_register_templates(struct crypto_template *tmpls, int count)
568 {
569 	int i, err;
570 
571 	for (i = 0; i < count; i++) {
572 		err = crypto_register_template(&tmpls[i]);
573 		if (err)
574 			goto out;
575 	}
576 	return 0;
577 
578 out:
579 	for (--i; i >= 0; --i)
580 		crypto_unregister_template(&tmpls[i]);
581 	return err;
582 }
583 EXPORT_SYMBOL_GPL(crypto_register_templates);
584 
crypto_unregister_template(struct crypto_template * tmpl)585 void crypto_unregister_template(struct crypto_template *tmpl)
586 {
587 	struct crypto_instance *inst;
588 	struct hlist_node *n;
589 	struct hlist_head *list;
590 	LIST_HEAD(users);
591 
592 	down_write(&crypto_alg_sem);
593 
594 	BUG_ON(list_empty(&tmpl->list));
595 	list_del_init(&tmpl->list);
596 
597 	list = &tmpl->instances;
598 	hlist_for_each_entry(inst, list, list) {
599 		int err = crypto_remove_alg(&inst->alg, &users);
600 
601 		BUG_ON(err);
602 	}
603 
604 	up_write(&crypto_alg_sem);
605 
606 	hlist_for_each_entry_safe(inst, n, list, list) {
607 		BUG_ON(refcount_read(&inst->alg.cra_refcnt) != 1);
608 		crypto_free_instance(inst);
609 	}
610 	crypto_remove_final(&users);
611 }
612 EXPORT_SYMBOL_GPL(crypto_unregister_template);
613 
crypto_unregister_templates(struct crypto_template * tmpls,int count)614 void crypto_unregister_templates(struct crypto_template *tmpls, int count)
615 {
616 	int i;
617 
618 	for (i = count - 1; i >= 0; --i)
619 		crypto_unregister_template(&tmpls[i]);
620 }
621 EXPORT_SYMBOL_GPL(crypto_unregister_templates);
622 
__crypto_lookup_template(const char * name)623 static struct crypto_template *__crypto_lookup_template(const char *name)
624 {
625 	struct crypto_template *q, *tmpl = NULL;
626 
627 	down_read(&crypto_alg_sem);
628 	list_for_each_entry(q, &crypto_template_list, list) {
629 		if (strcmp(q->name, name))
630 			continue;
631 		if (unlikely(!crypto_tmpl_get(q)))
632 			continue;
633 
634 		tmpl = q;
635 		break;
636 	}
637 	up_read(&crypto_alg_sem);
638 
639 	return tmpl;
640 }
641 
crypto_lookup_template(const char * name)642 struct crypto_template *crypto_lookup_template(const char *name)
643 {
644 	return try_then_request_module(__crypto_lookup_template(name),
645 				       "crypto-%s", name);
646 }
647 EXPORT_SYMBOL_GPL(crypto_lookup_template);
648 
crypto_register_instance(struct crypto_template * tmpl,struct crypto_instance * inst)649 int crypto_register_instance(struct crypto_template *tmpl,
650 			     struct crypto_instance *inst)
651 {
652 	struct crypto_larval *larval;
653 	struct crypto_spawn *spawn;
654 	u32 fips_internal = 0;
655 	LIST_HEAD(algs_to_put);
656 	int err;
657 
658 	err = crypto_check_alg(&inst->alg);
659 	if (err)
660 		return err;
661 
662 	inst->alg.cra_module = tmpl->module;
663 	inst->alg.cra_flags |= CRYPTO_ALG_INSTANCE;
664 
665 	down_write(&crypto_alg_sem);
666 
667 	larval = ERR_PTR(-EAGAIN);
668 	for (spawn = inst->spawns; spawn;) {
669 		struct crypto_spawn *next;
670 
671 		if (spawn->dead)
672 			goto unlock;
673 
674 		next = spawn->next;
675 		spawn->inst = inst;
676 		spawn->registered = true;
677 
678 		fips_internal |= spawn->alg->cra_flags;
679 
680 		crypto_mod_put(spawn->alg);
681 
682 		spawn = next;
683 	}
684 
685 	inst->alg.cra_flags |= (fips_internal & CRYPTO_ALG_FIPS_INTERNAL);
686 
687 	larval = __crypto_register_alg(&inst->alg, &algs_to_put);
688 	if (IS_ERR(larval))
689 		goto unlock;
690 	else if (larval)
691 		larval->test_started = true;
692 
693 	hlist_add_head(&inst->list, &tmpl->instances);
694 	inst->tmpl = tmpl;
695 
696 unlock:
697 	up_write(&crypto_alg_sem);
698 
699 	if (IS_ERR(larval))
700 		return PTR_ERR(larval);
701 	if (larval)
702 		crypto_wait_for_test(larval);
703 	crypto_remove_final(&algs_to_put);
704 	return 0;
705 }
706 EXPORT_SYMBOL_GPL(crypto_register_instance);
707 
crypto_unregister_instance(struct crypto_instance * inst)708 void crypto_unregister_instance(struct crypto_instance *inst)
709 {
710 	LIST_HEAD(list);
711 
712 	down_write(&crypto_alg_sem);
713 
714 	crypto_remove_spawns(&inst->alg, &list, NULL);
715 	crypto_remove_instance(inst, &list);
716 
717 	up_write(&crypto_alg_sem);
718 
719 	crypto_remove_final(&list);
720 }
721 EXPORT_SYMBOL_GPL(crypto_unregister_instance);
722 
crypto_grab_spawn(struct crypto_spawn * spawn,struct crypto_instance * inst,const char * name,u32 type,u32 mask)723 int crypto_grab_spawn(struct crypto_spawn *spawn, struct crypto_instance *inst,
724 		      const char *name, u32 type, u32 mask)
725 {
726 	struct crypto_alg *alg;
727 	int err = -EAGAIN;
728 
729 	if (WARN_ON_ONCE(inst == NULL))
730 		return -EINVAL;
731 
732 	/* Allow the result of crypto_attr_alg_name() to be passed directly */
733 	if (IS_ERR(name))
734 		return PTR_ERR(name);
735 
736 	alg = crypto_find_alg(name, spawn->frontend,
737 			      type | CRYPTO_ALG_FIPS_INTERNAL, mask);
738 	if (IS_ERR(alg))
739 		return PTR_ERR(alg);
740 
741 	down_write(&crypto_alg_sem);
742 	if (!crypto_is_moribund(alg)) {
743 		list_add(&spawn->list, &alg->cra_users);
744 		spawn->alg = alg;
745 		spawn->mask = mask;
746 		spawn->next = inst->spawns;
747 		inst->spawns = spawn;
748 		inst->alg.cra_flags |=
749 			(alg->cra_flags & CRYPTO_ALG_INHERITED_FLAGS);
750 		err = 0;
751 	}
752 	up_write(&crypto_alg_sem);
753 	if (err)
754 		crypto_mod_put(alg);
755 	return err;
756 }
757 EXPORT_SYMBOL_GPL(crypto_grab_spawn);
758 
crypto_drop_spawn(struct crypto_spawn * spawn)759 void crypto_drop_spawn(struct crypto_spawn *spawn)
760 {
761 	if (!spawn->alg) /* not yet initialized? */
762 		return;
763 
764 	down_write(&crypto_alg_sem);
765 	if (!spawn->dead)
766 		list_del(&spawn->list);
767 	up_write(&crypto_alg_sem);
768 
769 	if (!spawn->registered)
770 		crypto_mod_put(spawn->alg);
771 }
772 EXPORT_SYMBOL_GPL(crypto_drop_spawn);
773 
crypto_spawn_alg(struct crypto_spawn * spawn)774 static struct crypto_alg *crypto_spawn_alg(struct crypto_spawn *spawn)
775 {
776 	struct crypto_alg *alg = ERR_PTR(-EAGAIN);
777 	struct crypto_alg *target;
778 	bool shoot = false;
779 
780 	down_read(&crypto_alg_sem);
781 	if (!spawn->dead) {
782 		alg = spawn->alg;
783 		if (!crypto_mod_get(alg)) {
784 			target = crypto_alg_get(alg);
785 			shoot = true;
786 			alg = ERR_PTR(-EAGAIN);
787 		}
788 	}
789 	up_read(&crypto_alg_sem);
790 
791 	if (shoot) {
792 		crypto_shoot_alg(target);
793 		crypto_alg_put(target);
794 	}
795 
796 	return alg;
797 }
798 
crypto_spawn_tfm(struct crypto_spawn * spawn,u32 type,u32 mask)799 struct crypto_tfm *crypto_spawn_tfm(struct crypto_spawn *spawn, u32 type,
800 				    u32 mask)
801 {
802 	struct crypto_alg *alg;
803 	struct crypto_tfm *tfm;
804 
805 	alg = crypto_spawn_alg(spawn);
806 	if (IS_ERR(alg))
807 		return ERR_CAST(alg);
808 
809 	tfm = ERR_PTR(-EINVAL);
810 	if (unlikely((alg->cra_flags ^ type) & mask))
811 		goto out_put_alg;
812 
813 	tfm = __crypto_alloc_tfm(alg, type, mask);
814 	if (IS_ERR(tfm))
815 		goto out_put_alg;
816 
817 	return tfm;
818 
819 out_put_alg:
820 	crypto_mod_put(alg);
821 	return tfm;
822 }
823 EXPORT_SYMBOL_GPL(crypto_spawn_tfm);
824 
crypto_spawn_tfm2(struct crypto_spawn * spawn)825 void *crypto_spawn_tfm2(struct crypto_spawn *spawn)
826 {
827 	struct crypto_alg *alg;
828 	struct crypto_tfm *tfm;
829 
830 	alg = crypto_spawn_alg(spawn);
831 	if (IS_ERR(alg))
832 		return ERR_CAST(alg);
833 
834 	tfm = crypto_create_tfm(alg, spawn->frontend);
835 	if (IS_ERR(tfm))
836 		goto out_put_alg;
837 
838 	return tfm;
839 
840 out_put_alg:
841 	crypto_mod_put(alg);
842 	return tfm;
843 }
844 EXPORT_SYMBOL_GPL(crypto_spawn_tfm2);
845 
crypto_register_notifier(struct notifier_block * nb)846 int crypto_register_notifier(struct notifier_block *nb)
847 {
848 	return blocking_notifier_chain_register(&crypto_chain, nb);
849 }
850 EXPORT_SYMBOL_GPL(crypto_register_notifier);
851 
crypto_unregister_notifier(struct notifier_block * nb)852 int crypto_unregister_notifier(struct notifier_block *nb)
853 {
854 	return blocking_notifier_chain_unregister(&crypto_chain, nb);
855 }
856 EXPORT_SYMBOL_GPL(crypto_unregister_notifier);
857 
crypto_get_attr_type(struct rtattr ** tb)858 struct crypto_attr_type *crypto_get_attr_type(struct rtattr **tb)
859 {
860 	struct rtattr *rta = tb[0];
861 	struct crypto_attr_type *algt;
862 
863 	if (!rta)
864 		return ERR_PTR(-ENOENT);
865 	if (RTA_PAYLOAD(rta) < sizeof(*algt))
866 		return ERR_PTR(-EINVAL);
867 	if (rta->rta_type != CRYPTOA_TYPE)
868 		return ERR_PTR(-EINVAL);
869 
870 	algt = RTA_DATA(rta);
871 
872 	return algt;
873 }
874 EXPORT_SYMBOL_GPL(crypto_get_attr_type);
875 
876 /**
877  * crypto_check_attr_type() - check algorithm type and compute inherited mask
878  * @tb: the template parameters
879  * @type: the algorithm type the template would be instantiated as
880  * @mask_ret: (output) the mask that should be passed to crypto_grab_*()
881  *	      to restrict the flags of any inner algorithms
882  *
883  * Validate that the algorithm type the user requested is compatible with the
884  * one the template would actually be instantiated as.  E.g., if the user is
885  * doing crypto_alloc_shash("cbc(aes)", ...), this would return an error because
886  * the "cbc" template creates an "skcipher" algorithm, not an "shash" algorithm.
887  *
888  * Also compute the mask to use to restrict the flags of any inner algorithms.
889  *
890  * Return: 0 on success; -errno on failure
891  */
crypto_check_attr_type(struct rtattr ** tb,u32 type,u32 * mask_ret)892 int crypto_check_attr_type(struct rtattr **tb, u32 type, u32 *mask_ret)
893 {
894 	struct crypto_attr_type *algt;
895 
896 	algt = crypto_get_attr_type(tb);
897 	if (IS_ERR(algt))
898 		return PTR_ERR(algt);
899 
900 	if ((algt->type ^ type) & algt->mask)
901 		return -EINVAL;
902 
903 	*mask_ret = crypto_algt_inherited_mask(algt);
904 	return 0;
905 }
906 EXPORT_SYMBOL_GPL(crypto_check_attr_type);
907 
crypto_attr_alg_name(struct rtattr * rta)908 const char *crypto_attr_alg_name(struct rtattr *rta)
909 {
910 	struct crypto_attr_alg *alga;
911 
912 	if (!rta)
913 		return ERR_PTR(-ENOENT);
914 	if (RTA_PAYLOAD(rta) < sizeof(*alga))
915 		return ERR_PTR(-EINVAL);
916 	if (rta->rta_type != CRYPTOA_ALG)
917 		return ERR_PTR(-EINVAL);
918 
919 	alga = RTA_DATA(rta);
920 	alga->name[CRYPTO_MAX_ALG_NAME - 1] = 0;
921 
922 	return alga->name;
923 }
924 EXPORT_SYMBOL_GPL(crypto_attr_alg_name);
925 
crypto_inst_setname(struct crypto_instance * inst,const char * name,struct crypto_alg * alg)926 int crypto_inst_setname(struct crypto_instance *inst, const char *name,
927 			struct crypto_alg *alg)
928 {
929 	if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, "%s(%s)", name,
930 		     alg->cra_name) >= CRYPTO_MAX_ALG_NAME)
931 		return -ENAMETOOLONG;
932 
933 	if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s(%s)",
934 		     name, alg->cra_driver_name) >= CRYPTO_MAX_ALG_NAME)
935 		return -ENAMETOOLONG;
936 
937 	return 0;
938 }
939 EXPORT_SYMBOL_GPL(crypto_inst_setname);
940 
crypto_init_queue(struct crypto_queue * queue,unsigned int max_qlen)941 void crypto_init_queue(struct crypto_queue *queue, unsigned int max_qlen)
942 {
943 	INIT_LIST_HEAD(&queue->list);
944 	queue->backlog = &queue->list;
945 	queue->qlen = 0;
946 	queue->max_qlen = max_qlen;
947 }
948 EXPORT_SYMBOL_GPL(crypto_init_queue);
949 
crypto_enqueue_request(struct crypto_queue * queue,struct crypto_async_request * request)950 int crypto_enqueue_request(struct crypto_queue *queue,
951 			   struct crypto_async_request *request)
952 {
953 	int err = -EINPROGRESS;
954 
955 	if (unlikely(queue->qlen >= queue->max_qlen)) {
956 		if (!(request->flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) {
957 			err = -ENOSPC;
958 			goto out;
959 		}
960 		err = -EBUSY;
961 		if (queue->backlog == &queue->list)
962 			queue->backlog = &request->list;
963 	}
964 
965 	queue->qlen++;
966 	list_add_tail(&request->list, &queue->list);
967 
968 out:
969 	return err;
970 }
971 EXPORT_SYMBOL_GPL(crypto_enqueue_request);
972 
crypto_enqueue_request_head(struct crypto_queue * queue,struct crypto_async_request * request)973 void crypto_enqueue_request_head(struct crypto_queue *queue,
974 				 struct crypto_async_request *request)
975 {
976 	if (unlikely(queue->qlen >= queue->max_qlen))
977 		queue->backlog = queue->backlog->prev;
978 
979 	queue->qlen++;
980 	list_add(&request->list, &queue->list);
981 }
982 EXPORT_SYMBOL_GPL(crypto_enqueue_request_head);
983 
crypto_dequeue_request(struct crypto_queue * queue)984 struct crypto_async_request *crypto_dequeue_request(struct crypto_queue *queue)
985 {
986 	struct list_head *request;
987 
988 	if (unlikely(!queue->qlen))
989 		return NULL;
990 
991 	queue->qlen--;
992 
993 	if (queue->backlog != &queue->list)
994 		queue->backlog = queue->backlog->next;
995 
996 	request = queue->list.next;
997 	list_del(request);
998 
999 	return list_entry(request, struct crypto_async_request, list);
1000 }
1001 EXPORT_SYMBOL_GPL(crypto_dequeue_request);
1002 
crypto_inc_byte(u8 * a,unsigned int size)1003 static inline void crypto_inc_byte(u8 *a, unsigned int size)
1004 {
1005 	u8 *b = (a + size);
1006 	u8 c;
1007 
1008 	for (; size; size--) {
1009 		c = *--b + 1;
1010 		*b = c;
1011 		if (c)
1012 			break;
1013 	}
1014 }
1015 
crypto_inc(u8 * a,unsigned int size)1016 void crypto_inc(u8 *a, unsigned int size)
1017 {
1018 	__be32 *b = (__be32 *)(a + size);
1019 	u32 c;
1020 
1021 	if (IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) ||
1022 	    IS_ALIGNED((unsigned long)b, __alignof__(*b)))
1023 		for (; size >= 4; size -= 4) {
1024 			c = be32_to_cpu(*--b) + 1;
1025 			*b = cpu_to_be32(c);
1026 			if (likely(c))
1027 				return;
1028 		}
1029 
1030 	crypto_inc_byte(a, size);
1031 }
1032 EXPORT_SYMBOL_GPL(crypto_inc);
1033 
crypto_alg_extsize(struct crypto_alg * alg)1034 unsigned int crypto_alg_extsize(struct crypto_alg *alg)
1035 {
1036 	return alg->cra_ctxsize +
1037 	       (alg->cra_alignmask & ~(crypto_tfm_ctx_alignment() - 1));
1038 }
1039 EXPORT_SYMBOL_GPL(crypto_alg_extsize);
1040 
crypto_type_has_alg(const char * name,const struct crypto_type * frontend,u32 type,u32 mask)1041 int crypto_type_has_alg(const char *name, const struct crypto_type *frontend,
1042 			u32 type, u32 mask)
1043 {
1044 	int ret = 0;
1045 	struct crypto_alg *alg = crypto_find_alg(name, frontend, type, mask);
1046 
1047 	if (!IS_ERR(alg)) {
1048 		crypto_mod_put(alg);
1049 		ret = 1;
1050 	}
1051 
1052 	return ret;
1053 }
1054 EXPORT_SYMBOL_GPL(crypto_type_has_alg);
1055 
crypto_start_tests(void)1056 static void __init crypto_start_tests(void)
1057 {
1058 	if (IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS))
1059 		return;
1060 
1061 	for (;;) {
1062 		struct crypto_larval *larval = NULL;
1063 		struct crypto_alg *q;
1064 
1065 		down_write(&crypto_alg_sem);
1066 
1067 		list_for_each_entry(q, &crypto_alg_list, cra_list) {
1068 			struct crypto_larval *l;
1069 
1070 			if (!crypto_is_larval(q))
1071 				continue;
1072 
1073 			l = (void *)q;
1074 
1075 			if (!crypto_is_test_larval(l))
1076 				continue;
1077 
1078 			if (l->test_started)
1079 				continue;
1080 
1081 			l->test_started = true;
1082 			larval = l;
1083 			break;
1084 		}
1085 
1086 		up_write(&crypto_alg_sem);
1087 
1088 		if (!larval)
1089 			break;
1090 
1091 		crypto_wait_for_test(larval);
1092 	}
1093 
1094 	set_crypto_boot_test_finished();
1095 }
1096 
crypto_algapi_init(void)1097 static int __init crypto_algapi_init(void)
1098 {
1099 	crypto_init_proc();
1100 	crypto_start_tests();
1101 	return 0;
1102 }
1103 
crypto_algapi_exit(void)1104 static void __exit crypto_algapi_exit(void)
1105 {
1106 	crypto_exit_proc();
1107 }
1108 
1109 /*
1110  * We run this at late_initcall so that all the built-in algorithms
1111  * have had a chance to register themselves first.
1112  */
1113 late_initcall(crypto_algapi_init);
1114 module_exit(crypto_algapi_exit);
1115 
1116 MODULE_LICENSE("GPL");
1117 MODULE_DESCRIPTION("Cryptographic algorithms API");
1118 MODULE_SOFTDEP("pre: cryptomgr");
1119