1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Cryptographic API for algorithms (i.e., low-level API).
4 *
5 * Copyright (c) 2006 Herbert Xu <herbert@gondor.apana.org.au>
6 */
7
8 #include <crypto/algapi.h>
9 #include <crypto/internal/simd.h>
10 #include <linux/err.h>
11 #include <linux/errno.h>
12 #include <linux/fips.h>
13 #include <linux/init.h>
14 #include <linux/kernel.h>
15 #include <linux/list.h>
16 #include <linux/module.h>
17 #include <linux/rtnetlink.h>
18 #include <linux/slab.h>
19 #include <linux/string.h>
20 #include <linux/workqueue.h>
21
22 #include "internal.h"
23
24 static LIST_HEAD(crypto_template_list);
25
26 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
27 DEFINE_PER_CPU(bool, crypto_simd_disabled_for_test);
28 EXPORT_PER_CPU_SYMBOL_GPL(crypto_simd_disabled_for_test);
29 #endif
30
crypto_check_module_sig(struct module * mod)31 static inline void crypto_check_module_sig(struct module *mod)
32 {
33 if (fips_enabled && mod && !module_sig_ok(mod))
34 panic("Module %s signature verification failed in FIPS mode\n",
35 module_name(mod));
36 }
37
crypto_check_alg(struct crypto_alg * alg)38 static int crypto_check_alg(struct crypto_alg *alg)
39 {
40 crypto_check_module_sig(alg->cra_module);
41
42 if (!alg->cra_name[0] || !alg->cra_driver_name[0])
43 return -EINVAL;
44
45 if (alg->cra_alignmask & (alg->cra_alignmask + 1))
46 return -EINVAL;
47
48 /* General maximums for all algs. */
49 if (alg->cra_alignmask > MAX_ALGAPI_ALIGNMASK)
50 return -EINVAL;
51
52 if (alg->cra_blocksize > MAX_ALGAPI_BLOCKSIZE)
53 return -EINVAL;
54
55 /* Lower maximums for specific alg types. */
56 if (!alg->cra_type && (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) ==
57 CRYPTO_ALG_TYPE_CIPHER) {
58 if (alg->cra_alignmask > MAX_CIPHER_ALIGNMASK)
59 return -EINVAL;
60
61 if (alg->cra_blocksize > MAX_CIPHER_BLOCKSIZE)
62 return -EINVAL;
63 }
64
65 if (alg->cra_priority < 0)
66 return -EINVAL;
67
68 refcount_set(&alg->cra_refcnt, 1);
69
70 return 0;
71 }
72
crypto_free_instance(struct crypto_instance * inst)73 static void crypto_free_instance(struct crypto_instance *inst)
74 {
75 inst->alg.cra_type->free(inst);
76 }
77
crypto_destroy_instance_workfn(struct work_struct * w)78 static void crypto_destroy_instance_workfn(struct work_struct *w)
79 {
80 struct crypto_instance *inst = container_of(w, struct crypto_instance,
81 free_work);
82 struct crypto_template *tmpl = inst->tmpl;
83
84 crypto_free_instance(inst);
85 crypto_tmpl_put(tmpl);
86 }
87
crypto_destroy_instance(struct crypto_alg * alg)88 static void crypto_destroy_instance(struct crypto_alg *alg)
89 {
90 struct crypto_instance *inst = container_of(alg,
91 struct crypto_instance,
92 alg);
93
94 INIT_WORK(&inst->free_work, crypto_destroy_instance_workfn);
95 schedule_work(&inst->free_work);
96 }
97
98 /*
99 * This function adds a spawn to the list secondary_spawns which
100 * will be used at the end of crypto_remove_spawns to unregister
101 * instances, unless the spawn happens to be one that is depended
102 * on by the new algorithm (nalg in crypto_remove_spawns).
103 *
104 * This function is also responsible for resurrecting any algorithms
105 * in the dependency chain of nalg by unsetting n->dead.
106 */
crypto_more_spawns(struct crypto_alg * alg,struct list_head * stack,struct list_head * top,struct list_head * secondary_spawns)107 static struct list_head *crypto_more_spawns(struct crypto_alg *alg,
108 struct list_head *stack,
109 struct list_head *top,
110 struct list_head *secondary_spawns)
111 {
112 struct crypto_spawn *spawn, *n;
113
114 spawn = list_first_entry_or_null(stack, struct crypto_spawn, list);
115 if (!spawn)
116 return NULL;
117
118 n = list_prev_entry(spawn, list);
119 list_move(&spawn->list, secondary_spawns);
120
121 if (list_is_last(&n->list, stack))
122 return top;
123
124 n = list_next_entry(n, list);
125 if (!spawn->dead)
126 n->dead = false;
127
128 return &n->inst->alg.cra_users;
129 }
130
crypto_remove_instance(struct crypto_instance * inst,struct list_head * list)131 static void crypto_remove_instance(struct crypto_instance *inst,
132 struct list_head *list)
133 {
134 struct crypto_template *tmpl = inst->tmpl;
135
136 if (crypto_is_dead(&inst->alg))
137 return;
138
139 inst->alg.cra_flags |= CRYPTO_ALG_DEAD;
140
141 if (!tmpl || !crypto_tmpl_get(tmpl))
142 return;
143
144 list_move(&inst->alg.cra_list, list);
145 hlist_del(&inst->list);
146 inst->alg.cra_destroy = crypto_destroy_instance;
147
148 BUG_ON(!list_empty(&inst->alg.cra_users));
149 }
150
151 /*
152 * Given an algorithm alg, remove all algorithms that depend on it
153 * through spawns. If nalg is not null, then exempt any algorithms
154 * that is depended on by nalg. This is useful when nalg itself
155 * depends on alg.
156 */
crypto_remove_spawns(struct crypto_alg * alg,struct list_head * list,struct crypto_alg * nalg)157 void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list,
158 struct crypto_alg *nalg)
159 {
160 u32 new_type = (nalg ?: alg)->cra_flags;
161 struct crypto_spawn *spawn, *n;
162 LIST_HEAD(secondary_spawns);
163 struct list_head *spawns;
164 LIST_HEAD(stack);
165 LIST_HEAD(top);
166
167 spawns = &alg->cra_users;
168 list_for_each_entry_safe(spawn, n, spawns, list) {
169 if ((spawn->alg->cra_flags ^ new_type) & spawn->mask)
170 continue;
171
172 list_move(&spawn->list, &top);
173 }
174
175 /*
176 * Perform a depth-first walk starting from alg through
177 * the cra_users tree. The list stack records the path
178 * from alg to the current spawn.
179 */
180 spawns = ⊤
181 do {
182 while (!list_empty(spawns)) {
183 struct crypto_instance *inst;
184
185 spawn = list_first_entry(spawns, struct crypto_spawn,
186 list);
187 inst = spawn->inst;
188
189 list_move(&spawn->list, &stack);
190 spawn->dead = !spawn->registered || &inst->alg != nalg;
191
192 if (!spawn->registered)
193 break;
194
195 BUG_ON(&inst->alg == alg);
196
197 if (&inst->alg == nalg)
198 break;
199
200 spawns = &inst->alg.cra_users;
201
202 /*
203 * Even if spawn->registered is true, the
204 * instance itself may still be unregistered.
205 * This is because it may have failed during
206 * registration. Therefore we still need to
207 * make the following test.
208 *
209 * We may encounter an unregistered instance here, since
210 * an instance's spawns are set up prior to the instance
211 * being registered. An unregistered instance will have
212 * NULL ->cra_users.next, since ->cra_users isn't
213 * properly initialized until registration. But an
214 * unregistered instance cannot have any users, so treat
215 * it the same as ->cra_users being empty.
216 */
217 if (spawns->next == NULL)
218 break;
219 }
220 } while ((spawns = crypto_more_spawns(alg, &stack, &top,
221 &secondary_spawns)));
222
223 /*
224 * Remove all instances that are marked as dead. Also
225 * complete the resurrection of the others by moving them
226 * back to the cra_users list.
227 */
228 list_for_each_entry_safe(spawn, n, &secondary_spawns, list) {
229 if (!spawn->dead)
230 list_move(&spawn->list, &spawn->alg->cra_users);
231 else if (spawn->registered)
232 crypto_remove_instance(spawn->inst, list);
233 }
234 }
235 EXPORT_SYMBOL_GPL(crypto_remove_spawns);
236
crypto_alg_finish_registration(struct crypto_alg * alg,bool fulfill_requests,struct list_head * algs_to_put)237 static void crypto_alg_finish_registration(struct crypto_alg *alg,
238 bool fulfill_requests,
239 struct list_head *algs_to_put)
240 {
241 struct crypto_alg *q;
242
243 list_for_each_entry(q, &crypto_alg_list, cra_list) {
244 if (q == alg)
245 continue;
246
247 if (crypto_is_moribund(q))
248 continue;
249
250 if (crypto_is_larval(q)) {
251 struct crypto_larval *larval = (void *)q;
252
253 /*
254 * Check to see if either our generic name or
255 * specific name can satisfy the name requested
256 * by the larval entry q.
257 */
258 if (strcmp(alg->cra_name, q->cra_name) &&
259 strcmp(alg->cra_driver_name, q->cra_name))
260 continue;
261
262 if (larval->adult)
263 continue;
264 if ((q->cra_flags ^ alg->cra_flags) & larval->mask)
265 continue;
266
267 if (fulfill_requests && crypto_mod_get(alg))
268 larval->adult = alg;
269 else
270 larval->adult = ERR_PTR(-EAGAIN);
271
272 continue;
273 }
274
275 if (strcmp(alg->cra_name, q->cra_name))
276 continue;
277
278 if (strcmp(alg->cra_driver_name, q->cra_driver_name) &&
279 q->cra_priority > alg->cra_priority)
280 continue;
281
282 crypto_remove_spawns(q, algs_to_put, alg);
283 }
284
285 crypto_notify(CRYPTO_MSG_ALG_LOADED, alg);
286 }
287
crypto_alloc_test_larval(struct crypto_alg * alg)288 static struct crypto_larval *crypto_alloc_test_larval(struct crypto_alg *alg)
289 {
290 struct crypto_larval *larval;
291
292 if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER) ||
293 IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS) ||
294 (alg->cra_flags & CRYPTO_ALG_INTERNAL))
295 return NULL; /* No self-test needed */
296
297 larval = crypto_larval_alloc(alg->cra_name,
298 alg->cra_flags | CRYPTO_ALG_TESTED, 0);
299 if (IS_ERR(larval))
300 return larval;
301
302 larval->adult = crypto_mod_get(alg);
303 if (!larval->adult) {
304 kfree(larval);
305 return ERR_PTR(-ENOENT);
306 }
307
308 refcount_set(&larval->alg.cra_refcnt, 1);
309 memcpy(larval->alg.cra_driver_name, alg->cra_driver_name,
310 CRYPTO_MAX_ALG_NAME);
311 larval->alg.cra_priority = alg->cra_priority;
312
313 return larval;
314 }
315
316 static struct crypto_larval *
__crypto_register_alg(struct crypto_alg * alg,struct list_head * algs_to_put)317 __crypto_register_alg(struct crypto_alg *alg, struct list_head *algs_to_put)
318 {
319 struct crypto_alg *q;
320 struct crypto_larval *larval;
321 int ret = -EAGAIN;
322
323 if (crypto_is_dead(alg))
324 goto err;
325
326 INIT_LIST_HEAD(&alg->cra_users);
327
328 ret = -EEXIST;
329
330 list_for_each_entry(q, &crypto_alg_list, cra_list) {
331 if (q == alg)
332 goto err;
333
334 if (crypto_is_moribund(q))
335 continue;
336
337 if (crypto_is_larval(q)) {
338 if (!strcmp(alg->cra_driver_name, q->cra_driver_name))
339 goto err;
340 continue;
341 }
342
343 if (!strcmp(q->cra_driver_name, alg->cra_name) ||
344 !strcmp(q->cra_name, alg->cra_driver_name))
345 goto err;
346 }
347
348 larval = crypto_alloc_test_larval(alg);
349 if (IS_ERR(larval))
350 goto out;
351
352 list_add(&alg->cra_list, &crypto_alg_list);
353
354 if (larval) {
355 /* No cheating! */
356 alg->cra_flags &= ~CRYPTO_ALG_TESTED;
357
358 list_add(&larval->alg.cra_list, &crypto_alg_list);
359 } else {
360 alg->cra_flags |= CRYPTO_ALG_TESTED;
361 crypto_alg_finish_registration(alg, true, algs_to_put);
362 }
363
364 out:
365 return larval;
366
367 err:
368 larval = ERR_PTR(ret);
369 goto out;
370 }
371
crypto_alg_tested(const char * name,int err)372 void crypto_alg_tested(const char *name, int err)
373 {
374 struct crypto_larval *test;
375 struct crypto_alg *alg;
376 struct crypto_alg *q;
377 LIST_HEAD(list);
378 bool best;
379
380 down_write(&crypto_alg_sem);
381 list_for_each_entry(q, &crypto_alg_list, cra_list) {
382 if (crypto_is_moribund(q) || !crypto_is_larval(q))
383 continue;
384
385 test = (struct crypto_larval *)q;
386
387 if (!strcmp(q->cra_driver_name, name))
388 goto found;
389 }
390
391 pr_err("alg: Unexpected test result for %s: %d\n", name, err);
392 goto unlock;
393
394 found:
395 q->cra_flags |= CRYPTO_ALG_DEAD;
396 alg = test->adult;
397
398 if (list_empty(&alg->cra_list))
399 goto complete;
400
401 if (err == -ECANCELED)
402 alg->cra_flags |= CRYPTO_ALG_FIPS_INTERNAL;
403 else if (err)
404 goto complete;
405 else
406 alg->cra_flags &= ~CRYPTO_ALG_FIPS_INTERNAL;
407
408 alg->cra_flags |= CRYPTO_ALG_TESTED;
409
410 /*
411 * If a higher-priority implementation of the same algorithm is
412 * currently being tested, then don't fulfill request larvals.
413 */
414 best = true;
415 list_for_each_entry(q, &crypto_alg_list, cra_list) {
416 if (crypto_is_moribund(q) || !crypto_is_larval(q))
417 continue;
418
419 if (strcmp(alg->cra_name, q->cra_name))
420 continue;
421
422 if (q->cra_priority > alg->cra_priority) {
423 best = false;
424 break;
425 }
426 }
427
428 crypto_alg_finish_registration(alg, best, &list);
429
430 complete:
431 complete_all(&test->completion);
432
433 unlock:
434 up_write(&crypto_alg_sem);
435
436 crypto_remove_final(&list);
437 }
438 EXPORT_SYMBOL_GPL(crypto_alg_tested);
439
crypto_remove_final(struct list_head * list)440 void crypto_remove_final(struct list_head *list)
441 {
442 struct crypto_alg *alg;
443 struct crypto_alg *n;
444
445 list_for_each_entry_safe(alg, n, list, cra_list) {
446 list_del_init(&alg->cra_list);
447 crypto_alg_put(alg);
448 }
449 }
450 EXPORT_SYMBOL_GPL(crypto_remove_final);
451
crypto_register_alg(struct crypto_alg * alg)452 int crypto_register_alg(struct crypto_alg *alg)
453 {
454 struct crypto_larval *larval;
455 LIST_HEAD(algs_to_put);
456 bool test_started = false;
457 int err;
458
459 alg->cra_flags &= ~CRYPTO_ALG_DEAD;
460 err = crypto_check_alg(alg);
461 if (err)
462 return err;
463
464 down_write(&crypto_alg_sem);
465 larval = __crypto_register_alg(alg, &algs_to_put);
466 if (!IS_ERR_OR_NULL(larval)) {
467 test_started = crypto_boot_test_finished();
468 larval->test_started = test_started;
469 }
470 up_write(&crypto_alg_sem);
471
472 if (IS_ERR(larval))
473 return PTR_ERR(larval);
474 if (test_started)
475 crypto_wait_for_test(larval);
476 crypto_remove_final(&algs_to_put);
477 return 0;
478 }
479 EXPORT_SYMBOL_GPL(crypto_register_alg);
480
crypto_remove_alg(struct crypto_alg * alg,struct list_head * list)481 static int crypto_remove_alg(struct crypto_alg *alg, struct list_head *list)
482 {
483 if (unlikely(list_empty(&alg->cra_list)))
484 return -ENOENT;
485
486 alg->cra_flags |= CRYPTO_ALG_DEAD;
487
488 list_del_init(&alg->cra_list);
489 crypto_remove_spawns(alg, list, NULL);
490
491 return 0;
492 }
493
crypto_unregister_alg(struct crypto_alg * alg)494 void crypto_unregister_alg(struct crypto_alg *alg)
495 {
496 int ret;
497 LIST_HEAD(list);
498
499 down_write(&crypto_alg_sem);
500 ret = crypto_remove_alg(alg, &list);
501 up_write(&crypto_alg_sem);
502
503 if (WARN(ret, "Algorithm %s is not registered", alg->cra_driver_name))
504 return;
505
506 if (WARN_ON(refcount_read(&alg->cra_refcnt) != 1))
507 return;
508
509 if (alg->cra_destroy)
510 alg->cra_destroy(alg);
511
512 crypto_remove_final(&list);
513 }
514 EXPORT_SYMBOL_GPL(crypto_unregister_alg);
515
crypto_register_algs(struct crypto_alg * algs,int count)516 int crypto_register_algs(struct crypto_alg *algs, int count)
517 {
518 int i, ret;
519
520 for (i = 0; i < count; i++) {
521 ret = crypto_register_alg(&algs[i]);
522 if (ret)
523 goto err;
524 }
525
526 return 0;
527
528 err:
529 for (--i; i >= 0; --i)
530 crypto_unregister_alg(&algs[i]);
531
532 return ret;
533 }
534 EXPORT_SYMBOL_GPL(crypto_register_algs);
535
crypto_unregister_algs(struct crypto_alg * algs,int count)536 void crypto_unregister_algs(struct crypto_alg *algs, int count)
537 {
538 int i;
539
540 for (i = 0; i < count; i++)
541 crypto_unregister_alg(&algs[i]);
542 }
543 EXPORT_SYMBOL_GPL(crypto_unregister_algs);
544
crypto_register_template(struct crypto_template * tmpl)545 int crypto_register_template(struct crypto_template *tmpl)
546 {
547 struct crypto_template *q;
548 int err = -EEXIST;
549
550 down_write(&crypto_alg_sem);
551
552 crypto_check_module_sig(tmpl->module);
553
554 list_for_each_entry(q, &crypto_template_list, list) {
555 if (q == tmpl)
556 goto out;
557 }
558
559 list_add(&tmpl->list, &crypto_template_list);
560 err = 0;
561 out:
562 up_write(&crypto_alg_sem);
563 return err;
564 }
565 EXPORT_SYMBOL_GPL(crypto_register_template);
566
crypto_register_templates(struct crypto_template * tmpls,int count)567 int crypto_register_templates(struct crypto_template *tmpls, int count)
568 {
569 int i, err;
570
571 for (i = 0; i < count; i++) {
572 err = crypto_register_template(&tmpls[i]);
573 if (err)
574 goto out;
575 }
576 return 0;
577
578 out:
579 for (--i; i >= 0; --i)
580 crypto_unregister_template(&tmpls[i]);
581 return err;
582 }
583 EXPORT_SYMBOL_GPL(crypto_register_templates);
584
crypto_unregister_template(struct crypto_template * tmpl)585 void crypto_unregister_template(struct crypto_template *tmpl)
586 {
587 struct crypto_instance *inst;
588 struct hlist_node *n;
589 struct hlist_head *list;
590 LIST_HEAD(users);
591
592 down_write(&crypto_alg_sem);
593
594 BUG_ON(list_empty(&tmpl->list));
595 list_del_init(&tmpl->list);
596
597 list = &tmpl->instances;
598 hlist_for_each_entry(inst, list, list) {
599 int err = crypto_remove_alg(&inst->alg, &users);
600
601 BUG_ON(err);
602 }
603
604 up_write(&crypto_alg_sem);
605
606 hlist_for_each_entry_safe(inst, n, list, list) {
607 BUG_ON(refcount_read(&inst->alg.cra_refcnt) != 1);
608 crypto_free_instance(inst);
609 }
610 crypto_remove_final(&users);
611 }
612 EXPORT_SYMBOL_GPL(crypto_unregister_template);
613
crypto_unregister_templates(struct crypto_template * tmpls,int count)614 void crypto_unregister_templates(struct crypto_template *tmpls, int count)
615 {
616 int i;
617
618 for (i = count - 1; i >= 0; --i)
619 crypto_unregister_template(&tmpls[i]);
620 }
621 EXPORT_SYMBOL_GPL(crypto_unregister_templates);
622
__crypto_lookup_template(const char * name)623 static struct crypto_template *__crypto_lookup_template(const char *name)
624 {
625 struct crypto_template *q, *tmpl = NULL;
626
627 down_read(&crypto_alg_sem);
628 list_for_each_entry(q, &crypto_template_list, list) {
629 if (strcmp(q->name, name))
630 continue;
631 if (unlikely(!crypto_tmpl_get(q)))
632 continue;
633
634 tmpl = q;
635 break;
636 }
637 up_read(&crypto_alg_sem);
638
639 return tmpl;
640 }
641
crypto_lookup_template(const char * name)642 struct crypto_template *crypto_lookup_template(const char *name)
643 {
644 return try_then_request_module(__crypto_lookup_template(name),
645 "crypto-%s", name);
646 }
647 EXPORT_SYMBOL_GPL(crypto_lookup_template);
648
crypto_register_instance(struct crypto_template * tmpl,struct crypto_instance * inst)649 int crypto_register_instance(struct crypto_template *tmpl,
650 struct crypto_instance *inst)
651 {
652 struct crypto_larval *larval;
653 struct crypto_spawn *spawn;
654 u32 fips_internal = 0;
655 LIST_HEAD(algs_to_put);
656 int err;
657
658 err = crypto_check_alg(&inst->alg);
659 if (err)
660 return err;
661
662 inst->alg.cra_module = tmpl->module;
663 inst->alg.cra_flags |= CRYPTO_ALG_INSTANCE;
664
665 down_write(&crypto_alg_sem);
666
667 larval = ERR_PTR(-EAGAIN);
668 for (spawn = inst->spawns; spawn;) {
669 struct crypto_spawn *next;
670
671 if (spawn->dead)
672 goto unlock;
673
674 next = spawn->next;
675 spawn->inst = inst;
676 spawn->registered = true;
677
678 fips_internal |= spawn->alg->cra_flags;
679
680 crypto_mod_put(spawn->alg);
681
682 spawn = next;
683 }
684
685 inst->alg.cra_flags |= (fips_internal & CRYPTO_ALG_FIPS_INTERNAL);
686
687 larval = __crypto_register_alg(&inst->alg, &algs_to_put);
688 if (IS_ERR(larval))
689 goto unlock;
690 else if (larval)
691 larval->test_started = true;
692
693 hlist_add_head(&inst->list, &tmpl->instances);
694 inst->tmpl = tmpl;
695
696 unlock:
697 up_write(&crypto_alg_sem);
698
699 if (IS_ERR(larval))
700 return PTR_ERR(larval);
701 if (larval)
702 crypto_wait_for_test(larval);
703 crypto_remove_final(&algs_to_put);
704 return 0;
705 }
706 EXPORT_SYMBOL_GPL(crypto_register_instance);
707
crypto_unregister_instance(struct crypto_instance * inst)708 void crypto_unregister_instance(struct crypto_instance *inst)
709 {
710 LIST_HEAD(list);
711
712 down_write(&crypto_alg_sem);
713
714 crypto_remove_spawns(&inst->alg, &list, NULL);
715 crypto_remove_instance(inst, &list);
716
717 up_write(&crypto_alg_sem);
718
719 crypto_remove_final(&list);
720 }
721 EXPORT_SYMBOL_GPL(crypto_unregister_instance);
722
crypto_grab_spawn(struct crypto_spawn * spawn,struct crypto_instance * inst,const char * name,u32 type,u32 mask)723 int crypto_grab_spawn(struct crypto_spawn *spawn, struct crypto_instance *inst,
724 const char *name, u32 type, u32 mask)
725 {
726 struct crypto_alg *alg;
727 int err = -EAGAIN;
728
729 if (WARN_ON_ONCE(inst == NULL))
730 return -EINVAL;
731
732 /* Allow the result of crypto_attr_alg_name() to be passed directly */
733 if (IS_ERR(name))
734 return PTR_ERR(name);
735
736 alg = crypto_find_alg(name, spawn->frontend,
737 type | CRYPTO_ALG_FIPS_INTERNAL, mask);
738 if (IS_ERR(alg))
739 return PTR_ERR(alg);
740
741 down_write(&crypto_alg_sem);
742 if (!crypto_is_moribund(alg)) {
743 list_add(&spawn->list, &alg->cra_users);
744 spawn->alg = alg;
745 spawn->mask = mask;
746 spawn->next = inst->spawns;
747 inst->spawns = spawn;
748 inst->alg.cra_flags |=
749 (alg->cra_flags & CRYPTO_ALG_INHERITED_FLAGS);
750 err = 0;
751 }
752 up_write(&crypto_alg_sem);
753 if (err)
754 crypto_mod_put(alg);
755 return err;
756 }
757 EXPORT_SYMBOL_GPL(crypto_grab_spawn);
758
crypto_drop_spawn(struct crypto_spawn * spawn)759 void crypto_drop_spawn(struct crypto_spawn *spawn)
760 {
761 if (!spawn->alg) /* not yet initialized? */
762 return;
763
764 down_write(&crypto_alg_sem);
765 if (!spawn->dead)
766 list_del(&spawn->list);
767 up_write(&crypto_alg_sem);
768
769 if (!spawn->registered)
770 crypto_mod_put(spawn->alg);
771 }
772 EXPORT_SYMBOL_GPL(crypto_drop_spawn);
773
crypto_spawn_alg(struct crypto_spawn * spawn)774 static struct crypto_alg *crypto_spawn_alg(struct crypto_spawn *spawn)
775 {
776 struct crypto_alg *alg = ERR_PTR(-EAGAIN);
777 struct crypto_alg *target;
778 bool shoot = false;
779
780 down_read(&crypto_alg_sem);
781 if (!spawn->dead) {
782 alg = spawn->alg;
783 if (!crypto_mod_get(alg)) {
784 target = crypto_alg_get(alg);
785 shoot = true;
786 alg = ERR_PTR(-EAGAIN);
787 }
788 }
789 up_read(&crypto_alg_sem);
790
791 if (shoot) {
792 crypto_shoot_alg(target);
793 crypto_alg_put(target);
794 }
795
796 return alg;
797 }
798
crypto_spawn_tfm(struct crypto_spawn * spawn,u32 type,u32 mask)799 struct crypto_tfm *crypto_spawn_tfm(struct crypto_spawn *spawn, u32 type,
800 u32 mask)
801 {
802 struct crypto_alg *alg;
803 struct crypto_tfm *tfm;
804
805 alg = crypto_spawn_alg(spawn);
806 if (IS_ERR(alg))
807 return ERR_CAST(alg);
808
809 tfm = ERR_PTR(-EINVAL);
810 if (unlikely((alg->cra_flags ^ type) & mask))
811 goto out_put_alg;
812
813 tfm = __crypto_alloc_tfm(alg, type, mask);
814 if (IS_ERR(tfm))
815 goto out_put_alg;
816
817 return tfm;
818
819 out_put_alg:
820 crypto_mod_put(alg);
821 return tfm;
822 }
823 EXPORT_SYMBOL_GPL(crypto_spawn_tfm);
824
crypto_spawn_tfm2(struct crypto_spawn * spawn)825 void *crypto_spawn_tfm2(struct crypto_spawn *spawn)
826 {
827 struct crypto_alg *alg;
828 struct crypto_tfm *tfm;
829
830 alg = crypto_spawn_alg(spawn);
831 if (IS_ERR(alg))
832 return ERR_CAST(alg);
833
834 tfm = crypto_create_tfm(alg, spawn->frontend);
835 if (IS_ERR(tfm))
836 goto out_put_alg;
837
838 return tfm;
839
840 out_put_alg:
841 crypto_mod_put(alg);
842 return tfm;
843 }
844 EXPORT_SYMBOL_GPL(crypto_spawn_tfm2);
845
crypto_register_notifier(struct notifier_block * nb)846 int crypto_register_notifier(struct notifier_block *nb)
847 {
848 return blocking_notifier_chain_register(&crypto_chain, nb);
849 }
850 EXPORT_SYMBOL_GPL(crypto_register_notifier);
851
crypto_unregister_notifier(struct notifier_block * nb)852 int crypto_unregister_notifier(struct notifier_block *nb)
853 {
854 return blocking_notifier_chain_unregister(&crypto_chain, nb);
855 }
856 EXPORT_SYMBOL_GPL(crypto_unregister_notifier);
857
crypto_get_attr_type(struct rtattr ** tb)858 struct crypto_attr_type *crypto_get_attr_type(struct rtattr **tb)
859 {
860 struct rtattr *rta = tb[0];
861 struct crypto_attr_type *algt;
862
863 if (!rta)
864 return ERR_PTR(-ENOENT);
865 if (RTA_PAYLOAD(rta) < sizeof(*algt))
866 return ERR_PTR(-EINVAL);
867 if (rta->rta_type != CRYPTOA_TYPE)
868 return ERR_PTR(-EINVAL);
869
870 algt = RTA_DATA(rta);
871
872 return algt;
873 }
874 EXPORT_SYMBOL_GPL(crypto_get_attr_type);
875
876 /**
877 * crypto_check_attr_type() - check algorithm type and compute inherited mask
878 * @tb: the template parameters
879 * @type: the algorithm type the template would be instantiated as
880 * @mask_ret: (output) the mask that should be passed to crypto_grab_*()
881 * to restrict the flags of any inner algorithms
882 *
883 * Validate that the algorithm type the user requested is compatible with the
884 * one the template would actually be instantiated as. E.g., if the user is
885 * doing crypto_alloc_shash("cbc(aes)", ...), this would return an error because
886 * the "cbc" template creates an "skcipher" algorithm, not an "shash" algorithm.
887 *
888 * Also compute the mask to use to restrict the flags of any inner algorithms.
889 *
890 * Return: 0 on success; -errno on failure
891 */
crypto_check_attr_type(struct rtattr ** tb,u32 type,u32 * mask_ret)892 int crypto_check_attr_type(struct rtattr **tb, u32 type, u32 *mask_ret)
893 {
894 struct crypto_attr_type *algt;
895
896 algt = crypto_get_attr_type(tb);
897 if (IS_ERR(algt))
898 return PTR_ERR(algt);
899
900 if ((algt->type ^ type) & algt->mask)
901 return -EINVAL;
902
903 *mask_ret = crypto_algt_inherited_mask(algt);
904 return 0;
905 }
906 EXPORT_SYMBOL_GPL(crypto_check_attr_type);
907
crypto_attr_alg_name(struct rtattr * rta)908 const char *crypto_attr_alg_name(struct rtattr *rta)
909 {
910 struct crypto_attr_alg *alga;
911
912 if (!rta)
913 return ERR_PTR(-ENOENT);
914 if (RTA_PAYLOAD(rta) < sizeof(*alga))
915 return ERR_PTR(-EINVAL);
916 if (rta->rta_type != CRYPTOA_ALG)
917 return ERR_PTR(-EINVAL);
918
919 alga = RTA_DATA(rta);
920 alga->name[CRYPTO_MAX_ALG_NAME - 1] = 0;
921
922 return alga->name;
923 }
924 EXPORT_SYMBOL_GPL(crypto_attr_alg_name);
925
crypto_inst_setname(struct crypto_instance * inst,const char * name,struct crypto_alg * alg)926 int crypto_inst_setname(struct crypto_instance *inst, const char *name,
927 struct crypto_alg *alg)
928 {
929 if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, "%s(%s)", name,
930 alg->cra_name) >= CRYPTO_MAX_ALG_NAME)
931 return -ENAMETOOLONG;
932
933 if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s(%s)",
934 name, alg->cra_driver_name) >= CRYPTO_MAX_ALG_NAME)
935 return -ENAMETOOLONG;
936
937 return 0;
938 }
939 EXPORT_SYMBOL_GPL(crypto_inst_setname);
940
crypto_init_queue(struct crypto_queue * queue,unsigned int max_qlen)941 void crypto_init_queue(struct crypto_queue *queue, unsigned int max_qlen)
942 {
943 INIT_LIST_HEAD(&queue->list);
944 queue->backlog = &queue->list;
945 queue->qlen = 0;
946 queue->max_qlen = max_qlen;
947 }
948 EXPORT_SYMBOL_GPL(crypto_init_queue);
949
crypto_enqueue_request(struct crypto_queue * queue,struct crypto_async_request * request)950 int crypto_enqueue_request(struct crypto_queue *queue,
951 struct crypto_async_request *request)
952 {
953 int err = -EINPROGRESS;
954
955 if (unlikely(queue->qlen >= queue->max_qlen)) {
956 if (!(request->flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) {
957 err = -ENOSPC;
958 goto out;
959 }
960 err = -EBUSY;
961 if (queue->backlog == &queue->list)
962 queue->backlog = &request->list;
963 }
964
965 queue->qlen++;
966 list_add_tail(&request->list, &queue->list);
967
968 out:
969 return err;
970 }
971 EXPORT_SYMBOL_GPL(crypto_enqueue_request);
972
crypto_enqueue_request_head(struct crypto_queue * queue,struct crypto_async_request * request)973 void crypto_enqueue_request_head(struct crypto_queue *queue,
974 struct crypto_async_request *request)
975 {
976 if (unlikely(queue->qlen >= queue->max_qlen))
977 queue->backlog = queue->backlog->prev;
978
979 queue->qlen++;
980 list_add(&request->list, &queue->list);
981 }
982 EXPORT_SYMBOL_GPL(crypto_enqueue_request_head);
983
crypto_dequeue_request(struct crypto_queue * queue)984 struct crypto_async_request *crypto_dequeue_request(struct crypto_queue *queue)
985 {
986 struct list_head *request;
987
988 if (unlikely(!queue->qlen))
989 return NULL;
990
991 queue->qlen--;
992
993 if (queue->backlog != &queue->list)
994 queue->backlog = queue->backlog->next;
995
996 request = queue->list.next;
997 list_del(request);
998
999 return list_entry(request, struct crypto_async_request, list);
1000 }
1001 EXPORT_SYMBOL_GPL(crypto_dequeue_request);
1002
crypto_inc_byte(u8 * a,unsigned int size)1003 static inline void crypto_inc_byte(u8 *a, unsigned int size)
1004 {
1005 u8 *b = (a + size);
1006 u8 c;
1007
1008 for (; size; size--) {
1009 c = *--b + 1;
1010 *b = c;
1011 if (c)
1012 break;
1013 }
1014 }
1015
crypto_inc(u8 * a,unsigned int size)1016 void crypto_inc(u8 *a, unsigned int size)
1017 {
1018 __be32 *b = (__be32 *)(a + size);
1019 u32 c;
1020
1021 if (IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) ||
1022 IS_ALIGNED((unsigned long)b, __alignof__(*b)))
1023 for (; size >= 4; size -= 4) {
1024 c = be32_to_cpu(*--b) + 1;
1025 *b = cpu_to_be32(c);
1026 if (likely(c))
1027 return;
1028 }
1029
1030 crypto_inc_byte(a, size);
1031 }
1032 EXPORT_SYMBOL_GPL(crypto_inc);
1033
crypto_alg_extsize(struct crypto_alg * alg)1034 unsigned int crypto_alg_extsize(struct crypto_alg *alg)
1035 {
1036 return alg->cra_ctxsize +
1037 (alg->cra_alignmask & ~(crypto_tfm_ctx_alignment() - 1));
1038 }
1039 EXPORT_SYMBOL_GPL(crypto_alg_extsize);
1040
crypto_type_has_alg(const char * name,const struct crypto_type * frontend,u32 type,u32 mask)1041 int crypto_type_has_alg(const char *name, const struct crypto_type *frontend,
1042 u32 type, u32 mask)
1043 {
1044 int ret = 0;
1045 struct crypto_alg *alg = crypto_find_alg(name, frontend, type, mask);
1046
1047 if (!IS_ERR(alg)) {
1048 crypto_mod_put(alg);
1049 ret = 1;
1050 }
1051
1052 return ret;
1053 }
1054 EXPORT_SYMBOL_GPL(crypto_type_has_alg);
1055
crypto_start_tests(void)1056 static void __init crypto_start_tests(void)
1057 {
1058 if (IS_ENABLED(CONFIG_CRYPTO_MANAGER_DISABLE_TESTS))
1059 return;
1060
1061 for (;;) {
1062 struct crypto_larval *larval = NULL;
1063 struct crypto_alg *q;
1064
1065 down_write(&crypto_alg_sem);
1066
1067 list_for_each_entry(q, &crypto_alg_list, cra_list) {
1068 struct crypto_larval *l;
1069
1070 if (!crypto_is_larval(q))
1071 continue;
1072
1073 l = (void *)q;
1074
1075 if (!crypto_is_test_larval(l))
1076 continue;
1077
1078 if (l->test_started)
1079 continue;
1080
1081 l->test_started = true;
1082 larval = l;
1083 break;
1084 }
1085
1086 up_write(&crypto_alg_sem);
1087
1088 if (!larval)
1089 break;
1090
1091 crypto_wait_for_test(larval);
1092 }
1093
1094 set_crypto_boot_test_finished();
1095 }
1096
crypto_algapi_init(void)1097 static int __init crypto_algapi_init(void)
1098 {
1099 crypto_init_proc();
1100 crypto_start_tests();
1101 return 0;
1102 }
1103
crypto_algapi_exit(void)1104 static void __exit crypto_algapi_exit(void)
1105 {
1106 crypto_exit_proc();
1107 }
1108
1109 /*
1110 * We run this at late_initcall so that all the built-in algorithms
1111 * have had a chance to register themselves first.
1112 */
1113 late_initcall(crypto_algapi_init);
1114 module_exit(crypto_algapi_exit);
1115
1116 MODULE_LICENSE("GPL");
1117 MODULE_DESCRIPTION("Cryptographic algorithms API");
1118 MODULE_SOFTDEP("pre: cryptomgr");
1119