Re: [v2 PATCH 9/26] eCryptfs: Use skcipher and shash
On 2016-01-25 10:29:33, Herbert Xu wrote: > On Sun, Jan 24, 2016 at 07:10:50PM +0100, Julia Lawall wrote: > > Maybe the goto on line 1726 needs a preceding mutex_unlock? > > Good catch! Thanks. > > ---8<--- > This patch replaces uses of ablkcipher and blkcipher with skcipher, > and the long obsolete hash interface with shash. > > Signed-off-by: Herbert Xu Acked-by: Tyler Hicks I have no problem with you taking this through the cryptodev tree. Thanks! Tyler > > diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c > index 80d6901..11255cb 100644 > --- a/fs/ecryptfs/crypto.c > +++ b/fs/ecryptfs/crypto.c > @@ -23,6 +23,8 @@ > * 02111-1307, USA. > */ > > +#include > +#include > #include > #include > #include > @@ -30,7 +32,6 @@ > #include > #include > #include > -#include > #include > #include > #include > @@ -74,6 +75,19 @@ void ecryptfs_from_hex(char *dst, char *src, int dst_size) > } > } > > +static int ecryptfs_hash_digest(struct crypto_shash *tfm, > + char *src, int len, char *dst) > +{ > + SHASH_DESC_ON_STACK(desc, tfm); > + int err; > + > + desc->tfm = tfm; > + desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; > + err = crypto_shash_digest(desc, src, len, dst); > + shash_desc_zero(desc); > + return err; > +} > + > /** > * ecryptfs_calculate_md5 - calculates the md5 of @src > * @dst: Pointer to 16 bytes of allocated memory > @@ -88,45 +102,26 @@ static int ecryptfs_calculate_md5(char *dst, > struct ecryptfs_crypt_stat *crypt_stat, > char *src, int len) > { > - struct scatterlist sg; > - struct hash_desc desc = { > - .tfm = crypt_stat->hash_tfm, > - .flags = CRYPTO_TFM_REQ_MAY_SLEEP > - }; > + struct crypto_shash *tfm; > int rc = 0; > > mutex_lock(&crypt_stat->cs_hash_tfm_mutex); > - sg_init_one(&sg, (u8 *)src, len); > - if (!desc.tfm) { > - desc.tfm = crypto_alloc_hash(ECRYPTFS_DEFAULT_HASH, 0, > - CRYPTO_ALG_ASYNC); > - if (IS_ERR(desc.tfm)) { > - rc = PTR_ERR(desc.tfm); > + tfm = crypt_stat->hash_tfm; > + if (!tfm) { > + tfm = crypto_alloc_shash(ECRYPTFS_DEFAULT_HASH, 0, 0); > + if (IS_ERR(tfm)) { > + rc = PTR_ERR(tfm); > ecryptfs_printk(KERN_ERR, "Error attempting to " > "allocate crypto context; rc = [%d]\n", > rc); > goto out; > } > - crypt_stat->hash_tfm = desc.tfm; > - } > - rc = crypto_hash_init(&desc); > - if (rc) { > - printk(KERN_ERR > -"%s: Error initializing crypto hash; rc = [%d]\n", > -__func__, rc); > - goto out; > + crypt_stat->hash_tfm = tfm; > } > - rc = crypto_hash_update(&desc, &sg, len); > + rc = ecryptfs_hash_digest(tfm, src, len, dst); > if (rc) { > printk(KERN_ERR > -"%s: Error updating crypto hash; rc = [%d]\n", > -__func__, rc); > - goto out; > - } > - rc = crypto_hash_final(&desc, dst); > - if (rc) { > - printk(KERN_ERR > -"%s: Error finalizing crypto hash; rc = [%d]\n", > +"%s: Error computing crypto hash; rc = [%d]\n", > __func__, rc); > goto out; > } > @@ -234,10 +229,8 @@ void ecryptfs_destroy_crypt_stat(struct > ecryptfs_crypt_stat *crypt_stat) > { > struct ecryptfs_key_sig *key_sig, *key_sig_tmp; > > - if (crypt_stat->tfm) > - crypto_free_ablkcipher(crypt_stat->tfm); > - if (crypt_stat->hash_tfm) > - crypto_free_hash(crypt_stat->hash_tfm); > + crypto_free_skcipher(crypt_stat->tfm); > + crypto_free_shash(crypt_stat->hash_tfm); > list_for_each_entry_safe(key_sig, key_sig_tmp, >&crypt_stat->keysig_list, crypt_stat_list) { > list_del(&key_sig->crypt_stat_list); > @@ -342,7 +335,7 @@ static int crypt_scatterlist(struct ecryptfs_crypt_stat > *crypt_stat, >struct scatterlist *src_sg, int size, >unsigned char *iv, int op) > { > - struct ablkcipher_request *req = NULL; > + struct skcipher_request *req = NULL; > struct extent_crypt_result ecr; > int rc = 0; > > @@ -358,20 +351,20 @@ static int crypt_scatterlist(struct ecryptfs_crypt_stat > *crypt_stat, > init_completion(&ecr.completion); > > mutex_lock(&crypt_stat->cs_tfm_mutex); > - req = ablkcipher_request_alloc(crypt_stat->tfm, GFP_NOFS); > + req = skcipher_request_alloc(crypt_stat->tfm, GFP_NOFS); > if (!req) { > mutex_unlock(&crypt
[v2 PATCH 9/26] eCryptfs: Use skcipher and shash
On Sun, Jan 24, 2016 at 07:10:50PM +0100, Julia Lawall wrote: > Maybe the goto on line 1726 needs a preceding mutex_unlock? Good catch! Thanks. ---8<--- This patch replaces uses of ablkcipher and blkcipher with skcipher, and the long obsolete hash interface with shash. Signed-off-by: Herbert Xu diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index 80d6901..11255cb 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c @@ -23,6 +23,8 @@ * 02111-1307, USA. */ +#include +#include #include #include #include @@ -30,7 +32,6 @@ #include #include #include -#include #include #include #include @@ -74,6 +75,19 @@ void ecryptfs_from_hex(char *dst, char *src, int dst_size) } } +static int ecryptfs_hash_digest(struct crypto_shash *tfm, + char *src, int len, char *dst) +{ + SHASH_DESC_ON_STACK(desc, tfm); + int err; + + desc->tfm = tfm; + desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; + err = crypto_shash_digest(desc, src, len, dst); + shash_desc_zero(desc); + return err; +} + /** * ecryptfs_calculate_md5 - calculates the md5 of @src * @dst: Pointer to 16 bytes of allocated memory @@ -88,45 +102,26 @@ static int ecryptfs_calculate_md5(char *dst, struct ecryptfs_crypt_stat *crypt_stat, char *src, int len) { - struct scatterlist sg; - struct hash_desc desc = { - .tfm = crypt_stat->hash_tfm, - .flags = CRYPTO_TFM_REQ_MAY_SLEEP - }; + struct crypto_shash *tfm; int rc = 0; mutex_lock(&crypt_stat->cs_hash_tfm_mutex); - sg_init_one(&sg, (u8 *)src, len); - if (!desc.tfm) { - desc.tfm = crypto_alloc_hash(ECRYPTFS_DEFAULT_HASH, 0, -CRYPTO_ALG_ASYNC); - if (IS_ERR(desc.tfm)) { - rc = PTR_ERR(desc.tfm); + tfm = crypt_stat->hash_tfm; + if (!tfm) { + tfm = crypto_alloc_shash(ECRYPTFS_DEFAULT_HASH, 0, 0); + if (IS_ERR(tfm)) { + rc = PTR_ERR(tfm); ecryptfs_printk(KERN_ERR, "Error attempting to " "allocate crypto context; rc = [%d]\n", rc); goto out; } - crypt_stat->hash_tfm = desc.tfm; - } - rc = crypto_hash_init(&desc); - if (rc) { - printk(KERN_ERR - "%s: Error initializing crypto hash; rc = [%d]\n", - __func__, rc); - goto out; + crypt_stat->hash_tfm = tfm; } - rc = crypto_hash_update(&desc, &sg, len); + rc = ecryptfs_hash_digest(tfm, src, len, dst); if (rc) { printk(KERN_ERR - "%s: Error updating crypto hash; rc = [%d]\n", - __func__, rc); - goto out; - } - rc = crypto_hash_final(&desc, dst); - if (rc) { - printk(KERN_ERR - "%s: Error finalizing crypto hash; rc = [%d]\n", + "%s: Error computing crypto hash; rc = [%d]\n", __func__, rc); goto out; } @@ -234,10 +229,8 @@ void ecryptfs_destroy_crypt_stat(struct ecryptfs_crypt_stat *crypt_stat) { struct ecryptfs_key_sig *key_sig, *key_sig_tmp; - if (crypt_stat->tfm) - crypto_free_ablkcipher(crypt_stat->tfm); - if (crypt_stat->hash_tfm) - crypto_free_hash(crypt_stat->hash_tfm); + crypto_free_skcipher(crypt_stat->tfm); + crypto_free_shash(crypt_stat->hash_tfm); list_for_each_entry_safe(key_sig, key_sig_tmp, &crypt_stat->keysig_list, crypt_stat_list) { list_del(&key_sig->crypt_stat_list); @@ -342,7 +335,7 @@ static int crypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat, struct scatterlist *src_sg, int size, unsigned char *iv, int op) { - struct ablkcipher_request *req = NULL; + struct skcipher_request *req = NULL; struct extent_crypt_result ecr; int rc = 0; @@ -358,20 +351,20 @@ static int crypt_scatterlist(struct ecryptfs_crypt_stat *crypt_stat, init_completion(&ecr.completion); mutex_lock(&crypt_stat->cs_tfm_mutex); - req = ablkcipher_request_alloc(crypt_stat->tfm, GFP_NOFS); + req = skcipher_request_alloc(crypt_stat->tfm, GFP_NOFS); if (!req) { mutex_unlock(&crypt_stat->cs_tfm_mutex); rc = -ENOMEM; goto out; } - ablkcipher_request_set_callback(req, + skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,