Re: [v2 PATCH 9/26] eCryptfs: Use skcipher and shash
On 2016-01-25 10:29:33, Herbert Xu wrote:
> On Sun, Jan 24, 2016 at 07:10:50PM +0100, Julia Lawall wrote:
> > Maybe the goto on line 1726 needs a preceding mutex_unlock?
>
> Good catch! Thanks.
>
> ---8<---
> This patch replaces uses of ablkcipher and blkcipher with skcipher,
> and the long obsolete hash interface with shash.
>
> Signed-off-by: Herbert Xu
Acked-by: Tyler Hicks
I have no problem with you taking this through the cryptodev tree.
Thanks!
Tyler
>
> diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
> index 80d6901..11255cb 100644
> --- a/fs/ecryptfs/crypto.c
> +++ b/fs/ecryptfs/crypto.c
> @@ -23,6 +23,8 @@
> * 02111-1307, USA.
> */
>
> +#include
> +#include
> #include
> #include
> #include
> @@ -30,7 +32,6 @@
> #include
> #include
> #include
> -#include
> #include
> #include
> #include
> @@ -74,6 +75,19 @@ void ecryptfs_from_hex(char *dst, char *src, int dst_size)
> }
> }
>
> +static int ecryptfs_hash_digest(struct crypto_shash *tfm,
> + char *src, int len, char *dst)
> +{
> + SHASH_DESC_ON_STACK(desc, tfm);
> + int err;
> +
> + desc->tfm = tfm;
> + desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
> + err = crypto_shash_digest(desc, src, len, dst);
> + shash_desc_zero(desc);
> + return err;
> +}
> +
> /**
> * ecryptfs_calculate_md5 - calculates the md5 of @src
> * @dst: Pointer to 16 bytes of allocated memory
> @@ -88,45 +102,26 @@ static int ecryptfs_calculate_md5(char *dst,
> struct ecryptfs_crypt_stat *crypt_stat,
> char *src, int len)
> {
> - struct scatterlist sg;
> - struct hash_desc desc = {
> - .tfm = crypt_stat->hash_tfm,
> - .flags = CRYPTO_TFM_REQ_MAY_SLEEP
> - };
> + struct crypto_shash *tfm;
> int rc = 0;
>
> mutex_lock(&crypt_stat->cs_hash_tfm_mutex);
> - sg_init_one(&sg, (u8 *)src, len);
> - if (!desc.tfm) {
> - desc.tfm = crypto_alloc_hash(ECRYPTFS_DEFAULT_HASH, 0,
> - CRYPTO_ALG_ASYNC);
> - if (IS_ERR(desc.tfm)) {
> - rc = PTR_ERR(desc.tfm);
> + tfm = crypt_stat->hash_tfm;
> + if (!tfm) {
> + tfm = crypto_alloc_shash(ECRYPTFS_DEFAULT_HASH, 0, 0);
> + if (IS_ERR(tfm)) {
> + rc = PTR_ERR(tfm);
> ecryptfs_printk(KERN_ERR, "Error attempting to "
> "allocate crypto context; rc = [%d]\n",
> rc);
> goto out;
> }
> - crypt_stat->hash_tfm = desc.tfm;
> - }
> - rc = crypto_hash_init(&desc);
> - if (rc) {
> - printk(KERN_ERR
> -"%s: Error initializing crypto hash; rc = [%d]\n",
> -__func__, rc);
> - goto out;
> + crypt_stat->hash_tfm = tfm;
> }
> - rc = crypto_hash_update(&desc, &sg, len);
> + rc = ecryptfs_hash_digest(tfm, src, len, dst);
> if (rc) {
> printk(KERN_ERR
> -"%s: Error updating crypto hash; rc = [%d]\n",
> -__func__, rc);
> - goto out;
> - }
> - rc = crypto_hash_final(&desc, dst);
> - if (rc) {
> - printk(KERN_ERR
> -"%s: Error finalizing crypto hash; rc = [%d]\n",
> +"%s: Error computing crypto hash; rc = [%d]\n",
> __func__, rc);
> goto out;
> }
> @@ -234,10 +229,8 @@ void ecryptfs_destroy_crypt_stat(struct
> ecryptfs_crypt_stat *crypt_stat)
> {
> struct ecryptfs_key_sig *key_sig, *key_sig_tmp;
>
> - if (crypt_stat->tfm)
> - crypto_free_ablkcipher(crypt_stat->tfm);
> - if (crypt_stat->hash_tfm)
> - crypto_free_hash(crypt_stat->hash_tfm);
> + crypto_free_skcipher(crypt_stat->tfm);
> + crypto_free_shash(crypt_stat->hash_tfm);
> list_for_each_entry_safe(key_sig, key_sig_tmp,
>&crypt_stat->keysig_list, crypt_stat_list) {
> list_del(&key_sig->crypt_stat_list);
> @@ -342,7 +335,7 @@ static int crypt_scatterlist(struct ecryptfs_crypt_stat
> *crypt_stat,
>struct scatterlist *src_sg, int size,
>unsigned char *iv, int op)
> {
> - struct ablkcipher_request *req = NULL;
> + struct skcipher_request *req = NULL;
> struct extent_crypt_result ecr;
> int rc = 0;
>
> @@ -358,20 +351,20 @@ static int crypt_scatterlist(struct ecryptfs_crypt_stat
> *crypt_stat,
> init_completion(&ecr.completion);
>
> mutex_lock(&crypt_stat->cs_tfm_mutex);
> - req = ablkcipher_request_alloc(crypt_stat->tfm, GFP_NOFS);
> + req = skcipher_request_alloc(crypt_stat->tfm, GFP_NOFS);
> if (!req) {
> mutex_unlock(&crypt
[v2 PATCH 9/26] eCryptfs: Use skcipher and shash
On Sun, Jan 24, 2016 at 07:10:50PM +0100, Julia Lawall wrote:
> Maybe the goto on line 1726 needs a preceding mutex_unlock?
Good catch! Thanks.
---8<---
This patch replaces uses of ablkcipher and blkcipher with skcipher,
and the long obsolete hash interface with shash.
Signed-off-by: Herbert Xu
diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c
index 80d6901..11255cb 100644
--- a/fs/ecryptfs/crypto.c
+++ b/fs/ecryptfs/crypto.c
@@ -23,6 +23,8 @@
* 02111-1307, USA.
*/
+#include
+#include
#include
#include
#include
@@ -30,7 +32,6 @@
#include
#include
#include
-#include
#include
#include
#include
@@ -74,6 +75,19 @@ void ecryptfs_from_hex(char *dst, char *src, int dst_size)
}
}
+static int ecryptfs_hash_digest(struct crypto_shash *tfm,
+ char *src, int len, char *dst)
+{
+ SHASH_DESC_ON_STACK(desc, tfm);
+ int err;
+
+ desc->tfm = tfm;
+ desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
+ err = crypto_shash_digest(desc, src, len, dst);
+ shash_desc_zero(desc);
+ return err;
+}
+
/**
* ecryptfs_calculate_md5 - calculates the md5 of @src
* @dst: Pointer to 16 bytes of allocated memory
@@ -88,45 +102,26 @@ static int ecryptfs_calculate_md5(char *dst,
struct ecryptfs_crypt_stat *crypt_stat,
char *src, int len)
{
- struct scatterlist sg;
- struct hash_desc desc = {
- .tfm = crypt_stat->hash_tfm,
- .flags = CRYPTO_TFM_REQ_MAY_SLEEP
- };
+ struct crypto_shash *tfm;
int rc = 0;
mutex_lock(&crypt_stat->cs_hash_tfm_mutex);
- sg_init_one(&sg, (u8 *)src, len);
- if (!desc.tfm) {
- desc.tfm = crypto_alloc_hash(ECRYPTFS_DEFAULT_HASH, 0,
-CRYPTO_ALG_ASYNC);
- if (IS_ERR(desc.tfm)) {
- rc = PTR_ERR(desc.tfm);
+ tfm = crypt_stat->hash_tfm;
+ if (!tfm) {
+ tfm = crypto_alloc_shash(ECRYPTFS_DEFAULT_HASH, 0, 0);
+ if (IS_ERR(tfm)) {
+ rc = PTR_ERR(tfm);
ecryptfs_printk(KERN_ERR, "Error attempting to "
"allocate crypto context; rc = [%d]\n",
rc);
goto out;
}
- crypt_stat->hash_tfm = desc.tfm;
- }
- rc = crypto_hash_init(&desc);
- if (rc) {
- printk(KERN_ERR
- "%s: Error initializing crypto hash; rc = [%d]\n",
- __func__, rc);
- goto out;
+ crypt_stat->hash_tfm = tfm;
}
- rc = crypto_hash_update(&desc, &sg, len);
+ rc = ecryptfs_hash_digest(tfm, src, len, dst);
if (rc) {
printk(KERN_ERR
- "%s: Error updating crypto hash; rc = [%d]\n",
- __func__, rc);
- goto out;
- }
- rc = crypto_hash_final(&desc, dst);
- if (rc) {
- printk(KERN_ERR
- "%s: Error finalizing crypto hash; rc = [%d]\n",
+ "%s: Error computing crypto hash; rc = [%d]\n",
__func__, rc);
goto out;
}
@@ -234,10 +229,8 @@ void ecryptfs_destroy_crypt_stat(struct
ecryptfs_crypt_stat *crypt_stat)
{
struct ecryptfs_key_sig *key_sig, *key_sig_tmp;
- if (crypt_stat->tfm)
- crypto_free_ablkcipher(crypt_stat->tfm);
- if (crypt_stat->hash_tfm)
- crypto_free_hash(crypt_stat->hash_tfm);
+ crypto_free_skcipher(crypt_stat->tfm);
+ crypto_free_shash(crypt_stat->hash_tfm);
list_for_each_entry_safe(key_sig, key_sig_tmp,
&crypt_stat->keysig_list, crypt_stat_list) {
list_del(&key_sig->crypt_stat_list);
@@ -342,7 +335,7 @@ static int crypt_scatterlist(struct ecryptfs_crypt_stat
*crypt_stat,
struct scatterlist *src_sg, int size,
unsigned char *iv, int op)
{
- struct ablkcipher_request *req = NULL;
+ struct skcipher_request *req = NULL;
struct extent_crypt_result ecr;
int rc = 0;
@@ -358,20 +351,20 @@ static int crypt_scatterlist(struct ecryptfs_crypt_stat
*crypt_stat,
init_completion(&ecr.completion);
mutex_lock(&crypt_stat->cs_tfm_mutex);
- req = ablkcipher_request_alloc(crypt_stat->tfm, GFP_NOFS);
+ req = skcipher_request_alloc(crypt_stat->tfm, GFP_NOFS);
if (!req) {
mutex_unlock(&crypt_stat->cs_tfm_mutex);
rc = -ENOMEM;
goto out;
}
- ablkcipher_request_set_callback(req,
+ skcipher_request_set_callback(req,
CRYPTO_TFM_REQ_MAY_BACKLOG | CRYPTO_TFM_REQ_MAY_SLEEP,
