LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Stephan Mueller <smueller@chronox.de>
To: "'Herbert Xu" <herbert@gondor.apana.org.au>
Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH v3 00/20] crypto: restrict usage of helper ciphers
Date: Mon, 30 Mar 2015 21:54:32 +0200	[thread overview]
Message-ID: <3417827.fluZli1WvQ@tachyon.chronox.de> (raw)

Hi,

Based on the discussion in the thread [1], a flag is added to the
kernel crypto API to allow ciphers to be marked as internal.

The patch set is tested in FIPS and non-FIPS mode. In addition,
the enforcement that the helper cipher of __driver-gcm-aes-aesni
cannot be loaded, but the wrapper of rfc4106-gcm-aesni can be used
is tested to demonstrate that the patch works. The testing also shows
that of__driver-gcm-aes-aesni is subject to the testmgr self test an
can therefore be used in FIPS mode.

All cipher implementation whose definition has a cra_priority of 0
as well as the ciphers that are wrapped by cryptd and mcryptd
are marked as internal ciphers to prevent them from being called by
users.

The testing also includes the invocation of normal crypto operations
from user space via AF_ALG and libkcapi showing that all of them work
unaffected.

[1] http://comments.gmane.org/gmane.linux.kernel.cryptoapi/13705

Changes v2:
* Overhaul enforcement of the internal flag as suggested by Herbert:
  a cipher marked as internal can only be invoked if the caller
  instantiates it with the internal flag set in the type and mask
  field.
* The overhaul implies that cryptd and mcryptd instances are marked
  as internal if the underlying cipher is marked as internal.
* The overhaul implies that the testmgr must try to allocate a
  cipher again with the internal flag in case the first allocation
  failed with -ENOENT.
* Mark internal cipher in arch/x86/crypto/sha-mb/sha1_mb.c.

Changes v3:
* Allow a caller to specify type & CRYPTO_ALG_INTERNAL and
  !(mask & CRYPTO_ALG_INTERNAL) when caller requests a cipher and
  does not care whether it is marked as internal or not (suggested by
  Herbert Xu)

Stephan Mueller (20):
  crypto: prevent helper ciphers from being used
  crypto: testmgr to use CRYPTO_ALG_INTERNAL
  crypto: cryptd to process CRYPTO_ALG_INTERNAL
  crypto: /proc/crypto: identify internal ciphers
  crypto: mark AES-NI helper ciphers
  crypto: mark ghash clmulni helper ciphers
  crypto: mark GHASH ARMv8 vmull.p64 helper ciphers
  crypto: mark AES-NI Camellia helper ciphers
  crypto: mark CAST5 helper ciphers
  crypto: mark AVX Camellia helper ciphers
  crypto: mark CAST6 helper ciphers
  crypto: mark Serpent AVX2 helper ciphers
  crypto: mark Serpent AVX helper ciphers
  crypto: mark Serpent SSE2 helper ciphers
  crypto: mark Twofish AVX helper ciphers
  crypto: mark NEON bit sliced AES helper ciphers
  crypto: mark ARMv8 AES helper ciphers
  crypto: mark 64 bit ARMv8 AES helper ciphers
  crypto: mcryptd to process CRYPTO_ALG_INTERNAL
  crypto: mark Multi buffer SHA1 helper cipher

 arch/arm/crypto/aes-ce-glue.c              | 12 +++++---
 arch/arm/crypto/aesbs-glue.c               |  9 ++++--
 arch/arm/crypto/ghash-ce-glue.c            |  6 ++--
 arch/arm64/crypto/aes-glue.c               | 12 +++++---
 arch/x86/crypto/aesni-intel_glue.c         | 23 +++++++++-----
 arch/x86/crypto/camellia_aesni_avx2_glue.c | 15 ++++++---
 arch/x86/crypto/camellia_aesni_avx_glue.c  | 15 ++++++---
 arch/x86/crypto/cast5_avx_glue.c           |  9 ++++--
 arch/x86/crypto/cast6_avx_glue.c           | 15 ++++++---
 arch/x86/crypto/ghash-clmulni-intel_glue.c |  7 +++--
 arch/x86/crypto/serpent_avx2_glue.c        | 15 ++++++---
 arch/x86/crypto/serpent_avx_glue.c         | 15 ++++++---
 arch/x86/crypto/serpent_sse2_glue.c        | 15 ++++++---
 arch/x86/crypto/sha-mb/sha1_mb.c           |  7 +++--
 arch/x86/crypto/twofish_avx_glue.c         | 15 ++++++---
 crypto/ablk_helper.c                       |  3 +-
 crypto/api.c                               | 10 ++++++
 crypto/cryptd.c                            | 49 +++++++++++++++++++++++++-----
 crypto/mcryptd.c                           | 25 +++++++++++++--
 crypto/proc.c                              |  3 ++
 crypto/testmgr.c                           | 14 ++++-----
 include/linux/crypto.h                     |  6 ++++
 22 files changed, 219 insertions(+), 81 deletions(-)

-- 
2.1.0



             reply	other threads:[~2015-03-30 20:08 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-03-30 19:54 Stephan Mueller [this message]
2015-03-30 19:55 ` [PATCH v3 01/20] crypto: prevent helper ciphers from being used Stephan Mueller
2015-03-30 19:56 ` [PATCH v3 02/20] crypto: testmgr to use CRYPTO_ALG_INTERNAL Stephan Mueller
2015-03-30 19:57 ` [PATCH v3 03/20] crypto: cryptd to process CRYPTO_ALG_INTERNAL Stephan Mueller
2015-03-30 19:57 ` [PATCH v3 04/20] crypto: /proc/crypto: identify internal ciphers Stephan Mueller
2015-03-30 19:58 ` [PATCH v3 05/20] crypto: mark AES-NI helper ciphers Stephan Mueller
2015-03-30 20:01 ` [PATCH v3 06/20] crypto: mark ghash clmulni " Stephan Mueller
2015-03-30 20:02 ` [PATCH v3 07/20] crypto: mark GHASH ARMv8 vmull.p64 " Stephan Mueller
2015-03-30 20:03 ` [PATCH v3 08/20] crypto: mark AES-NI Camellia " Stephan Mueller
2015-03-30 20:03 ` [PATCH v3 09/20] crypto: mark CAST5 " Stephan Mueller
2015-03-30 20:04 ` [PATCH v3 10/20] crypto: mark AVX Camellia " Stephan Mueller
2015-03-30 20:05 ` [PATCH v3 11/20] crypto: mark CAST6 " Stephan Mueller
2015-03-30 20:06 ` [PATCH v3 12/20] crypto: mark Serpent AVX2 " Stephan Mueller
2015-03-30 20:07 ` [PATCH v3 13/20] crypto: mark Serpent AVX " Stephan Mueller
2015-03-30 20:07 ` [PATCH v3 14/20] crypto: mark Serpent SSE2 " Stephan Mueller
2015-03-30 20:08 ` [PATCH v3 15/20] crypto: mark Twofish AVX " Stephan Mueller
2015-03-30 20:09 ` [PATCH v3 16/20] crypto: mark NEON bit sliced AES " Stephan Mueller
2015-03-30 20:09 ` [PATCH v3 17/20] crypto: mark ARMv8 " Stephan Mueller
2015-03-30 20:10 ` [PATCH v3 18/20] crypto: mark 64 bit " Stephan Mueller
2015-03-30 20:10 ` [PATCH v3 19/20] crypto: mcryptd to process CRYPTO_ALG_INTERNAL Stephan Mueller
2015-03-30 20:11 ` [PATCH v3 20/20] crypto: mark Multi buffer SHA1 helper cipher Stephan Mueller
2015-03-31 13:34 ` [PATCH v3 00/20] crypto: restrict usage of helper ciphers Herbert Xu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3417827.fluZli1WvQ@tachyon.chronox.de \
    --to=smueller@chronox.de \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --subject='Re: [PATCH v3 00/20] crypto: restrict usage of helper ciphers' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).