1 /* 2 * Asynchronous Cryptographic Hash operations. 3 * 4 * This is the asynchronous version of hash.c with notification of 5 * completion via a callback. 6 * 7 * Copyright (c) 2008 Loc Ho <lho@amcc.com> 8 * 9 * This program is free software; you can redistribute it and/or modify it 10 * under the terms of the GNU General Public License as published by the Free 11 * Software Foundation; either version 2 of the License, or (at your option) 12 * any later version. 13 * 14 */ 15 16 #include <crypto/internal/hash.h> 17 #include <crypto/scatterwalk.h> 18 #include <linux/err.h> 19 #include <linux/kernel.h> 20 #include <linux/module.h> 21 #include <linux/sched.h> 22 #include <linux/slab.h> 23 #include <linux/seq_file.h> 24 #include <linux/cryptouser.h> 25 #include <net/netlink.h> 26 27 #include "internal.h" 28 29 struct ahash_request_priv { 30 crypto_completion_t complete; 31 void *data; 32 u8 *result; 33 void *ubuf[] CRYPTO_MINALIGN_ATTR; 34 }; 35 36 static inline struct ahash_alg *crypto_ahash_alg(struct crypto_ahash *hash) 37 { 38 return container_of(crypto_hash_alg_common(hash), struct ahash_alg, 39 halg); 40 } 41 42 static int hash_walk_next(struct crypto_hash_walk *walk) 43 { 44 unsigned int alignmask = walk->alignmask; 45 unsigned int offset = walk->offset; 46 unsigned int nbytes = min(walk->entrylen, 47 ((unsigned int)(PAGE_SIZE)) - offset); 48 49 walk->data = kmap_atomic(walk->pg); 50 walk->data += offset; 51 52 if (offset & alignmask) { 53 unsigned int unaligned = alignmask + 1 - (offset & alignmask); 54 if (nbytes > unaligned) 55 nbytes = unaligned; 56 } 57 58 walk->entrylen -= nbytes; 59 return nbytes; 60 } 61 62 static int hash_walk_new_entry(struct crypto_hash_walk *walk) 63 { 64 struct scatterlist *sg; 65 66 sg = walk->sg; 67 walk->pg = sg_page(sg); 68 walk->offset = sg->offset; 69 walk->entrylen = sg->length; 70 71 if (walk->entrylen > walk->total) 72 walk->entrylen = walk->total; 73 walk->total -= walk->entrylen; 74 75 return hash_walk_next(walk); 76 } 77 78 int crypto_hash_walk_done(struct crypto_hash_walk *walk, int err) 79 { 80 unsigned int alignmask = walk->alignmask; 81 unsigned int nbytes = walk->entrylen; 82 83 walk->data -= walk->offset; 84 85 if (nbytes && walk->offset & alignmask && !err) { 86 walk->offset = ALIGN(walk->offset, alignmask + 1); 87 walk->data += walk->offset; 88 89 nbytes = min(nbytes, 90 ((unsigned int)(PAGE_SIZE)) - walk->offset); 91 walk->entrylen -= nbytes; 92 93 return nbytes; 94 } 95 96 kunmap_atomic(walk->data); 97 crypto_yield(walk->flags); 98 99 if (err) 100 return err; 101 102 if (nbytes) { 103 walk->offset = 0; 104 walk->pg++; 105 return hash_walk_next(walk); 106 } 107 108 if (!walk->total) 109 return 0; 110 111 walk->sg = scatterwalk_sg_next(walk->sg); 112 113 return hash_walk_new_entry(walk); 114 } 115 EXPORT_SYMBOL_GPL(crypto_hash_walk_done); 116 117 int crypto_hash_walk_first(struct ahash_request *req, 118 struct crypto_hash_walk *walk) 119 { 120 walk->total = req->nbytes; 121 122 if (!walk->total) 123 return 0; 124 125 walk->alignmask = crypto_ahash_alignmask(crypto_ahash_reqtfm(req)); 126 walk->sg = req->src; 127 walk->flags = req->base.flags; 128 129 return hash_walk_new_entry(walk); 130 } 131 EXPORT_SYMBOL_GPL(crypto_hash_walk_first); 132 133 int crypto_hash_walk_first_compat(struct hash_desc *hdesc, 134 struct crypto_hash_walk *walk, 135 struct scatterlist *sg, unsigned int len) 136 { 137 walk->total = len; 138 139 if (!walk->total) 140 return 0; 141 142 walk->alignmask = crypto_hash_alignmask(hdesc->tfm); 143 walk->sg = sg; 144 walk->flags = hdesc->flags; 145 146 return hash_walk_new_entry(walk); 147 } 148 149 static int ahash_setkey_unaligned(struct crypto_ahash *tfm, const u8 *key, 150 unsigned int keylen) 151 { 152 unsigned long alignmask = crypto_ahash_alignmask(tfm); 153 int ret; 154 u8 *buffer, *alignbuffer; 155 unsigned long absize; 156 157 absize = keylen + alignmask; 158 buffer = kmalloc(absize, GFP_KERNEL); 159 if (!buffer) 160 return -ENOMEM; 161 162 alignbuffer = (u8 *)ALIGN((unsigned long)buffer, alignmask + 1); 163 memcpy(alignbuffer, key, keylen); 164 ret = tfm->setkey(tfm, alignbuffer, keylen); 165 kzfree(buffer); 166 return ret; 167 } 168 169 int crypto_ahash_setkey(struct crypto_ahash *tfm, const u8 *key, 170 unsigned int keylen) 171 { 172 unsigned long alignmask = crypto_ahash_alignmask(tfm); 173 174 if ((unsigned long)key & alignmask) 175 return ahash_setkey_unaligned(tfm, key, keylen); 176 177 return tfm->setkey(tfm, key, keylen); 178 } 179 EXPORT_SYMBOL_GPL(crypto_ahash_setkey); 180 181 static int ahash_nosetkey(struct crypto_ahash *tfm, const u8 *key, 182 unsigned int keylen) 183 { 184 return -ENOSYS; 185 } 186 187 static inline unsigned int ahash_align_buffer_size(unsigned len, 188 unsigned long mask) 189 { 190 return len + (mask & ~(crypto_tfm_ctx_alignment() - 1)); 191 } 192 193 static int ahash_save_req(struct ahash_request *req, crypto_completion_t cplt) 194 { 195 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 196 unsigned long alignmask = crypto_ahash_alignmask(tfm); 197 unsigned int ds = crypto_ahash_digestsize(tfm); 198 struct ahash_request_priv *priv; 199 200 priv = kmalloc(sizeof(*priv) + ahash_align_buffer_size(ds, alignmask), 201 (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP) ? 202 GFP_KERNEL : GFP_ATOMIC); 203 if (!priv) 204 return -ENOMEM; 205 206 /* 207 * WARNING: Voodoo programming below! 208 * 209 * The code below is obscure and hard to understand, thus explanation 210 * is necessary. See include/crypto/hash.h and include/linux/crypto.h 211 * to understand the layout of structures used here! 212 * 213 * The code here will replace portions of the ORIGINAL request with 214 * pointers to new code and buffers so the hashing operation can store 215 * the result in aligned buffer. We will call the modified request 216 * an ADJUSTED request. 217 * 218 * The newly mangled request will look as such: 219 * 220 * req { 221 * .result = ADJUSTED[new aligned buffer] 222 * .base.complete = ADJUSTED[pointer to completion function] 223 * .base.data = ADJUSTED[*req (pointer to self)] 224 * .priv = ADJUSTED[new priv] { 225 * .result = ORIGINAL(result) 226 * .complete = ORIGINAL(base.complete) 227 * .data = ORIGINAL(base.data) 228 * } 229 */ 230 231 priv->result = req->result; 232 priv->complete = req->base.complete; 233 priv->data = req->base.data; 234 /* 235 * WARNING: We do not backup req->priv here! The req->priv 236 * is for internal use of the Crypto API and the 237 * user must _NOT_ _EVER_ depend on it's content! 238 */ 239 240 req->result = PTR_ALIGN((u8 *)priv->ubuf, alignmask + 1); 241 req->base.complete = cplt; 242 req->base.data = req; 243 req->priv = priv; 244 245 return 0; 246 } 247 248 static void ahash_restore_req(struct ahash_request *req) 249 { 250 struct ahash_request_priv *priv = req->priv; 251 252 /* Restore the original crypto request. */ 253 req->result = priv->result; 254 req->base.complete = priv->complete; 255 req->base.data = priv->data; 256 req->priv = NULL; 257 258 /* Free the req->priv.priv from the ADJUSTED request. */ 259 kzfree(priv); 260 } 261 262 static void ahash_op_unaligned_finish(struct ahash_request *req, int err) 263 { 264 struct ahash_request_priv *priv = req->priv; 265 266 if (err == -EINPROGRESS) 267 return; 268 269 if (!err) 270 memcpy(priv->result, req->result, 271 crypto_ahash_digestsize(crypto_ahash_reqtfm(req))); 272 273 ahash_restore_req(req); 274 } 275 276 static void ahash_op_unaligned_done(struct crypto_async_request *req, int err) 277 { 278 struct ahash_request *areq = req->data; 279 280 /* 281 * Restore the original request, see ahash_op_unaligned() for what 282 * goes where. 283 * 284 * The "struct ahash_request *req" here is in fact the "req.base" 285 * from the ADJUSTED request from ahash_op_unaligned(), thus as it 286 * is a pointer to self, it is also the ADJUSTED "req" . 287 */ 288 289 /* First copy req->result into req->priv.result */ 290 ahash_op_unaligned_finish(areq, err); 291 292 /* Complete the ORIGINAL request. */ 293 areq->base.complete(&areq->base, err); 294 } 295 296 static int ahash_op_unaligned(struct ahash_request *req, 297 int (*op)(struct ahash_request *)) 298 { 299 int err; 300 301 err = ahash_save_req(req, ahash_op_unaligned_done); 302 if (err) 303 return err; 304 305 err = op(req); 306 ahash_op_unaligned_finish(req, err); 307 308 return err; 309 } 310 311 static int crypto_ahash_op(struct ahash_request *req, 312 int (*op)(struct ahash_request *)) 313 { 314 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 315 unsigned long alignmask = crypto_ahash_alignmask(tfm); 316 317 if ((unsigned long)req->result & alignmask) 318 return ahash_op_unaligned(req, op); 319 320 return op(req); 321 } 322 323 int crypto_ahash_final(struct ahash_request *req) 324 { 325 return crypto_ahash_op(req, crypto_ahash_reqtfm(req)->final); 326 } 327 EXPORT_SYMBOL_GPL(crypto_ahash_final); 328 329 int crypto_ahash_finup(struct ahash_request *req) 330 { 331 return crypto_ahash_op(req, crypto_ahash_reqtfm(req)->finup); 332 } 333 EXPORT_SYMBOL_GPL(crypto_ahash_finup); 334 335 int crypto_ahash_digest(struct ahash_request *req) 336 { 337 return crypto_ahash_op(req, crypto_ahash_reqtfm(req)->digest); 338 } 339 EXPORT_SYMBOL_GPL(crypto_ahash_digest); 340 341 static void ahash_def_finup_finish2(struct ahash_request *req, int err) 342 { 343 struct ahash_request_priv *priv = req->priv; 344 345 if (err == -EINPROGRESS) 346 return; 347 348 if (!err) 349 memcpy(priv->result, req->result, 350 crypto_ahash_digestsize(crypto_ahash_reqtfm(req))); 351 352 ahash_restore_req(req); 353 } 354 355 static void ahash_def_finup_done2(struct crypto_async_request *req, int err) 356 { 357 struct ahash_request *areq = req->data; 358 359 ahash_def_finup_finish2(areq, err); 360 361 areq->base.complete(&areq->base, err); 362 } 363 364 static int ahash_def_finup_finish1(struct ahash_request *req, int err) 365 { 366 if (err) 367 goto out; 368 369 req->base.complete = ahash_def_finup_done2; 370 req->base.flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP; 371 err = crypto_ahash_reqtfm(req)->final(req); 372 373 out: 374 ahash_def_finup_finish2(req, err); 375 return err; 376 } 377 378 static void ahash_def_finup_done1(struct crypto_async_request *req, int err) 379 { 380 struct ahash_request *areq = req->data; 381 382 err = ahash_def_finup_finish1(areq, err); 383 384 areq->base.complete(&areq->base, err); 385 } 386 387 static int ahash_def_finup(struct ahash_request *req) 388 { 389 struct crypto_ahash *tfm = crypto_ahash_reqtfm(req); 390 int err; 391 392 err = ahash_save_req(req, ahash_def_finup_done1); 393 if (err) 394 return err; 395 396 err = tfm->update(req); 397 return ahash_def_finup_finish1(req, err); 398 } 399 400 static int ahash_no_export(struct ahash_request *req, void *out) 401 { 402 return -ENOSYS; 403 } 404 405 static int ahash_no_import(struct ahash_request *req, const void *in) 406 { 407 return -ENOSYS; 408 } 409 410 static int crypto_ahash_init_tfm(struct crypto_tfm *tfm) 411 { 412 struct crypto_ahash *hash = __crypto_ahash_cast(tfm); 413 struct ahash_alg *alg = crypto_ahash_alg(hash); 414 415 hash->setkey = ahash_nosetkey; 416 hash->export = ahash_no_export; 417 hash->import = ahash_no_import; 418 419 if (tfm->__crt_alg->cra_type != &crypto_ahash_type) 420 return crypto_init_shash_ops_async(tfm); 421 422 hash->init = alg->init; 423 hash->update = alg->update; 424 hash->final = alg->final; 425 hash->finup = alg->finup ?: ahash_def_finup; 426 hash->digest = alg->digest; 427 428 if (alg->setkey) 429 hash->setkey = alg->setkey; 430 if (alg->export) 431 hash->export = alg->export; 432 if (alg->import) 433 hash->import = alg->import; 434 435 return 0; 436 } 437 438 static unsigned int crypto_ahash_extsize(struct crypto_alg *alg) 439 { 440 if (alg->cra_type == &crypto_ahash_type) 441 return alg->cra_ctxsize; 442 443 return sizeof(struct crypto_shash *); 444 } 445 446 #ifdef CONFIG_NET 447 static int crypto_ahash_report(struct sk_buff *skb, struct crypto_alg *alg) 448 { 449 struct crypto_report_hash rhash; 450 451 strncpy(rhash.type, "ahash", sizeof(rhash.type)); 452 453 rhash.blocksize = alg->cra_blocksize; 454 rhash.digestsize = __crypto_hash_alg_common(alg)->digestsize; 455 456 if (nla_put(skb, CRYPTOCFGA_REPORT_HASH, 457 sizeof(struct crypto_report_hash), &rhash)) 458 goto nla_put_failure; 459 return 0; 460 461 nla_put_failure: 462 return -EMSGSIZE; 463 } 464 #else 465 static int crypto_ahash_report(struct sk_buff *skb, struct crypto_alg *alg) 466 { 467 return -ENOSYS; 468 } 469 #endif 470 471 static void crypto_ahash_show(struct seq_file *m, struct crypto_alg *alg) 472 __attribute__ ((unused)); 473 static void crypto_ahash_show(struct seq_file *m, struct crypto_alg *alg) 474 { 475 seq_printf(m, "type : ahash\n"); 476 seq_printf(m, "async : %s\n", alg->cra_flags & CRYPTO_ALG_ASYNC ? 477 "yes" : "no"); 478 seq_printf(m, "blocksize : %u\n", alg->cra_blocksize); 479 seq_printf(m, "digestsize : %u\n", 480 __crypto_hash_alg_common(alg)->digestsize); 481 } 482 483 const struct crypto_type crypto_ahash_type = { 484 .extsize = crypto_ahash_extsize, 485 .init_tfm = crypto_ahash_init_tfm, 486 #ifdef CONFIG_PROC_FS 487 .show = crypto_ahash_show, 488 #endif 489 .report = crypto_ahash_report, 490 .maskclear = ~CRYPTO_ALG_TYPE_MASK, 491 .maskset = CRYPTO_ALG_TYPE_AHASH_MASK, 492 .type = CRYPTO_ALG_TYPE_AHASH, 493 .tfmsize = offsetof(struct crypto_ahash, base), 494 }; 495 EXPORT_SYMBOL_GPL(crypto_ahash_type); 496 497 struct crypto_ahash *crypto_alloc_ahash(const char *alg_name, u32 type, 498 u32 mask) 499 { 500 return crypto_alloc_tfm(alg_name, &crypto_ahash_type, type, mask); 501 } 502 EXPORT_SYMBOL_GPL(crypto_alloc_ahash); 503 504 static int ahash_prepare_alg(struct ahash_alg *alg) 505 { 506 struct crypto_alg *base = &alg->halg.base; 507 508 if (alg->halg.digestsize > PAGE_SIZE / 8 || 509 alg->halg.statesize > PAGE_SIZE / 8) 510 return -EINVAL; 511 512 base->cra_type = &crypto_ahash_type; 513 base->cra_flags &= ~CRYPTO_ALG_TYPE_MASK; 514 base->cra_flags |= CRYPTO_ALG_TYPE_AHASH; 515 516 return 0; 517 } 518 519 int crypto_register_ahash(struct ahash_alg *alg) 520 { 521 struct crypto_alg *base = &alg->halg.base; 522 int err; 523 524 err = ahash_prepare_alg(alg); 525 if (err) 526 return err; 527 528 return crypto_register_alg(base); 529 } 530 EXPORT_SYMBOL_GPL(crypto_register_ahash); 531 532 int crypto_unregister_ahash(struct ahash_alg *alg) 533 { 534 return crypto_unregister_alg(&alg->halg.base); 535 } 536 EXPORT_SYMBOL_GPL(crypto_unregister_ahash); 537 538 int ahash_register_instance(struct crypto_template *tmpl, 539 struct ahash_instance *inst) 540 { 541 int err; 542 543 err = ahash_prepare_alg(&inst->alg); 544 if (err) 545 return err; 546 547 return crypto_register_instance(tmpl, ahash_crypto_instance(inst)); 548 } 549 EXPORT_SYMBOL_GPL(ahash_register_instance); 550 551 void ahash_free_instance(struct crypto_instance *inst) 552 { 553 crypto_drop_spawn(crypto_instance_ctx(inst)); 554 kfree(ahash_instance(inst)); 555 } 556 EXPORT_SYMBOL_GPL(ahash_free_instance); 557 558 int crypto_init_ahash_spawn(struct crypto_ahash_spawn *spawn, 559 struct hash_alg_common *alg, 560 struct crypto_instance *inst) 561 { 562 return crypto_init_spawn2(&spawn->base, &alg->base, inst, 563 &crypto_ahash_type); 564 } 565 EXPORT_SYMBOL_GPL(crypto_init_ahash_spawn); 566 567 struct hash_alg_common *ahash_attr_alg(struct rtattr *rta, u32 type, u32 mask) 568 { 569 struct crypto_alg *alg; 570 571 alg = crypto_attr_alg2(rta, &crypto_ahash_type, type, mask); 572 return IS_ERR(alg) ? ERR_CAST(alg) : __crypto_hash_alg_common(alg); 573 } 574 EXPORT_SYMBOL_GPL(ahash_attr_alg); 575 576 MODULE_LICENSE("GPL"); 577 MODULE_DESCRIPTION("Asynchronous cryptographic hash type"); 578