1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * algif_hash: User-space interface for hash algorithms 4 * 5 * This file provides the user-space API for hash algorithms. 6 * 7 * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au> 8 */ 9 10 #include <crypto/hash.h> 11 #include <crypto/if_alg.h> 12 #include <linux/init.h> 13 #include <linux/kernel.h> 14 #include <linux/mm.h> 15 #include <linux/module.h> 16 #include <linux/net.h> 17 #include <net/sock.h> 18 19 struct hash_ctx { 20 struct af_alg_sgl sgl; 21 22 u8 *result; 23 24 struct crypto_wait wait; 25 26 unsigned int len; 27 bool more; 28 29 struct ahash_request req; 30 }; 31 32 static int hash_alloc_result(struct sock *sk, struct hash_ctx *ctx) 33 { 34 unsigned ds; 35 36 if (ctx->result) 37 return 0; 38 39 ds = crypto_ahash_digestsize(crypto_ahash_reqtfm(&ctx->req)); 40 41 ctx->result = sock_kmalloc(sk, ds, GFP_KERNEL); 42 if (!ctx->result) 43 return -ENOMEM; 44 45 memset(ctx->result, 0, ds); 46 47 return 0; 48 } 49 50 static void hash_free_result(struct sock *sk, struct hash_ctx *ctx) 51 { 52 unsigned ds; 53 54 if (!ctx->result) 55 return; 56 57 ds = crypto_ahash_digestsize(crypto_ahash_reqtfm(&ctx->req)); 58 59 sock_kzfree_s(sk, ctx->result, ds); 60 ctx->result = NULL; 61 } 62 63 static int hash_sendmsg(struct socket *sock, struct msghdr *msg, 64 size_t ignored) 65 { 66 int limit = ALG_MAX_PAGES * PAGE_SIZE; 67 struct sock *sk = sock->sk; 68 struct alg_sock *ask = alg_sk(sk); 69 struct hash_ctx *ctx = ask->private; 70 long copied = 0; 71 int err; 72 73 if (limit > sk->sk_sndbuf) 74 limit = sk->sk_sndbuf; 75 76 lock_sock(sk); 77 if (!ctx->more) { 78 if ((msg->msg_flags & MSG_MORE)) 79 hash_free_result(sk, ctx); 80 81 err = crypto_wait_req(crypto_ahash_init(&ctx->req), &ctx->wait); 82 if (err) 83 goto unlock; 84 } 85 86 ctx->more = false; 87 88 while (msg_data_left(msg)) { 89 int len = msg_data_left(msg); 90 91 if (len > limit) 92 len = limit; 93 94 len = af_alg_make_sg(&ctx->sgl, &msg->msg_iter, len); 95 if (len < 0) { 96 err = copied ? 0 : len; 97 goto unlock; 98 } 99 100 ahash_request_set_crypt(&ctx->req, ctx->sgl.sg, NULL, len); 101 102 err = crypto_wait_req(crypto_ahash_update(&ctx->req), 103 &ctx->wait); 104 af_alg_free_sg(&ctx->sgl); 105 if (err) 106 goto unlock; 107 108 copied += len; 109 iov_iter_advance(&msg->msg_iter, len); 110 } 111 112 err = 0; 113 114 ctx->more = msg->msg_flags & MSG_MORE; 115 if (!ctx->more) { 116 err = hash_alloc_result(sk, ctx); 117 if (err) 118 goto unlock; 119 120 ahash_request_set_crypt(&ctx->req, NULL, ctx->result, 0); 121 err = crypto_wait_req(crypto_ahash_final(&ctx->req), 122 &ctx->wait); 123 } 124 125 unlock: 126 release_sock(sk); 127 128 return err ?: copied; 129 } 130 131 static ssize_t hash_sendpage(struct socket *sock, struct page *page, 132 int offset, size_t size, int flags) 133 { 134 struct sock *sk = sock->sk; 135 struct alg_sock *ask = alg_sk(sk); 136 struct hash_ctx *ctx = ask->private; 137 int err; 138 139 if (flags & MSG_SENDPAGE_NOTLAST) 140 flags |= MSG_MORE; 141 142 lock_sock(sk); 143 sg_init_table(ctx->sgl.sg, 1); 144 sg_set_page(ctx->sgl.sg, page, size, offset); 145 146 if (!(flags & MSG_MORE)) { 147 err = hash_alloc_result(sk, ctx); 148 if (err) 149 goto unlock; 150 } else if (!ctx->more) 151 hash_free_result(sk, ctx); 152 153 ahash_request_set_crypt(&ctx->req, ctx->sgl.sg, ctx->result, size); 154 155 if (!(flags & MSG_MORE)) { 156 if (ctx->more) 157 err = crypto_ahash_finup(&ctx->req); 158 else 159 err = crypto_ahash_digest(&ctx->req); 160 } else { 161 if (!ctx->more) { 162 err = crypto_ahash_init(&ctx->req); 163 err = crypto_wait_req(err, &ctx->wait); 164 if (err) 165 goto unlock; 166 } 167 168 err = crypto_ahash_update(&ctx->req); 169 } 170 171 err = crypto_wait_req(err, &ctx->wait); 172 if (err) 173 goto unlock; 174 175 ctx->more = flags & MSG_MORE; 176 177 unlock: 178 release_sock(sk); 179 180 return err ?: size; 181 } 182 183 static int hash_recvmsg(struct socket *sock, struct msghdr *msg, size_t len, 184 int flags) 185 { 186 struct sock *sk = sock->sk; 187 struct alg_sock *ask = alg_sk(sk); 188 struct hash_ctx *ctx = ask->private; 189 unsigned ds = crypto_ahash_digestsize(crypto_ahash_reqtfm(&ctx->req)); 190 bool result; 191 int err; 192 193 if (len > ds) 194 len = ds; 195 else if (len < ds) 196 msg->msg_flags |= MSG_TRUNC; 197 198 lock_sock(sk); 199 result = ctx->result; 200 err = hash_alloc_result(sk, ctx); 201 if (err) 202 goto unlock; 203 204 ahash_request_set_crypt(&ctx->req, NULL, ctx->result, 0); 205 206 if (!result && !ctx->more) { 207 err = crypto_wait_req(crypto_ahash_init(&ctx->req), 208 &ctx->wait); 209 if (err) 210 goto unlock; 211 } 212 213 if (!result || ctx->more) { 214 ctx->more = false; 215 err = crypto_wait_req(crypto_ahash_final(&ctx->req), 216 &ctx->wait); 217 if (err) 218 goto unlock; 219 } 220 221 err = memcpy_to_msg(msg, ctx->result, len); 222 223 unlock: 224 hash_free_result(sk, ctx); 225 release_sock(sk); 226 227 return err ?: len; 228 } 229 230 static int hash_accept(struct socket *sock, struct socket *newsock, int flags, 231 bool kern) 232 { 233 struct sock *sk = sock->sk; 234 struct alg_sock *ask = alg_sk(sk); 235 struct hash_ctx *ctx = ask->private; 236 struct ahash_request *req = &ctx->req; 237 char state[HASH_MAX_STATESIZE]; 238 struct sock *sk2; 239 struct alg_sock *ask2; 240 struct hash_ctx *ctx2; 241 bool more; 242 int err; 243 244 lock_sock(sk); 245 more = ctx->more; 246 err = more ? crypto_ahash_export(req, state) : 0; 247 release_sock(sk); 248 249 if (err) 250 return err; 251 252 err = af_alg_accept(ask->parent, newsock, kern); 253 if (err) 254 return err; 255 256 sk2 = newsock->sk; 257 ask2 = alg_sk(sk2); 258 ctx2 = ask2->private; 259 ctx2->more = more; 260 261 if (!more) 262 return err; 263 264 err = crypto_ahash_import(&ctx2->req, state); 265 if (err) { 266 sock_orphan(sk2); 267 sock_put(sk2); 268 } 269 270 return err; 271 } 272 273 static struct proto_ops algif_hash_ops = { 274 .family = PF_ALG, 275 276 .connect = sock_no_connect, 277 .socketpair = sock_no_socketpair, 278 .getname = sock_no_getname, 279 .ioctl = sock_no_ioctl, 280 .listen = sock_no_listen, 281 .shutdown = sock_no_shutdown, 282 .mmap = sock_no_mmap, 283 .bind = sock_no_bind, 284 285 .release = af_alg_release, 286 .sendmsg = hash_sendmsg, 287 .sendpage = hash_sendpage, 288 .recvmsg = hash_recvmsg, 289 .accept = hash_accept, 290 }; 291 292 static int hash_check_key(struct socket *sock) 293 { 294 int err = 0; 295 struct sock *psk; 296 struct alg_sock *pask; 297 struct crypto_ahash *tfm; 298 struct sock *sk = sock->sk; 299 struct alg_sock *ask = alg_sk(sk); 300 301 lock_sock(sk); 302 if (!atomic_read(&ask->nokey_refcnt)) 303 goto unlock_child; 304 305 psk = ask->parent; 306 pask = alg_sk(ask->parent); 307 tfm = pask->private; 308 309 err = -ENOKEY; 310 lock_sock_nested(psk, SINGLE_DEPTH_NESTING); 311 if (crypto_ahash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) 312 goto unlock; 313 314 atomic_dec(&pask->nokey_refcnt); 315 atomic_set(&ask->nokey_refcnt, 0); 316 317 err = 0; 318 319 unlock: 320 release_sock(psk); 321 unlock_child: 322 release_sock(sk); 323 324 return err; 325 } 326 327 static int hash_sendmsg_nokey(struct socket *sock, struct msghdr *msg, 328 size_t size) 329 { 330 int err; 331 332 err = hash_check_key(sock); 333 if (err) 334 return err; 335 336 return hash_sendmsg(sock, msg, size); 337 } 338 339 static ssize_t hash_sendpage_nokey(struct socket *sock, struct page *page, 340 int offset, size_t size, int flags) 341 { 342 int err; 343 344 err = hash_check_key(sock); 345 if (err) 346 return err; 347 348 return hash_sendpage(sock, page, offset, size, flags); 349 } 350 351 static int hash_recvmsg_nokey(struct socket *sock, struct msghdr *msg, 352 size_t ignored, int flags) 353 { 354 int err; 355 356 err = hash_check_key(sock); 357 if (err) 358 return err; 359 360 return hash_recvmsg(sock, msg, ignored, flags); 361 } 362 363 static int hash_accept_nokey(struct socket *sock, struct socket *newsock, 364 int flags, bool kern) 365 { 366 int err; 367 368 err = hash_check_key(sock); 369 if (err) 370 return err; 371 372 return hash_accept(sock, newsock, flags, kern); 373 } 374 375 static struct proto_ops algif_hash_ops_nokey = { 376 .family = PF_ALG, 377 378 .connect = sock_no_connect, 379 .socketpair = sock_no_socketpair, 380 .getname = sock_no_getname, 381 .ioctl = sock_no_ioctl, 382 .listen = sock_no_listen, 383 .shutdown = sock_no_shutdown, 384 .mmap = sock_no_mmap, 385 .bind = sock_no_bind, 386 387 .release = af_alg_release, 388 .sendmsg = hash_sendmsg_nokey, 389 .sendpage = hash_sendpage_nokey, 390 .recvmsg = hash_recvmsg_nokey, 391 .accept = hash_accept_nokey, 392 }; 393 394 static void *hash_bind(const char *name, u32 type, u32 mask) 395 { 396 return crypto_alloc_ahash(name, type, mask); 397 } 398 399 static void hash_release(void *private) 400 { 401 crypto_free_ahash(private); 402 } 403 404 static int hash_setkey(void *private, const u8 *key, unsigned int keylen) 405 { 406 return crypto_ahash_setkey(private, key, keylen); 407 } 408 409 static void hash_sock_destruct(struct sock *sk) 410 { 411 struct alg_sock *ask = alg_sk(sk); 412 struct hash_ctx *ctx = ask->private; 413 414 hash_free_result(sk, ctx); 415 sock_kfree_s(sk, ctx, ctx->len); 416 af_alg_release_parent(sk); 417 } 418 419 static int hash_accept_parent_nokey(void *private, struct sock *sk) 420 { 421 struct crypto_ahash *tfm = private; 422 struct alg_sock *ask = alg_sk(sk); 423 struct hash_ctx *ctx; 424 unsigned int len = sizeof(*ctx) + crypto_ahash_reqsize(tfm); 425 426 ctx = sock_kmalloc(sk, len, GFP_KERNEL); 427 if (!ctx) 428 return -ENOMEM; 429 430 ctx->result = NULL; 431 ctx->len = len; 432 ctx->more = false; 433 crypto_init_wait(&ctx->wait); 434 435 ask->private = ctx; 436 437 ahash_request_set_tfm(&ctx->req, tfm); 438 ahash_request_set_callback(&ctx->req, CRYPTO_TFM_REQ_MAY_BACKLOG, 439 crypto_req_done, &ctx->wait); 440 441 sk->sk_destruct = hash_sock_destruct; 442 443 return 0; 444 } 445 446 static int hash_accept_parent(void *private, struct sock *sk) 447 { 448 struct crypto_ahash *tfm = private; 449 450 if (crypto_ahash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY) 451 return -ENOKEY; 452 453 return hash_accept_parent_nokey(private, sk); 454 } 455 456 static const struct af_alg_type algif_type_hash = { 457 .bind = hash_bind, 458 .release = hash_release, 459 .setkey = hash_setkey, 460 .accept = hash_accept_parent, 461 .accept_nokey = hash_accept_parent_nokey, 462 .ops = &algif_hash_ops, 463 .ops_nokey = &algif_hash_ops_nokey, 464 .name = "hash", 465 .owner = THIS_MODULE 466 }; 467 468 static int __init algif_hash_init(void) 469 { 470 return af_alg_register_type(&algif_type_hash); 471 } 472 473 static void __exit algif_hash_exit(void) 474 { 475 int err = af_alg_unregister_type(&algif_type_hash); 476 BUG_ON(err); 477 } 478 479 module_init(algif_hash_init); 480 module_exit(algif_hash_exit); 481 MODULE_LICENSE("GPL"); 482