From: Stephan Mueller <smueller@chronox.de>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: Linux Crypto Mailing List <linux-crypto@vger.kernel.org>
Subject: Re: [PATCH 6/15] crypto: rng - Mark crypto_rng_reset seed as const
Date: Mon, 20 Apr 2015 13:48:51 +0200 [thread overview]
Message-ID: <2772920.G0U3hXTNm6@myon.chronox.de> (raw)
In-Reply-To: <E1Yk4QD-0004q0-Rn@gondolin.me.apana.org.au>
Am Montag, 20. April 2015, 13:39:05 schrieb Herbert Xu:
Hi Herbert,
> There is no reason why crypto_rng_reset should modify the seed
> so this patch marks it as const. Since our algorithms don't
> export a const seed function yet we have to go through some
> contortions for now.
>
> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
> ---
>
> crypto/rng.c | 27 +++++++++++++++++++++++++--
> include/crypto/rng.h | 9 +++------
> 2 files changed, 28 insertions(+), 8 deletions(-)
>
> diff --git a/crypto/rng.c b/crypto/rng.c
> index 4514d37..618fa4d 100644
> --- a/crypto/rng.c
> +++ b/crypto/rng.c
> @@ -42,7 +42,29 @@ static int generate(struct crypto_rng *tfm, const u8
> *src, unsigned int slen, return crypto_rng_alg(tfm)->rng_make_random(tfm,
> dst, dlen);
> }
>
> -static int rngapi_reset(struct crypto_rng *tfm, u8 *seed, unsigned int
> slen) +static int rngapi_reset(struct crypto_rng *tfm, const u8 *seed,
> + unsigned int slen)
> +{
> + u8 *buf = NULL;
> + u8 *src = (u8 *)seed;
> + int err;
> +
> + if (slen) {
> + buf = kmalloc(slen, GFP_KERNEL);
> + if (!buf)
> + return -ENOMEM;
> +
> + memcpy(buf, seed, slen);
> + src = buf;
> + }
> +
> + err = crypto_rng_alg(tfm)->rng_reset(tfm, src, slen);
> +
> + kfree(buf);
Shouldn't kzfree be here? Seed data is sensitive data.
> + return err;
> +}
> +
> +int crypto_rng_reset(struct crypto_rng *tfm, const u8 *seed, unsigned int
> slen) {
> u8 *buf = NULL;
> int err;
> @@ -56,11 +78,12 @@ static int rngapi_reset(struct crypto_rng *tfm, u8
> *seed, unsigned int slen) seed = buf;
> }
>
> - err = crypto_rng_alg(tfm)->rng_reset(tfm, seed, slen);
> + err = tfm->seed(tfm, seed, slen);
>
> kfree(buf);
> return err;
> }
> +EXPORT_SYMBOL_GPL(crypto_rng_reset);
>
> static int crypto_rng_init_tfm(struct crypto_tfm *tfm)
> {
> diff --git a/include/crypto/rng.h b/include/crypto/rng.h
> index f20f068..7fca371 100644
> --- a/include/crypto/rng.h
> +++ b/include/crypto/rng.h
> @@ -19,7 +19,7 @@ struct crypto_rng {
> int (*generate)(struct crypto_rng *tfm,
> const u8 *src, unsigned int slen,
> u8 *dst, unsigned int dlen);
> - int (*seed)(struct crypto_rng *tfm, u8 *seed, unsigned int slen);
> + int (*seed)(struct crypto_rng *tfm, const u8 *seed, unsigned int
slen);
> struct crypto_tfm base;
> };
>
> @@ -139,11 +139,8 @@ static inline int crypto_rng_get_bytes(struct
> crypto_rng *tfm, *
> * Return: 0 if the setting of the key was successful; < 0 if an error
> occurred */
> -static inline int crypto_rng_reset(struct crypto_rng *tfm,
> - u8 *seed, unsigned int slen)
> -{
> - return tfm->seed(tfm, seed, slen);
> -}
> +int crypto_rng_reset(struct crypto_rng *tfm, const u8 *seed,
> + unsigned int slen);
>
> /**
> * crypto_rng_seedsize() - obtain seed size of RNG
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
Ciao
Stephan
next prev parent reply other threads:[~2015-04-20 11:48 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-04-20 5:35 [0/15] rng: New style interface Herbert Xu
2015-04-20 5:39 ` [PATCH 1/15] crypto: api - Add crypto_alg_extsize helper Herbert Xu
2015-04-20 5:39 ` [PATCH 2/15] crypto: shash - Use " Herbert Xu
2015-04-20 5:39 ` [PATCH 3/15] crypto: pcomp " Herbert Xu
2015-04-20 5:39 ` [PATCH 4/15] crypto: rng - Convert crypto_rng to new style crypto_type Herbert Xu
2015-04-20 5:39 ` [PATCH 5/15] crypto: rng - Introduce crypto_rng_generate Herbert Xu
2015-04-20 5:39 ` [PATCH 6/15] crypto: rng - Mark crypto_rng_reset seed as const Herbert Xu
2015-04-20 11:48 ` Stephan Mueller [this message]
2015-04-20 5:39 ` [PATCH 7/15] crypto: rng - Convert low-level crypto_rng to new style Herbert Xu
2015-04-20 5:39 ` [PATCH 8/15] crypto: rng - Add crypto_rng_set_entropy Herbert Xu
2015-04-20 5:39 ` [PATCH 9/15] crypto: rng - Add multiple algorithm registration interface Herbert Xu
2015-04-20 5:39 ` [PATCH 10/15] crypto: drbg - Convert to new rng interface Herbert Xu
2015-04-20 5:39 ` [PATCH 11/15] crypto: ansi_cprng - Remove bogus inclusion of internal.h Herbert Xu
2015-04-20 5:39 ` [PATCH 12/15] crypto: ansi_cprng - Convert to new rng interface Herbert Xu
2015-04-20 5:39 ` [PATCH 13/15] crypto: krng " Herbert Xu
2015-04-20 5:39 ` [PATCH 14/15] crypto: rng - Remove old low-level " Herbert Xu
2015-04-20 5:39 ` [PATCH 15/15] crypto: algif_rng - Remove obsolete const-removal cast Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2772920.G0U3hXTNm6@myon.chronox.de \
--to=smueller@chronox.de \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.