* [4.4] Broken GIV crypto
@ 2024-03-26 18:38 Alex Grund
2024-04-04 12:46 ` [cip-dev] " Ulrich Hecht
0 siblings, 1 reply; 2+ messages in thread
From: Alex Grund @ 2024-03-26 18:38 UTC (permalink / raw)
To: cip-dev
[-- Attachment #1: Type: text/plain, Size: 1207 bytes --]
Hi,
I need to report a bug against the linux-4.4.y-st branch caused by commit
24a1889c (crypto: api - Disallow identical driver names)
The upstream commit on which this is based is applied to a kernel tree that
removed the GIV ciphers and the CRYPTO_ALG_TYPE_GIVCIPHER in upstream
commit c79b411eaa (crypto: skcipher - remove remnants of internal IV
generators)
However in 4.4 this is still present and after "something" registered a
"cts(cbc(aes))" alg on the "cts(cbc(aes-ce))" driver the code in
crypto_lookup_skcipher will dismiss it because of the missing GIVCIPHER
flag (type is BLKCIPHER)
It will then add a fitting alg through crypto_givcipher_default which ends
up calling "__crypto_register_alg" which then fails (returns EEXISTS)
because it is adding it with the same name and driver name, although the
flag is different (GIVCIPHER instead of BLKCIPHER) which is actually fine:
__crypto_alg_lookup checks for a matching type before checking the name.
Hence duplicate names are OK if the flags are different.
I hence argue that the commit should be reverted as it causes regressions.
In my case the device doesn't boot at all anymore as it relies on that
crypto alg.
Regards,
Alexander Grund
[-- Attachment #2: Type: text/html, Size: 1411 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [cip-dev] [4.4] Broken GIV crypto
2024-03-26 18:38 [4.4] Broken GIV crypto Alex Grund
@ 2024-04-04 12:46 ` Ulrich Hecht
0 siblings, 0 replies; 2+ messages in thread
From: Ulrich Hecht @ 2024-04-04 12:46 UTC (permalink / raw)
To: cip-dev, Alex Grund
> On 03/26/2024 7:38 PM CET Alex Grund <flamefire89@gmail.com> wrote:
> I need to report a bug against the linux-4.4.y-st branch caused by commit 24a1889c (crypto: api - Disallow identical driver names)
>
> The upstream commit on which this is based is applied to a kernel tree that removed the GIV ciphers and the CRYPTO_ALG_TYPE_GIVCIPHER in upstream commit c79b411eaa (crypto: skcipher - remove remnants of internal IV generators)
>
> However in 4.4 this is still present and after "something" registered a "cts(cbc(aes))" alg on the "cts(cbc(aes-ce))" driver the code in crypto_lookup_skcipher will dismiss it because of the missing GIVCIPHER flag (type is BLKCIPHER)
> It will then add a fitting alg through crypto_givcipher_default which ends up calling "__crypto_register_alg" which then fails (returns EEXISTS) because it is adding it with the same name and driver name, although the flag is different (GIVCIPHER instead of BLKCIPHER) which is actually fine: __crypto_alg_lookup checks for a matching type before checking the name.
>
> Hence duplicate names are OK if the flags are different.
>
> I hence argue that the commit should be reverted as it causes regressions. In my case the device doesn't boot at all anymore as it relies on that crypto alg.
Thanks for the report. I will revert this patch for the next release.
CU
Uli
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2024-04-04 12:46 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-03-26 18:38 [4.4] Broken GIV crypto Alex Grund
2024-04-04 12:46 ` [cip-dev] " Ulrich Hecht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).