From: Eric Biggers <ebiggers@kernel.org>
To: Elena Petrova <lenaptr@google.com>
Cc: linux-crypto@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>
Subject: Re: [PATCH 1/1] crypto: af_alg - add extra parameters for DRBG interface
Date: Mon, 13 Jul 2020 10:10:45 -0700 [thread overview]
Message-ID: <20200713171045.GA722906@gmail.com> (raw)
In-Reply-To: <20200713164857.1031117-2-lenaptr@google.com>
Just some bike-shedding:
On Mon, Jul 13, 2020 at 05:48:57PM +0100, Elena Petrova wrote:
> Extending the userspace RNG interface:
> 1. adding ALG_SET_DRBG_ENTROPY setsockopt option for entropy input;
> 2. using sendmsg syscall for specifying the additional data.
>
> Signed-off-by: Elena Petrova <lenaptr@google.com>
A cover letter shouldn't really be used for a single patch.
Just put the details here in the commit message.
> diff --git a/crypto/algif_rng.c b/crypto/algif_rng.c
> index 087c0ad09d38..c3d1667db367 100644
> --- a/crypto/algif_rng.c
> +++ b/crypto/algif_rng.c
> @@ -53,8 +53,24 @@ struct rng_ctx {
> #define MAXSIZE 128
> unsigned int len;
> struct crypto_rng *drng;
> + u8 *addtl;
> + size_t addtl_len;
> };
>
> +struct rng_parent_ctx {
> + struct crypto_rng *drng;
> + u8 *entropy;
> +};
> +
> +static void reset_addtl(struct rng_ctx *ctx)
> +{
> + if (ctx->addtl) {
> + kzfree(ctx->addtl);
> + ctx->addtl = NULL;
> + }
> + ctx->addtl_len = 0;
> +}
It's recommended to prefix function names. So, reset_addtl => rng_reset_addtl.
> +static int rng_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
> +{
> + int err;
> + struct alg_sock *ask = alg_sk(sock->sk);
> + struct rng_ctx *ctx = ask->private;
> +
> + reset_addtl(ctx);
> + ctx->addtl = kzalloc(len, GFP_KERNEL);
> + if (!ctx->addtl)
> + return -ENOMEM;
Shouldn't the length be limited here?
Also, kmalloc would be sufficient since the memcpy_from_msg() immediately below
initializes the memory.
> +
> + err = memcpy_from_msg(ctx->addtl, msg, len);
> + if (err) {
> + reset_addtl(ctx);
> + return err;
> + }
> + ctx->addtl_len = len;
> +
> + return 0;
> +}
> static void *rng_bind(const char *name, u32 type, u32 mask)
> {
> - return crypto_alloc_rng(name, type, mask);
> + struct rng_parent_ctx *pctx;
> + void *err_ptr;
> +
> + pctx = kzalloc(sizeof(*pctx), GFP_KERNEL);
> + if (!pctx)
> + return ERR_PTR(-ENOMEM);
> +
> + pctx->drng = crypto_alloc_rng(name, type, mask);
> + if (!IS_ERR(pctx->drng))
> + return pctx;
> +
> + err_ptr = pctx->drng;
> + kfree(pctx);
> + return err_ptr;
> }
The error handling here is weird. It would be more conventional to do something
like:
static void *rng_bind(const char *name, u32 type, u32 mask)
{
struct rng_parent_ctx *pctx;
struct crypto_rng *rng;
pctx = kzalloc(sizeof(*pctx), GFP_KERNEL);
if (!pctx)
return ERR_PTR(-ENOMEM);
rng = crypto_alloc_rng(name, type, mask);
if (IS_ERR(rng)) {
kfree(pctx);
return ERR_CAST(rng);
}
pctx->drng = rng;
return pctx;
}
>
> static void rng_release(void *private)
> {
> - crypto_free_rng(private);
> + struct rng_parent_ctx *pctx = private;
> + if (unlikely(!pctx))
> + return;
There should be a blank line between declarations and statements.
> + crypto_free_rng(pctx->drng);
> + if (pctx->entropy)
> + kzfree(pctx->entropy);
No need to check for NULL before calling kzfree().
> +static int rng_setentropy(void *private, const u8 *entropy, unsigned int len)
> +{
> + struct rng_parent_ctx *pctx = private;
> + u8 *kentropy = NULL;
> +
> + if (pctx->entropy)
> + return -EINVAL;
> +
> + if (entropy && len) {
Best to check just 'len', so that users get an error as expected if they
accidentally pass entry=NULL len=nonzero.
> + kentropy = kzalloc(len, GFP_KERNEL);
> + if (!kentropy)
> + return -ENOMEM;
> + if (copy_from_user(kentropy, entropy, len)) {
> + kzfree(kentropy);
> + return -EFAULT;
> + }
This can use memdup_user(). Also, should there be a length limit?
> + }
> +
> + crypto_rng_alg(pctx->drng)->set_ent(pctx->drng, kentropy, len);
> + pctx->entropy = kentropy;
pctx->entropy could just be a bool 'has_entropy', right? The actual value
doesn't need to be saved.
- Eric
next prev parent reply other threads:[~2020-07-13 17:10 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-13 16:48 [PATCH 0/1] crypto: af_alg - add extra parameters for DRBG interface Elena Petrova
2020-07-13 16:48 ` [PATCH 1/1] " Elena Petrova
2020-07-13 17:10 ` Eric Biggers [this message]
2020-07-16 14:23 ` Elena Petrova
2020-07-16 16:40 ` [PATCH v2] " Elena Petrova
2020-07-20 17:35 ` Stephan Mueller
2020-07-21 12:55 ` Elena Petrova
2020-07-21 13:18 ` Stephan Mueller
2020-07-28 16:16 ` Elena Petrova
2020-07-20 17:42 ` Stephan Müller
2020-07-22 15:59 ` Eric Biggers
2020-07-28 15:51 ` [PATCH v3] " Elena Petrova
2020-07-28 17:36 ` Eric Biggers
2020-07-29 15:45 ` [PATCH v4] " Elena Petrova
2020-07-29 19:26 ` Stephan Müller
2020-07-31 7:23 ` Herbert Xu
2020-08-03 14:48 ` Elena Petrova
2020-08-03 15:10 ` Stephan Mueller
2020-08-03 15:30 ` Elena Petrova
2020-08-04 2:18 ` Herbert Xu
2020-07-13 17:25 ` [PATCH 1/1] " Eric Biggers
2020-07-31 7:26 ` Herbert Xu
2020-08-13 16:00 ` Elena Petrova
2020-08-13 16:01 ` [PATCH v4] " Elena Petrova
2020-08-13 16:04 ` Elena Petrova
2020-08-13 16:08 ` [PATCH v5] " Elena Petrova
2020-08-13 19:32 ` Eric Biggers
2020-08-21 4:24 ` Herbert Xu
2020-09-08 17:04 ` [PATCH v6] " Elena Petrova
2020-09-09 4:35 ` Eric Biggers
2020-09-09 18:29 ` [PATCH v7] " Elena Petrova
2020-09-09 21:00 ` Eric Biggers
2020-09-16 11:07 ` [PATCH v8] " Elena Petrova
2020-09-18 6:43 ` Herbert Xu
2020-09-18 15:42 ` [PATCH v9] " Elena Petrova
2020-09-25 8:16 ` Herbert Xu
2020-09-08 17:23 ` [PATCH v5] " Elena Petrova
2020-09-08 17:18 ` Elena Petrova
2020-07-14 5:17 ` [PATCH 0/1] " Stephan Mueller
2020-07-14 15:23 ` Elena Petrova
2020-07-14 15:34 ` Stephan Mueller
2020-07-16 14:41 ` Elena Petrova
2020-07-16 14:49 ` Stephan Mueller
2020-07-16 14:59 ` Stephan Mueller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200713171045.GA722906@gmail.com \
--to=ebiggers@kernel.org \
--cc=ardb@kernel.org \
--cc=lenaptr@google.com \
--cc=linux-crypto@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).