linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Kees Cook <keescook@chromium.org>
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "Kees Cook" <keescook@chromium.org>,
	"João Moreira" <joao.moreira@lsc.ic.unicamp.br>,
	"Eric Biggers" <ebiggers@kernel.org>,
	"Sami Tolvanen" <samitolvanen@google.com>,
	"David S. Miller" <davem@davemloft.net>,
	"Ard Biesheuvel" <ard.biesheuvel@linaro.org>,
	"Stephan Mueller" <smueller@chronox.de>,
	x86@kernel.org, linux-crypto@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	kernel-hardening@lists.openwall.com
Subject: [PATCH v4 1/8] crypto: x86/glue_helper: Add function glue macros
Date: Mon, 11 Nov 2019 13:45:45 -0800	[thread overview]
Message-ID: <20191111214552.36717-2-keescook@chromium.org> (raw)
In-Reply-To: <20191111214552.36717-1-keescook@chromium.org>

The crypto glue performed function prototype casting to make indirect
calls to assembly routines. Instead of performing casts at the call
sites (which trips Control Flow Integrity prototype checking), create a
set of macros to either declare the prototypes to avoid the need for
casts, or build inline helpers to allow for various aliased functions.

Co-developed-by: João Moreira <joao.moreira@lsc.ic.unicamp.br>
Signed-off-by: Kees Cook <keescook@chromium.org>
---
 arch/x86/include/asm/crypto/glue_helper.h | 24 +++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/arch/x86/include/asm/crypto/glue_helper.h b/arch/x86/include/asm/crypto/glue_helper.h
index 8d4a8e1226ee..2fa4968ab8e2 100644
--- a/arch/x86/include/asm/crypto/glue_helper.h
+++ b/arch/x86/include/asm/crypto/glue_helper.h
@@ -23,6 +23,30 @@ typedef void (*common_glue_xts_func_t)(void *ctx, u128 *dst, const u128 *src,
 #define GLUE_CTR_FUNC_CAST(fn) ((common_glue_ctr_func_t)(fn))
 #define GLUE_XTS_FUNC_CAST(fn) ((common_glue_xts_func_t)(fn))
 
+#define CRYPTO_FUNC(func)						\
+asmlinkage void func(void *ctx, u8 *dst, const u8 *src)
+
+#define CRYPTO_FUNC_CBC(func)						\
+asmlinkage void func(void *ctx, u128 *dst, const u128 *src)
+
+#define CRYPTO_FUNC_WRAP_CBC(func)					\
+static inline void func ## _cbc(void *ctx, u128 *dst, const u128 *src)	\
+{ func(ctx, (u8 *)dst, (u8 *)src); }
+
+#define CRYPTO_FUNC_CTR(func)						\
+asmlinkage void func(void *ctx, u128 *dst, const u128 *src, le128 *iv);
+
+#define CRYPTO_FUNC_XTS(func)	CRYPTO_FUNC_CTR(func)
+
+#define CRYPTO_FUNC_XOR(func)						\
+asmlinkage void __ ## func(void *ctx, u8 *dst, const u8 *src, bool y);	\
+asmlinkage static inline						\
+void func(void *ctx, u8 *dst, const u8 *src)				\
+{ __ ## func(ctx, dst, src, false); }					\
+asmlinkage static inline						\
+void func ## _xor(void *ctx, u8 *dst, const u8 *src)			\
+{ __ ## func(ctx, dst, src, true); }
+
 struct common_glue_func_entry {
 	unsigned int num_blocks; /* number of blocks that @fn will process */
 	union {
-- 
2.17.1


  reply	other threads:[~2019-11-11 21:46 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-11-11 21:45 [PATCH v4 0/8] crypto: x86: Fix indirect function call casts Kees Cook
2019-11-11 21:45 ` Kees Cook [this message]
2019-11-11 21:45 ` [PATCH v4 2/8] crypto: x86/serpent: Use new glue function macros Kees Cook
2019-11-11 21:45 ` [PATCH v4 3/8] crypto: x86/camellia: " Kees Cook
2019-11-12  2:41   ` Stephan Müller
2019-11-12  3:14     ` Eric Biggers
2019-11-12  3:16       ` Herbert Xu
2019-11-12 22:56         ` Kees Cook
2019-11-11 21:45 ` [PATCH v4 4/8] crypto: x86/twofish: " Kees Cook
2019-11-11 21:45 ` [PATCH v4 5/8] crypto: x86/cast6: " Kees Cook
2019-11-11 21:45 ` [PATCH v4 6/8] crypto: x86/aesni: " Kees Cook
2019-11-11 21:45 ` [PATCH v4 7/8] crypto: x86/glue_helper: Remove function prototype cast helpers Kees Cook
2019-11-11 21:45 ` [PATCH v4 8/8] crypto, x86/sha: Eliminate casts on asm implementations Kees Cook

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191111214552.36717-2-keescook@chromium.org \
    --to=keescook@chromium.org \
    --cc=ard.biesheuvel@linaro.org \
    --cc=davem@davemloft.net \
    --cc=ebiggers@kernel.org \
    --cc=herbert@gondor.apana.org.au \
    --cc=joao.moreira@lsc.ic.unicamp.br \
    --cc=kernel-hardening@lists.openwall.com \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=samitolvanen@google.com \
    --cc=smueller@chronox.de \
    --cc=x86@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).