From 64a947b1337b93061da7c7af1f6ce6b2431b70ae Mon Sep 17 00:00:00 2001 From: Steffen Klassert Date: Tue, 27 Sep 2011 07:21:26 +0200 Subject: crypto: Add a flag to identify crypto instances The upcomming crypto user configuration api needs to identify crypto instances. This patch adds a flag that is set if the algorithm is an instance that is build from templates. Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu --- include/linux/crypto.h | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'include/linux') diff --git a/include/linux/crypto.h b/include/linux/crypto.h index e5e468e9133d..de9adec5693c 100644 --- a/include/linux/crypto.h +++ b/include/linux/crypto.h @@ -71,6 +71,11 @@ #define CRYPTO_ALG_TESTED 0x00000400 +/* + * Set if the algorithm is an instance that is build from templates. + */ +#define CRYPTO_ALG_INSTANCE 0x00000800 + /* * Transform masks and values (for crt_flags). */ -- cgit v1.2.3 From a38f7907b926e4c6c7d389ad96cc38cec2e5a9e9 Mon Sep 17 00:00:00 2001 From: Steffen Klassert Date: Tue, 27 Sep 2011 07:23:50 +0200 Subject: crypto: Add userspace configuration API This patch adds a basic userspace configuration API for the crypto layer. With this it is possible to instantiate, remove and to show crypto algorithms from userspace. Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu --- crypto/Kconfig | 7 + crypto/Makefile | 1 + crypto/crypto_user.c | 372 +++++++++++++++++++++++++++++++++++++++++++++ include/linux/cryptouser.h | 52 +++++++ include/linux/netlink.h | 1 + 5 files changed, 433 insertions(+) create mode 100644 crypto/crypto_user.c create mode 100644 include/linux/cryptouser.h (limited to 'include/linux') diff --git a/crypto/Kconfig b/crypto/Kconfig index 404a846b1e43..a8442dca024d 100644 --- a/crypto/Kconfig +++ b/crypto/Kconfig @@ -100,6 +100,13 @@ config CRYPTO_MANAGER2 select CRYPTO_BLKCIPHER2 select CRYPTO_PCOMP2 +config CRYPTO_USER + tristate "Userspace cryptographic algorithm configuration" + select CRYPTO_MANAGER + help + Userapace configuration for cryptographic instantiations such as + cbc(aes). + config CRYPTO_MANAGER_DISABLE_TESTS bool "Disable run-time self tests" default y diff --git a/crypto/Makefile b/crypto/Makefile index fa8cbbbca67e..9e6eee2c05db 100644 --- a/crypto/Makefile +++ b/crypto/Makefile @@ -31,6 +31,7 @@ obj-$(CONFIG_CRYPTO_PCOMP2) += pcompress.o cryptomgr-y := algboss.o testmgr.o obj-$(CONFIG_CRYPTO_MANAGER2) += cryptomgr.o +obj-$(CONFIG_CRYPTO_USER) += crypto_user.o obj-$(CONFIG_CRYPTO_HMAC) += hmac.o obj-$(CONFIG_CRYPTO_VMAC) += vmac.o obj-$(CONFIG_CRYPTO_XCBC) += xcbc.o diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c new file mode 100644 index 000000000000..513cfe7bc3ba --- /dev/null +++ b/crypto/crypto_user.c @@ -0,0 +1,372 @@ +/* + * Crypto user configuration API. + * + * Copyright (C) 2011 secunet Security Networks AG + * Copyright (C) 2011 Steffen Klassert + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA. + */ + +#include +#include +#include +#include +#include +#include +#include "internal.h" + +DEFINE_MUTEX(crypto_cfg_mutex); + +/* The crypto netlink socket */ +static struct sock *crypto_nlsk; + +struct crypto_dump_info { + struct sk_buff *in_skb; + struct sk_buff *out_skb; + u32 nlmsg_seq; + u16 nlmsg_flags; +}; + +static struct crypto_alg *crypto_alg_match(struct crypto_user_alg *p, int exact) +{ + int match; + struct crypto_alg *q, *alg = NULL; + + down_read(&crypto_alg_sem); + + if (list_empty(&crypto_alg_list)) + return NULL; + + list_for_each_entry(q, &crypto_alg_list, cra_list) { + + if ((q->cra_flags ^ p->cru_type) & p->cru_mask) + continue; + + if (strlen(p->cru_driver_name)) + match = !strcmp(q->cra_driver_name, + p->cru_driver_name); + else if (!exact) + match = !strcmp(q->cra_name, p->cru_name); + + if (match) { + alg = q; + break; + } + } + + up_read(&crypto_alg_sem); + + return alg; +} + +static int crypto_report_one(struct crypto_alg *alg, + struct crypto_user_alg *ualg, struct sk_buff *skb) +{ + memcpy(&ualg->cru_name, &alg->cra_name, sizeof(ualg->cru_name)); + memcpy(&ualg->cru_driver_name, &alg->cra_driver_name, + sizeof(ualg->cru_driver_name)); + memcpy(&ualg->cru_module_name, module_name(alg->cra_module), + CRYPTO_MAX_ALG_NAME); + + ualg->cru_flags = alg->cra_flags; + ualg->cru_refcnt = atomic_read(&alg->cra_refcnt); + + NLA_PUT_U32(skb, CRYPTOCFGA_PRIORITY_VAL, alg->cra_priority); + + return 0; + +nla_put_failure: + return -EMSGSIZE; +} + +static int crypto_report_alg(struct crypto_alg *alg, + struct crypto_dump_info *info) +{ + struct sk_buff *in_skb = info->in_skb; + struct sk_buff *skb = info->out_skb; + struct nlmsghdr *nlh; + struct crypto_user_alg *ualg; + int err = 0; + + nlh = nlmsg_put(skb, NETLINK_CB(in_skb).pid, info->nlmsg_seq, + CRYPTO_MSG_GETALG, sizeof(*ualg), info->nlmsg_flags); + if (!nlh) { + err = -EMSGSIZE; + goto out; + } + + ualg = nlmsg_data(nlh); + + err = crypto_report_one(alg, ualg, skb); + if (err) { + nlmsg_cancel(skb, nlh); + goto out; + } + + nlmsg_end(skb, nlh); + +out: + return err; +} + +static int crypto_report(struct sk_buff *in_skb, struct nlmsghdr *in_nlh, + struct nlattr **attrs) +{ + struct crypto_user_alg *p = nlmsg_data(in_nlh); + struct crypto_alg *alg; + struct sk_buff *skb; + struct crypto_dump_info info; + int err; + + if (!p->cru_driver_name) + return -EINVAL; + + alg = crypto_alg_match(p, 1); + if (!alg) + return -ENOENT; + + skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); + if (!skb) + return -ENOMEM; + + info.in_skb = in_skb; + info.out_skb = skb; + info.nlmsg_seq = in_nlh->nlmsg_seq; + info.nlmsg_flags = 0; + + err = crypto_report_alg(alg, &info); + if (err) + return err; + + return nlmsg_unicast(crypto_nlsk, skb, NETLINK_CB(in_skb).pid); +} + +static int crypto_dump_report(struct sk_buff *skb, struct netlink_callback *cb) +{ + struct crypto_alg *alg; + struct crypto_dump_info info; + int err; + + if (cb->args[0]) + goto out; + + cb->args[0] = 1; + + info.in_skb = cb->skb; + info.out_skb = skb; + info.nlmsg_seq = cb->nlh->nlmsg_seq; + info.nlmsg_flags = NLM_F_MULTI; + + list_for_each_entry(alg, &crypto_alg_list, cra_list) { + err = crypto_report_alg(alg, &info); + if (err) + goto out_err; + } + +out: + return skb->len; +out_err: + return err; +} + +static int crypto_dump_report_done(struct netlink_callback *cb) +{ + return 0; +} + +static int crypto_update_alg(struct sk_buff *skb, struct nlmsghdr *nlh, + struct nlattr **attrs) +{ + struct crypto_alg *alg; + struct crypto_user_alg *p = nlmsg_data(nlh); + struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL]; + LIST_HEAD(list); + + if (priority && !strlen(p->cru_driver_name)) + return -EINVAL; + + alg = crypto_alg_match(p, 1); + if (!alg) + return -ENOENT; + + down_write(&crypto_alg_sem); + + crypto_remove_spawns(alg, &list, NULL); + + if (priority) + alg->cra_priority = nla_get_u32(priority); + + up_write(&crypto_alg_sem); + + crypto_remove_final(&list); + + return 0; +} + +static int crypto_del_alg(struct sk_buff *skb, struct nlmsghdr *nlh, + struct nlattr **attrs) +{ + struct crypto_alg *alg; + struct crypto_user_alg *p = nlmsg_data(nlh); + + alg = crypto_alg_match(p, 1); + if (!alg) + return -ENOENT; + + /* We can not unregister core algorithms such as aes-generic. + * We would loose the reference in the crypto_alg_list to this algorithm + * if we try to unregister. Unregistering such an algorithm without + * removing the module is not possible, so we restrict to crypto + * instances that are build from templates. */ + if (!(alg->cra_flags & CRYPTO_ALG_INSTANCE)) + return -EINVAL; + + if (atomic_read(&alg->cra_refcnt) != 1) + return -EBUSY; + + return crypto_unregister_alg(alg); +} + +static int crypto_add_alg(struct sk_buff *skb, struct nlmsghdr *nlh, + struct nlattr **attrs) +{ + int exact; + const char *name; + struct crypto_alg *alg; + struct crypto_user_alg *p = nlmsg_data(nlh); + struct nlattr *priority = attrs[CRYPTOCFGA_PRIORITY_VAL]; + + if (strlen(p->cru_driver_name)) + exact = 1; + + if (priority && !exact) + return -EINVAL; + + alg = crypto_alg_match(p, exact); + if (alg) + return -EEXIST; + + if (strlen(p->cru_driver_name)) + name = p->cru_driver_name; + else + name = p->cru_name; + + alg = crypto_alg_mod_lookup(name, p->cru_type, p->cru_mask); + if (IS_ERR(alg)) + return PTR_ERR(alg); + + down_write(&crypto_alg_sem); + + if (priority) + alg->cra_priority = nla_get_u32(priority); + + up_write(&crypto_alg_sem); + + crypto_mod_put(alg); + + return 0; +} + +#define MSGSIZE(type) sizeof(struct type) + +static const int crypto_msg_min[CRYPTO_NR_MSGTYPES] = { + [CRYPTO_MSG_NEWALG - CRYPTO_MSG_BASE] = MSGSIZE(crypto_user_alg), + [CRYPTO_MSG_DELALG - CRYPTO_MSG_BASE] = MSGSIZE(crypto_user_alg), + [CRYPTO_MSG_UPDATEALG - CRYPTO_MSG_BASE] = MSGSIZE(crypto_user_alg), + [CRYPTO_MSG_GETALG - CRYPTO_MSG_BASE] = MSGSIZE(crypto_user_alg), +}; + +static const struct nla_policy crypto_policy[CRYPTOCFGA_MAX+1] = { + [CRYPTOCFGA_PRIORITY_VAL] = { .type = NLA_U32}, +}; + +#undef MSGSIZE + +static struct crypto_link { + int (*doit)(struct sk_buff *, struct nlmsghdr *, struct nlattr **); + int (*dump)(struct sk_buff *, struct netlink_callback *); + int (*done)(struct netlink_callback *); +} crypto_dispatch[CRYPTO_NR_MSGTYPES] = { + [CRYPTO_MSG_NEWALG - CRYPTO_MSG_BASE] = { .doit = crypto_add_alg}, + [CRYPTO_MSG_DELALG - CRYPTO_MSG_BASE] = { .doit = crypto_del_alg}, + [CRYPTO_MSG_UPDATEALG - CRYPTO_MSG_BASE] = { .doit = crypto_update_alg}, + [CRYPTO_MSG_GETALG - CRYPTO_MSG_BASE] = { .doit = crypto_report, + .dump = crypto_dump_report, + .done = crypto_dump_report_done}, +}; + +static int crypto_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) +{ + struct nlattr *attrs[CRYPTOCFGA_MAX+1]; + struct crypto_link *link; + int type, err; + + type = nlh->nlmsg_type; + if (type > CRYPTO_MSG_MAX) + return -EINVAL; + + type -= CRYPTO_MSG_BASE; + link = &crypto_dispatch[type]; + + if (security_netlink_recv(skb, CAP_NET_ADMIN)) + return -EPERM; + + if ((type == (CRYPTO_MSG_GETALG - CRYPTO_MSG_BASE) && + (nlh->nlmsg_flags & NLM_F_DUMP))) { + if (link->dump == NULL) + return -EINVAL; + + return netlink_dump_start(crypto_nlsk, skb, nlh, + link->dump, link->done, 0); + } + + err = nlmsg_parse(nlh, crypto_msg_min[type], attrs, CRYPTOCFGA_MAX, + crypto_policy); + if (err < 0) + return err; + + if (link->doit == NULL) + return -EINVAL; + + return link->doit(skb, nlh, attrs); +} + +static void crypto_netlink_rcv(struct sk_buff *skb) +{ + mutex_lock(&crypto_cfg_mutex); + netlink_rcv_skb(skb, &crypto_user_rcv_msg); + mutex_unlock(&crypto_cfg_mutex); +} + +static int __init crypto_user_init(void) +{ + crypto_nlsk = netlink_kernel_create(&init_net, NETLINK_CRYPTO, + 0, crypto_netlink_rcv, + NULL, THIS_MODULE); + if (!crypto_nlsk) + return -ENOMEM; + + return 0; +} + +static void __exit crypto_user_exit(void) +{ + netlink_kernel_release(crypto_nlsk); +} + +module_init(crypto_user_init); +module_exit(crypto_user_exit); +MODULE_LICENSE("GPL"); +MODULE_AUTHOR("Steffen Klassert "); +MODULE_DESCRIPTION("Crypto userspace configuration API"); diff --git a/include/linux/cryptouser.h b/include/linux/cryptouser.h new file mode 100644 index 000000000000..b874e3879d81 --- /dev/null +++ b/include/linux/cryptouser.h @@ -0,0 +1,52 @@ +/* + * Crypto user configuration API. + * + * Copyright (C) 2011 secunet Security Networks AG + * Copyright (C) 2011 Steffen Klassert + * + * This program is free software; you can redistribute it and/or modify it + * under the terms and conditions of the GNU General Public License, + * version 2, as published by the Free Software Foundation. + * + * This program is distributed in the hope it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, write to the Free Software Foundation, Inc., + * 51 Franklin St - Fifth Floor, Boston, MA 02110-1301 USA. + */ + +/* Netlink configuration messages. */ +enum { + CRYPTO_MSG_BASE = 0x10, + CRYPTO_MSG_NEWALG = 0x10, + CRYPTO_MSG_DELALG, + CRYPTO_MSG_UPDATEALG, + CRYPTO_MSG_GETALG, + __CRYPTO_MSG_MAX +}; +#define CRYPTO_MSG_MAX (__CRYPTO_MSG_MAX - 1) +#define CRYPTO_NR_MSGTYPES (CRYPTO_MSG_MAX + 1 - CRYPTO_MSG_BASE) + +#define CRYPTO_MAX_NAME CRYPTO_MAX_ALG_NAME + +/* Netlink message attributes. */ +enum crypto_attr_type_t { + CRYPTOCFGA_UNSPEC, + CRYPTOCFGA_PRIORITY_VAL, /* __u32 */ + __CRYPTOCFGA_MAX + +#define CRYPTOCFGA_MAX (__CRYPTOCFGA_MAX - 1) +}; + +struct crypto_user_alg { + char cru_name[CRYPTO_MAX_ALG_NAME]; + char cru_driver_name[CRYPTO_MAX_ALG_NAME]; + char cru_module_name[CRYPTO_MAX_ALG_NAME]; + __u32 cru_type; + __u32 cru_mask; + __u32 cru_refcnt; + __u32 cru_flags; +}; diff --git a/include/linux/netlink.h b/include/linux/netlink.h index 2e17c5dbdcb8..464ace04283b 100644 --- a/include/linux/netlink.h +++ b/include/linux/netlink.h @@ -25,6 +25,7 @@ #define NETLINK_SCSITRANSPORT 18 /* SCSI Transports */ #define NETLINK_ECRYPTFS 19 #define NETLINK_RDMA 20 +#define NETLINK_CRYPTO 21 /* Crypto layer */ #define MAX_LINKS 32 -- cgit v1.2.3 From 6c5a86f529a9e9ca4c9aca5fa477e9557d4a3d3d Mon Sep 17 00:00:00 2001 From: Steffen Klassert Date: Tue, 27 Sep 2011 07:25:05 +0200 Subject: crypto: Add userspace report for larval type algorithms Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu --- crypto/crypto_user.c | 12 ++++++++++++ include/linux/cryptouser.h | 5 +++++ 2 files changed, 17 insertions(+) (limited to 'include/linux') diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c index aa67c74ee136..8a0c5c6c6589 100644 --- a/crypto/crypto_user.c +++ b/crypto/crypto_user.c @@ -84,11 +84,23 @@ static int crypto_report_one(struct crypto_alg *alg, NLA_PUT_U32(skb, CRYPTOCFGA_PRIORITY_VAL, alg->cra_priority); + if (alg->cra_flags & CRYPTO_ALG_LARVAL) { + struct crypto_report_larval rl; + + snprintf(rl.type, CRYPTO_MAX_ALG_NAME, "%s", "larval"); + + NLA_PUT(skb, CRYPTOCFGA_REPORT_LARVAL, + sizeof(struct crypto_report_larval), &rl); + + goto out; + } + if (alg->cra_type && alg->cra_type->report) { if (alg->cra_type->report(skb, alg)) goto nla_put_failure; } +out: return 0; nla_put_failure: diff --git a/include/linux/cryptouser.h b/include/linux/cryptouser.h index b874e3879d81..7a849b4c3b82 100644 --- a/include/linux/cryptouser.h +++ b/include/linux/cryptouser.h @@ -36,6 +36,7 @@ enum { enum crypto_attr_type_t { CRYPTOCFGA_UNSPEC, CRYPTOCFGA_PRIORITY_VAL, /* __u32 */ + CRYPTOCFGA_REPORT_LARVAL, /* struct crypto_report_larval */ __CRYPTOCFGA_MAX #define CRYPTOCFGA_MAX (__CRYPTOCFGA_MAX - 1) @@ -50,3 +51,7 @@ struct crypto_user_alg { __u32 cru_refcnt; __u32 cru_flags; }; + +struct crypto_report_larval { + char type[CRYPTO_MAX_NAME]; +}; -- cgit v1.2.3 From f4d663ce6357e533f107ce3789bd8848c94bea81 Mon Sep 17 00:00:00 2001 From: Steffen Klassert Date: Tue, 27 Sep 2011 07:26:10 +0200 Subject: crypto: Add userspace report for shash type algorithms Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu --- crypto/shash.c | 21 +++++++++++++++++++++ include/linux/cryptouser.h | 7 +++++++ 2 files changed, 28 insertions(+) (limited to 'include/linux') diff --git a/crypto/shash.c b/crypto/shash.c index 76f74b963151..ea8a9c6e21e3 100644 --- a/crypto/shash.c +++ b/crypto/shash.c @@ -17,6 +17,8 @@ #include #include #include +#include +#include #include "internal.h" @@ -522,6 +524,24 @@ static unsigned int crypto_shash_extsize(struct crypto_alg *alg) return alg->cra_ctxsize; } +static int crypto_shash_report(struct sk_buff *skb, struct crypto_alg *alg) +{ + struct crypto_report_hash rhash; + struct shash_alg *salg = __crypto_shash_alg(alg); + + snprintf(rhash.type, CRYPTO_MAX_ALG_NAME, "%s", "shash"); + rhash.blocksize = alg->cra_blocksize; + rhash.digestsize = salg->digestsize; + + NLA_PUT(skb, CRYPTOCFGA_REPORT_HASH, + sizeof(struct crypto_report_hash), &rhash); + + return 0; + +nla_put_failure: + return -EMSGSIZE; +} + static void crypto_shash_show(struct seq_file *m, struct crypto_alg *alg) __attribute__ ((unused)); static void crypto_shash_show(struct seq_file *m, struct crypto_alg *alg) @@ -541,6 +561,7 @@ static const struct crypto_type crypto_shash_type = { #ifdef CONFIG_PROC_FS .show = crypto_shash_show, #endif + .report = crypto_shash_report, .maskclear = ~CRYPTO_ALG_TYPE_MASK, .maskset = CRYPTO_ALG_TYPE_MASK, .type = CRYPTO_ALG_TYPE_SHASH, diff --git a/include/linux/cryptouser.h b/include/linux/cryptouser.h index 7a849b4c3b82..ee4688221975 100644 --- a/include/linux/cryptouser.h +++ b/include/linux/cryptouser.h @@ -37,6 +37,7 @@ enum crypto_attr_type_t { CRYPTOCFGA_UNSPEC, CRYPTOCFGA_PRIORITY_VAL, /* __u32 */ CRYPTOCFGA_REPORT_LARVAL, /* struct crypto_report_larval */ + CRYPTOCFGA_REPORT_HASH, /* struct crypto_report_hash */ __CRYPTOCFGA_MAX #define CRYPTOCFGA_MAX (__CRYPTOCFGA_MAX - 1) @@ -55,3 +56,9 @@ struct crypto_user_alg { struct crypto_report_larval { char type[CRYPTO_MAX_NAME]; }; + +struct crypto_report_hash { + char type[CRYPTO_MAX_NAME]; + unsigned int blocksize; + unsigned int digestsize; +}; -- cgit v1.2.3 From 50496a1fab6c6a90b77da4b247321a88e632bd46 Mon Sep 17 00:00:00 2001 From: Steffen Klassert Date: Tue, 27 Sep 2011 07:41:54 +0200 Subject: crypto: Add userspace report for blkcipher type algorithms Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu --- crypto/blkcipher.c | 25 +++++++++++++++++++++++++ include/linux/cryptouser.h | 10 ++++++++++ 2 files changed, 35 insertions(+) (limited to 'include/linux') diff --git a/crypto/blkcipher.c b/crypto/blkcipher.c index 7a7219266e3c..2572d2600136 100644 --- a/crypto/blkcipher.c +++ b/crypto/blkcipher.c @@ -24,6 +24,8 @@ #include #include #include +#include +#include #include "internal.h" @@ -492,6 +494,28 @@ static int crypto_init_blkcipher_ops(struct crypto_tfm *tfm, u32 type, u32 mask) return crypto_init_blkcipher_ops_async(tfm); } +static int crypto_blkcipher_report(struct sk_buff *skb, struct crypto_alg *alg) +{ + struct crypto_report_blkcipher rblkcipher; + + snprintf(rblkcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "blkcipher"); + snprintf(rblkcipher.geniv, CRYPTO_MAX_ALG_NAME, "%s", + alg->cra_blkcipher.geniv ?: ""); + + rblkcipher.blocksize = alg->cra_blocksize; + rblkcipher.min_keysize = alg->cra_blkcipher.min_keysize; + rblkcipher.max_keysize = alg->cra_blkcipher.max_keysize; + rblkcipher.ivsize = alg->cra_blkcipher.ivsize; + + NLA_PUT(skb, CRYPTOCFGA_REPORT_BLKCIPHER, + sizeof(struct crypto_report_blkcipher), &rblkcipher); + + return 0; + +nla_put_failure: + return -EMSGSIZE; +} + static void crypto_blkcipher_show(struct seq_file *m, struct crypto_alg *alg) __attribute__ ((unused)); static void crypto_blkcipher_show(struct seq_file *m, struct crypto_alg *alg) @@ -511,6 +535,7 @@ const struct crypto_type crypto_blkcipher_type = { #ifdef CONFIG_PROC_FS .show = crypto_blkcipher_show, #endif + .report = crypto_blkcipher_report, }; EXPORT_SYMBOL_GPL(crypto_blkcipher_type); diff --git a/include/linux/cryptouser.h b/include/linux/cryptouser.h index ee4688221975..a96a1a11ee66 100644 --- a/include/linux/cryptouser.h +++ b/include/linux/cryptouser.h @@ -38,6 +38,7 @@ enum crypto_attr_type_t { CRYPTOCFGA_PRIORITY_VAL, /* __u32 */ CRYPTOCFGA_REPORT_LARVAL, /* struct crypto_report_larval */ CRYPTOCFGA_REPORT_HASH, /* struct crypto_report_hash */ + CRYPTOCFGA_REPORT_BLKCIPHER, /* struct crypto_report_blkcipher */ __CRYPTOCFGA_MAX #define CRYPTOCFGA_MAX (__CRYPTOCFGA_MAX - 1) @@ -62,3 +63,12 @@ struct crypto_report_hash { unsigned int blocksize; unsigned int digestsize; }; + +struct crypto_report_blkcipher { + char type[CRYPTO_MAX_NAME]; + char geniv[CRYPTO_MAX_NAME]; + unsigned int blocksize; + unsigned int min_keysize; + unsigned int max_keysize; + unsigned int ivsize; +}; -- cgit v1.2.3 From 6ad414fe710d4fd3a8c8c6c2ad8fefcfcc207968 Mon Sep 17 00:00:00 2001 From: Steffen Klassert Date: Tue, 27 Sep 2011 07:44:27 +0200 Subject: crypto: Add userspace report for aead type algorithms Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu --- crypto/aead.c | 25 +++++++++++++++++++++++++ include/linux/cryptouser.h | 9 +++++++++ 2 files changed, 34 insertions(+) (limited to 'include/linux') diff --git a/crypto/aead.c b/crypto/aead.c index 6729e8ff68e7..bb641bd0285b 100644 --- a/crypto/aead.c +++ b/crypto/aead.c @@ -21,6 +21,8 @@ #include #include #include +#include +#include #include "internal.h" @@ -109,6 +111,28 @@ static int crypto_init_aead_ops(struct crypto_tfm *tfm, u32 type, u32 mask) return 0; } +static int crypto_aead_report(struct sk_buff *skb, struct crypto_alg *alg) +{ + struct crypto_report_aead raead; + struct aead_alg *aead = &alg->cra_aead; + + snprintf(raead.type, CRYPTO_MAX_ALG_NAME, "%s", "aead"); + snprintf(raead.geniv, CRYPTO_MAX_ALG_NAME, "%s", + aead->geniv ?: ""); + + raead.blocksize = alg->cra_blocksize; + raead.maxauthsize = aead->maxauthsize; + raead.ivsize = aead->ivsize; + + NLA_PUT(skb, CRYPTOCFGA_REPORT_AEAD, + sizeof(struct crypto_report_aead), &raead); + + return 0; + +nla_put_failure: + return -EMSGSIZE; +} + static void crypto_aead_show(struct seq_file *m, struct crypto_alg *alg) __attribute__ ((unused)); static void crypto_aead_show(struct seq_file *m, struct crypto_alg *alg) @@ -130,6 +154,7 @@ const struct crypto_type crypto_aead_type = { #ifdef CONFIG_PROC_FS .show = crypto_aead_show, #endif + .report = crypto_aead_report, }; EXPORT_SYMBOL_GPL(crypto_aead_type); diff --git a/include/linux/cryptouser.h b/include/linux/cryptouser.h index a96a1a11ee66..48030c7dfb51 100644 --- a/include/linux/cryptouser.h +++ b/include/linux/cryptouser.h @@ -39,6 +39,7 @@ enum crypto_attr_type_t { CRYPTOCFGA_REPORT_LARVAL, /* struct crypto_report_larval */ CRYPTOCFGA_REPORT_HASH, /* struct crypto_report_hash */ CRYPTOCFGA_REPORT_BLKCIPHER, /* struct crypto_report_blkcipher */ + CRYPTOCFGA_REPORT_AEAD, /* struct crypto_report_aead */ __CRYPTOCFGA_MAX #define CRYPTOCFGA_MAX (__CRYPTOCFGA_MAX - 1) @@ -72,3 +73,11 @@ struct crypto_report_blkcipher { unsigned int max_keysize; unsigned int ivsize; }; + +struct crypto_report_aead { + char type[CRYPTO_MAX_NAME]; + char geniv[CRYPTO_MAX_NAME]; + unsigned int blocksize; + unsigned int maxauthsize; + unsigned int ivsize; +}; -- cgit v1.2.3 From a55465dca7befd31f4ffa54508d4e2d1e701b8dc Mon Sep 17 00:00:00 2001 From: Steffen Klassert Date: Tue, 27 Sep 2011 07:46:32 +0200 Subject: crypto: Add userspace report for pcompress type algorithms Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu --- crypto/pcompress.c | 18 ++++++++++++++++++ include/linux/cryptouser.h | 5 +++++ 2 files changed, 23 insertions(+) (limited to 'include/linux') diff --git a/crypto/pcompress.c b/crypto/pcompress.c index f7c4a7d7412e..fefda78a6a2a 100644 --- a/crypto/pcompress.c +++ b/crypto/pcompress.c @@ -24,6 +24,8 @@ #include #include #include +#include +#include #include #include @@ -46,6 +48,21 @@ static int crypto_pcomp_init_tfm(struct crypto_tfm *tfm) return 0; } +static int crypto_pcomp_report(struct sk_buff *skb, struct crypto_alg *alg) +{ + struct crypto_report_comp rpcomp; + + snprintf(rpcomp.type, CRYPTO_MAX_ALG_NAME, "%s", "pcomp"); + + NLA_PUT(skb, CRYPTOCFGA_REPORT_COMPRESS, + sizeof(struct crypto_report_comp), &rpcomp); + + return 0; + +nla_put_failure: + return -EMSGSIZE; +} + static void crypto_pcomp_show(struct seq_file *m, struct crypto_alg *alg) __attribute__ ((unused)); static void crypto_pcomp_show(struct seq_file *m, struct crypto_alg *alg) @@ -60,6 +77,7 @@ static const struct crypto_type crypto_pcomp_type = { #ifdef CONFIG_PROC_FS .show = crypto_pcomp_show, #endif + .report = crypto_pcomp_report, .maskclear = ~CRYPTO_ALG_TYPE_MASK, .maskset = CRYPTO_ALG_TYPE_MASK, .type = CRYPTO_ALG_TYPE_PCOMPRESS, diff --git a/include/linux/cryptouser.h b/include/linux/cryptouser.h index 48030c7dfb51..c8c1dfcb7cf2 100644 --- a/include/linux/cryptouser.h +++ b/include/linux/cryptouser.h @@ -40,6 +40,7 @@ enum crypto_attr_type_t { CRYPTOCFGA_REPORT_HASH, /* struct crypto_report_hash */ CRYPTOCFGA_REPORT_BLKCIPHER, /* struct crypto_report_blkcipher */ CRYPTOCFGA_REPORT_AEAD, /* struct crypto_report_aead */ + CRYPTOCFGA_REPORT_COMPRESS, /* struct crypto_report_comp */ __CRYPTOCFGA_MAX #define CRYPTOCFGA_MAX (__CRYPTOCFGA_MAX - 1) @@ -81,3 +82,7 @@ struct crypto_report_aead { unsigned int maxauthsize; unsigned int ivsize; }; + +struct crypto_report_comp { + char type[CRYPTO_MAX_NAME]; +}; -- cgit v1.2.3 From 792608e9c215141fa4b870b7b2a23767a1ef12f4 Mon Sep 17 00:00:00 2001 From: Steffen Klassert Date: Tue, 27 Sep 2011 07:47:11 +0200 Subject: crypto: Add userspace report for rng type algorithms Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu --- crypto/rng.c | 20 ++++++++++++++++++++ include/linux/cryptouser.h | 6 ++++++ 2 files changed, 26 insertions(+) (limited to 'include/linux') diff --git a/crypto/rng.c b/crypto/rng.c index 45229ae782be..feb7de00f437 100644 --- a/crypto/rng.c +++ b/crypto/rng.c @@ -21,6 +21,8 @@ #include #include #include +#include +#include static DEFINE_MUTEX(crypto_default_rng_lock); struct crypto_rng *crypto_default_rng; @@ -58,6 +60,23 @@ static int crypto_init_rng_ops(struct crypto_tfm *tfm, u32 type, u32 mask) return 0; } +static int crypto_rng_report(struct sk_buff *skb, struct crypto_alg *alg) +{ + struct crypto_report_rng rrng; + + snprintf(rrng.type, CRYPTO_MAX_ALG_NAME, "%s", "rng"); + + rrng.seedsize = alg->cra_rng.seedsize; + + NLA_PUT(skb, CRYPTOCFGA_REPORT_RNG, + sizeof(struct crypto_report_rng), &rrng); + + return 0; + +nla_put_failure: + return -EMSGSIZE; +} + static void crypto_rng_show(struct seq_file *m, struct crypto_alg *alg) __attribute__ ((unused)); static void crypto_rng_show(struct seq_file *m, struct crypto_alg *alg) @@ -78,6 +97,7 @@ const struct crypto_type crypto_rng_type = { #ifdef CONFIG_PROC_FS .show = crypto_rng_show, #endif + .report = crypto_rng_report, }; EXPORT_SYMBOL_GPL(crypto_rng_type); diff --git a/include/linux/cryptouser.h b/include/linux/cryptouser.h index c8c1dfcb7cf2..ed8a40e8fb6b 100644 --- a/include/linux/cryptouser.h +++ b/include/linux/cryptouser.h @@ -41,6 +41,7 @@ enum crypto_attr_type_t { CRYPTOCFGA_REPORT_BLKCIPHER, /* struct crypto_report_blkcipher */ CRYPTOCFGA_REPORT_AEAD, /* struct crypto_report_aead */ CRYPTOCFGA_REPORT_COMPRESS, /* struct crypto_report_comp */ + CRYPTOCFGA_REPORT_RNG, /* struct crypto_report_rng */ __CRYPTOCFGA_MAX #define CRYPTOCFGA_MAX (__CRYPTOCFGA_MAX - 1) @@ -86,3 +87,8 @@ struct crypto_report_aead { struct crypto_report_comp { char type[CRYPTO_MAX_NAME]; }; + +struct crypto_report_rng { + char type[CRYPTO_MAX_NAME]; + unsigned int seedsize; +}; -- cgit v1.2.3 From 07a5fa4abd8b6965d4585d3b110f89bdf5612aff Mon Sep 17 00:00:00 2001 From: Steffen Klassert Date: Tue, 27 Sep 2011 07:48:01 +0200 Subject: crypto: Add userspace report for cipher type algorithms Signed-off-by: Steffen Klassert Signed-off-by: Herbert Xu --- crypto/crypto_user.c | 29 +++++++++++++++++++++++++++++ include/linux/cryptouser.h | 8 ++++++++ 2 files changed, 37 insertions(+) (limited to 'include/linux') diff --git a/crypto/crypto_user.c b/crypto/crypto_user.c index 8a0c5c6c6589..52459ae711a9 100644 --- a/crypto/crypto_user.c +++ b/crypto/crypto_user.c @@ -70,6 +70,25 @@ static struct crypto_alg *crypto_alg_match(struct crypto_user_alg *p, int exact) return alg; } +static int crypto_report_cipher(struct sk_buff *skb, struct crypto_alg *alg) +{ + struct crypto_report_cipher rcipher; + + snprintf(rcipher.type, CRYPTO_MAX_ALG_NAME, "%s", "cipher"); + + rcipher.blocksize = alg->cra_blocksize; + rcipher.min_keysize = alg->cra_cipher.cia_min_keysize; + rcipher.max_keysize = alg->cra_cipher.cia_max_keysize; + + NLA_PUT(skb, CRYPTOCFGA_REPORT_CIPHER, + sizeof(struct crypto_report_cipher), &rcipher); + + return 0; + +nla_put_failure: + return -EMSGSIZE; +} + static int crypto_report_one(struct crypto_alg *alg, struct crypto_user_alg *ualg, struct sk_buff *skb) { @@ -98,6 +117,16 @@ static int crypto_report_one(struct crypto_alg *alg, if (alg->cra_type && alg->cra_type->report) { if (alg->cra_type->report(skb, alg)) goto nla_put_failure; + + goto out; + } + + switch (alg->cra_flags & (CRYPTO_ALG_TYPE_MASK | CRYPTO_ALG_LARVAL)) { + case CRYPTO_ALG_TYPE_CIPHER: + if (crypto_report_cipher(skb, alg)) + goto nla_put_failure; + + break; } out: diff --git a/include/linux/cryptouser.h b/include/linux/cryptouser.h index ed8a40e8fb6b..532fb58f16bf 100644 --- a/include/linux/cryptouser.h +++ b/include/linux/cryptouser.h @@ -42,6 +42,7 @@ enum crypto_attr_type_t { CRYPTOCFGA_REPORT_AEAD, /* struct crypto_report_aead */ CRYPTOCFGA_REPORT_COMPRESS, /* struct crypto_report_comp */ CRYPTOCFGA_REPORT_RNG, /* struct crypto_report_rng */ + CRYPTOCFGA_REPORT_CIPHER, /* struct crypto_report_cipher */ __CRYPTOCFGA_MAX #define CRYPTOCFGA_MAX (__CRYPTOCFGA_MAX - 1) @@ -67,6 +68,13 @@ struct crypto_report_hash { unsigned int digestsize; }; +struct crypto_report_cipher { + char type[CRYPTO_MAX_ALG_NAME]; + unsigned int blocksize; + unsigned int min_keysize; + unsigned int max_keysize; +}; + struct crypto_report_blkcipher { char type[CRYPTO_MAX_NAME]; char geniv[CRYPTO_MAX_NAME]; -- cgit v1.2.3