mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-09-18 22:14:16 +00:00
This push fixes a regression in ahash (broken fallback finup)
and reinstates a Kconfig option to control the extra self-tests. -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEn51F/lCuNhUwmDeSxycdCkmxi6cFAmhSgQIACgkQxycdCkmx i6eWig//aNg4YL30eTh41eTWTCiA1PLZpyOE2/Wz7q/Yg4M0Refn85A+tREm18q+ uwuZKAoFz8VaF0trqSQQ3PFzZaJWWRn0yLqeToxGyd7sY9kBh93FdQLub8wTxO0F qDPLnAR+Gt7VAGcYSjhyB/TCsJ5h6oRN87qMIr8g807SiIB6mHiuXxJAAKy1U7OD cXafp3HTkzUjgk/wbj7qSK6HJR3Cq3o/3JmsE/D7yvJRH1Bx7mNoiRpEX17CkgQX qVZmLj8lE4HzFpTLKBAY8sXlzxscN+rHnS5WUhTqWL1hAI2b52p1moJPzT9QM/Zb yI+x1DbO21Pvr4mZJ/hX18Y9VvTbea0hkD/wFD+hKJyQ9j70B8/bBeT/sOxKqDZn 0G1o9UyVTNdw4m2m/6lYJBgG0yiuD3hZID+Wjgq6lOsfoVBThU3CWq11NW98HQKz 0VUWztcG7JTqM1wUwwjlMXnm8+WKwiuYqYZCwBl8o0Ii29/Sm0pGMXtiDqmWFWLA a4FJNFxiKEfVA95yRuRPfEM7KMwRWdw2C9YGe6hk3kcUbfDYSJykUme/USFzz8X8 5lmwWESNggggQEw9BxUAILIzRZwsDhCakgRjd11JRbNjrNTwXIbP9+nv+LH91mPK zm5DJqyqSUVr2iXeQYYH/etyRsMX+dAuWPrFvvjuDBb8/fgEce4= =6/TP -----END PGP SIGNATURE----- Merge tag 'v6.16-p5' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto fixes from Herbert Xu: "This fixes a regression in ahash (broken fallback finup) and reinstates a Kconfig option to control the extra self-tests" * tag 'v6.16-p5' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: crypto: ahash - Fix infinite recursion in ahash_def_finup crypto: testmgr - reinstate kconfig control over full self-tests
This commit is contained in:
Linus Torvalds
commit
0fa5248255
5 changed files with 41 additions and 11 deletions
|
|
@ -176,16 +176,33 @@ config CRYPTO_USER
|
|||
|
||||
config CRYPTO_SELFTESTS
|
||||
bool "Enable cryptographic self-tests"
|
||||
depends on DEBUG_KERNEL
|
||||
depends on EXPERT
|
||||
help
|
||||
Enable the cryptographic self-tests.
|
||||
|
||||
The cryptographic self-tests run at boot time, or at algorithm
|
||||
registration time if algorithms are dynamically loaded later.
|
||||
|
||||
This is primarily intended for developer use. It should not be
|
||||
enabled in production kernels, unless you are trying to use these
|
||||
tests to fulfill a FIPS testing requirement.
|
||||
There are two main use cases for these tests:
|
||||
|
||||
- Development and pre-release testing. In this case, also enable
|
||||
CRYPTO_SELFTESTS_FULL to get the full set of tests. All crypto code
|
||||
in the kernel is expected to pass the full set of tests.
|
||||
|
||||
- Production kernels, to help prevent buggy drivers from being used
|
||||
and/or meet FIPS 140-3 pre-operational testing requirements. In
|
||||
this case, enable CRYPTO_SELFTESTS but not CRYPTO_SELFTESTS_FULL.
|
||||
|
||||
config CRYPTO_SELFTESTS_FULL
|
||||
bool "Enable the full set of cryptographic self-tests"
|
||||
depends on CRYPTO_SELFTESTS
|
||||
help
|
||||
Enable the full set of cryptographic self-tests for each algorithm.
|
||||
|
||||
The full set of tests should be enabled for development and
|
||||
pre-release testing, but not in production kernels.
|
||||
|
||||
All crypto code in the kernel is expected to pass the full tests.
|
||||
|
||||
config CRYPTO_NULL
|
||||
tristate "Null algorithms"
|
||||
|
|
|
|||
|
|
@ -600,12 +600,14 @@ static void ahash_def_finup_done2(void *data, int err)
|
|||
|
||||
static int ahash_def_finup_finish1(struct ahash_request *req, int err)
|
||||
{
|
||||
struct crypto_ahash *tfm = crypto_ahash_reqtfm(req);
|
||||
|
||||
if (err)
|
||||
goto out;
|
||||
|
||||
req->base.complete = ahash_def_finup_done2;
|
||||
|
||||
err = crypto_ahash_final(req);
|
||||
err = crypto_ahash_alg(tfm)->final(req);
|
||||
if (err == -EINPROGRESS || err == -EBUSY)
|
||||
return err;
|
||||
|
||||
|
|
|
|||
|
|
@ -45,6 +45,7 @@ static bool notests;
|
|||
module_param(notests, bool, 0644);
|
||||
MODULE_PARM_DESC(notests, "disable all crypto self-tests");
|
||||
|
||||
#ifdef CONFIG_CRYPTO_SELFTESTS_FULL
|
||||
static bool noslowtests;
|
||||
module_param(noslowtests, bool, 0644);
|
||||
MODULE_PARM_DESC(noslowtests, "disable slow crypto self-tests");
|
||||
|
|
@ -52,6 +53,10 @@ MODULE_PARM_DESC(noslowtests, "disable slow crypto self-tests");
|
|||
static unsigned int fuzz_iterations = 100;
|
||||
module_param(fuzz_iterations, uint, 0644);
|
||||
MODULE_PARM_DESC(fuzz_iterations, "number of fuzz test iterations");
|
||||
#else
|
||||
#define noslowtests 1
|
||||
#define fuzz_iterations 0
|
||||
#endif
|
||||
|
||||
#ifndef CONFIG_CRYPTO_SELFTESTS
|
||||
|
||||
|
|
@ -319,9 +324,9 @@ struct testvec_config {
|
|||
|
||||
/*
|
||||
* The following are the lists of testvec_configs to test for each algorithm
|
||||
* type when the fast crypto self-tests are enabled. They aim to provide good
|
||||
* test coverage, while keeping the test time much shorter than the full tests
|
||||
* so that the fast tests can be used to fulfill FIPS 140 testing requirements.
|
||||
* type when the "fast" crypto self-tests are enabled. They aim to provide good
|
||||
* test coverage, while keeping the test time much shorter than the "full" tests
|
||||
* so that the "fast" tests can be enabled in a wider range of circumstances.
|
||||
*/
|
||||
|
||||
/* Configs for skciphers and aeads */
|
||||
|
|
@ -1183,14 +1188,18 @@ static void generate_random_testvec_config(struct rnd_state *rng,
|
|||
|
||||
static void crypto_disable_simd_for_test(void)
|
||||
{
|
||||
#ifdef CONFIG_CRYPTO_SELFTESTS_FULL
|
||||
migrate_disable();
|
||||
__this_cpu_write(crypto_simd_disabled_for_test, true);
|
||||
#endif
|
||||
}
|
||||
|
||||
static void crypto_reenable_simd_for_test(void)
|
||||
{
|
||||
#ifdef CONFIG_CRYPTO_SELFTESTS_FULL
|
||||
__this_cpu_write(crypto_simd_disabled_for_test, false);
|
||||
migrate_enable();
|
||||
#endif
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -44,9 +44,11 @@ void simd_unregister_aeads(struct aead_alg *algs, int count,
|
|||
*
|
||||
* This delegates to may_use_simd(), except that this also returns false if SIMD
|
||||
* in crypto code has been temporarily disabled on this CPU by the crypto
|
||||
* self-tests, in order to test the no-SIMD fallback code.
|
||||
* self-tests, in order to test the no-SIMD fallback code. This override is
|
||||
* currently limited to configurations where the "full" self-tests are enabled,
|
||||
* because it might be a bit too invasive to be part of the "fast" self-tests.
|
||||
*/
|
||||
#ifdef CONFIG_CRYPTO_SELFTESTS
|
||||
#ifdef CONFIG_CRYPTO_SELFTESTS_FULL
|
||||
DECLARE_PER_CPU(bool, crypto_simd_disabled_for_test);
|
||||
#define crypto_simd_usable() \
|
||||
(may_use_simd() && !this_cpu_read(crypto_simd_disabled_for_test))
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ libsha256-generic-y := sha256-generic.o
|
|||
|
||||
obj-$(CONFIG_MPILIB) += mpi/
|
||||
|
||||
obj-$(CONFIG_CRYPTO_SELFTESTS) += simd.o
|
||||
obj-$(CONFIG_CRYPTO_SELFTESTS_FULL) += simd.o
|
||||
|
||||
obj-$(CONFIG_CRYPTO_LIB_SM3) += libsm3.o
|
||||
libsm3-y := sm3.o
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue