[lustre-devel] [PATCH 088/151] lnet: libcfs: call proper crypto algo when keys are passed in
James Simmons
jsimmons at infradead.org
Mon Sep 30 11:55:47 PDT 2019
In most cases keys are not passed to cfs_crypto_hash_alloc()
but if they are then crypto_ahash_setkey() will fail. Keys
are only handled by the hmac version of the algorithm requested.
If a key is passed into cfs_crypto_hash_alloc() then we should
request the hmac version of the algorithm when calling
crypto_alloc_ahash().
WC-bug-id: https://jira.whamcloud.com/browse/LU-8602
Lustre-commit: 53e967746f37 ("LU-8602 libcfs: call proper crypto algo when keys are passed in")
Signed-off-by: James Simmons <uja.ornl at yahoo.com>
Reviewed-on: https://review.whamcloud.com/25199
Reviewed-by: Sebastien Buisson <sbuisson at ddn.com>
Reviewed-by: Alexandr Boyko <c17825 at cray.com>
Reviewed-by: Oleg Drokin <green at whamcloud.com>
Signed-off-by: James Simmons <jsimmons at infradead.org>
---
net/lnet/libcfs/linux-crypto.c | 31 +++++++++++++++++++++----------
1 file changed, 21 insertions(+), 10 deletions(-)
diff --git a/net/lnet/libcfs/linux-crypto.c b/net/lnet/libcfs/linux-crypto.c
index 1c96dc6..53285c2 100644
--- a/net/lnet/libcfs/linux-crypto.c
+++ b/net/lnet/libcfs/linux-crypto.c
@@ -70,14 +70,27 @@ static int cfs_crypto_hash_alloc(enum cfs_crypto_hash_alg hash_alg,
int err = 0;
*type = cfs_crypto_hash_type(hash_alg);
-
if (!*type) {
CWARN("Unsupported hash algorithm id = %d, max id is %d\n",
hash_alg, CFS_HASH_ALG_MAX);
return -EINVAL;
}
- tfm = crypto_alloc_ahash((*type)->cht_name, 0, CRYPTO_ALG_ASYNC);
+ /* Keys are only supported for the hmac version */
+ if (key && key_len > 0) {
+ char *algo_name;
+
+ algo_name = kasprintf(GFP_KERNEL, "hmac(%s)",
+ (*type)->cht_name);
+ if (!algo_name)
+ return -ENOMEM;
+
+ tfm = crypto_alloc_ahash(algo_name, 0, CRYPTO_ALG_ASYNC);
+ kfree(algo_name);
+ } else {
+ tfm = crypto_alloc_ahash((*type)->cht_name, 0,
+ CRYPTO_ALG_ASYNC);
+ }
if (IS_ERR(tfm)) {
CDEBUG(D_INFO, "Failed to alloc crypto hash %s\n",
(*type)->cht_name);
@@ -88,8 +101,8 @@ static int cfs_crypto_hash_alloc(enum cfs_crypto_hash_alg hash_alg,
if (!*req) {
CDEBUG(D_INFO, "Failed to alloc ahash_request for %s\n",
(*type)->cht_name);
- crypto_free_ahash(tfm);
- return -ENOMEM;
+ err = -ENOMEM;
+ goto out_free_tfm;
}
ahash_request_set_callback(*req, 0, NULL, NULL);
@@ -100,12 +113,8 @@ static int cfs_crypto_hash_alloc(enum cfs_crypto_hash_alg hash_alg,
err = crypto_ahash_setkey(tfm,
(unsigned char *)&((*type)->cht_key),
(*type)->cht_size);
-
- if (err) {
- ahash_request_free(*req);
- crypto_free_ahash(tfm);
- return err;
- }
+ if (err)
+ goto out_free_req;
CDEBUG(D_INFO, "Using crypto hash: %s (%s) speed %d MB/s\n",
crypto_ahash_alg_name(tfm), crypto_ahash_driver_name(tfm),
@@ -113,7 +122,9 @@ static int cfs_crypto_hash_alloc(enum cfs_crypto_hash_alg hash_alg,
err = crypto_ahash_init(*req);
if (err) {
+out_free_req:
ahash_request_free(*req);
+out_free_tfm:
crypto_free_ahash(tfm);
}
return err;
--
1.8.3.1
More information about the lustre-devel
mailing list