Hi Ard,
On Thu, May 14, 2020 at 06:18:47PM +0200, Ard Biesheuvel wrote:
> The CrOS EC codec driver uses SHA-256 explicitly, and not in a
> performance critical manner, so there is really no point in using
> the dynamic SHASH crypto API here. Let's switch to the library API
> instead.
>
> Cc: Cheng-Yi Chiang <cychiang@xxxxxxxxxxxx>
> Cc: Enric Balletbo i Serra <enric.balletbo@xxxxxxxxxxxxx>
> Cc: Guenter Roeck <groeck@xxxxxxxxxxxx>
> Cc: Benson Leung <bleung@xxxxxxxxxxxx>
> Cc: Liam Girdwood <lgirdwood@xxxxxxxxx>
> Cc: Mark Brown <broonie@xxxxxxxxxx>
> Cc: Arnd Bergmann <arnd@xxxxxxxx>
> Cc: Eric Biggers <ebiggers@xxxxxxxxxx>
> Cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
> Signed-off-by: Ard Biesheuvel <ardb@xxxxxxxxxx>
> ---
> Looking at the code, I was wondering if the SHA-256 is really required
> here? It looks like it is using it as some kind of fingerprint to decide
> whether the provided file is identical to the one that has already been
> loaded. If this is the case, we should probably just use CRC32 instead.
>
> Also, do we really need to wipe the context struct? Is there any security
> sensitive data in there?
>
Adding Tzung-Bi Shih <tzungbi@xxxxxxxxxx> to help answer these, as these
were added as a part of his change here:
b6bc07d4360d ASoC: cros_ec_codec: support WoV
Thanks,
Benson
> sound/soc/codecs/Kconfig | 3 +--
> sound/soc/codecs/cros_ec_codec.c | 21 +++++---------------
> 2 files changed, 6 insertions(+), 18 deletions(-)
>
> diff --git a/sound/soc/codecs/Kconfig b/sound/soc/codecs/Kconfig
> index e6a0c5d05fa5..c7ce4cc658cf 100644
> --- a/sound/soc/codecs/Kconfig
> +++ b/sound/soc/codecs/Kconfig
> @@ -537,8 +537,7 @@ config SND_SOC_CQ0093VC
> config SND_SOC_CROS_EC_CODEC
> tristate "codec driver for ChromeOS EC"
> depends on CROS_EC
> - select CRYPTO
> - select CRYPTO_SHA256
> + select CRYPTO_LIB_SHA256
> help
> If you say yes here you will get support for the
> ChromeOS Embedded Controller's Audio Codec.
> diff --git a/sound/soc/codecs/cros_ec_codec.c b/sound/soc/codecs/cros_ec_codec.c
> index d3dc42aa6825..6bc02c485ab2 100644
> --- a/sound/soc/codecs/cros_ec_codec.c
> +++ b/sound/soc/codecs/cros_ec_codec.c
> @@ -107,24 +107,13 @@ static int send_ec_host_command(struct cros_ec_device *ec_dev, uint32_t cmd,
> static int calculate_sha256(struct cros_ec_codec_priv *priv,
> uint8_t *buf, uint32_t size, uint8_t *digest)
> {
> - struct crypto_shash *tfm;
> + struct sha256_state sctx;
>
> - tfm = crypto_alloc_shash("sha256", CRYPTO_ALG_TYPE_SHASH, 0);
> - if (IS_ERR(tfm)) {
> - dev_err(priv->dev, "can't alloc shash\n");
> - return PTR_ERR(tfm);
> - }
> -
> - {
> - SHASH_DESC_ON_STACK(desc, tfm);
> -
> - desc->tfm = tfm;
> -
> - crypto_shash_digest(desc, buf, size, digest);
> - shash_desc_zero(desc);
> - }
> + sha256_init(&sctx);
> + sha256_update(&sctx, buf, size);
> + sha256_final(&sctx, digest);
>
> - crypto_free_shash(tfm);
> + memzero_explicit(&sctx, sizeof(sctx));
>
> #ifdef DEBUG
> {
> --
> 2.17.1
>
--
Benson Leung
Staff Software Engineer
Chrome OS Kernel
Google Inc.
bleung@xxxxxxxxxx
Chromium OS Project
bleung@xxxxxxxxxxxx
Attachment:
signature.asc
Description: PGP signature
