I tested this patch and it's working fine. -- Regards, Marcelo On Wed, Nov 02, 2016 at 07:19:12AM +0800, Herbert Xu wrote: > Currently we manually filter out internal algorithms using a list > in testmgr. This is dangerous as internal algorithms cannot be > safely used even by testmgr. This patch ensures that they're never > processed by testmgr at all. > > This patch also removes an obsolete bypass for nivciphers which > no longer exist. > > Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> > --- > > crypto/algboss.c | 8 -- > crypto/testmgr.c | 153 +++---------------------------------------------------- > 2 files changed, 11 insertions(+), 150 deletions(-) > > diff --git a/crypto/algboss.c b/crypto/algboss.c > index 6e39d9c..ccb85e1 100644 > --- a/crypto/algboss.c > +++ b/crypto/algboss.c > @@ -247,12 +247,8 @@ static int cryptomgr_schedule_test(struct crypto_alg *alg) > memcpy(param->alg, alg->cra_name, sizeof(param->alg)); > type = alg->cra_flags; > > - /* This piece of crap needs to disappear into per-type test hooks. */ > - if (!((type ^ CRYPTO_ALG_TYPE_BLKCIPHER) & > - CRYPTO_ALG_TYPE_BLKCIPHER_MASK) && !(type & CRYPTO_ALG_GENIV) && > - ((alg->cra_flags & CRYPTO_ALG_TYPE_MASK) == > - CRYPTO_ALG_TYPE_BLKCIPHER ? alg->cra_blkcipher.ivsize : > - alg->cra_ablkcipher.ivsize)) > + /* Do not test internal algorithms. */ > + if (type & CRYPTO_ALG_INTERNAL) > type |= CRYPTO_ALG_TESTED; > > param->type = type; > diff --git a/crypto/testmgr.c b/crypto/testmgr.c > index ded50b6..6ac4696 100644 > --- a/crypto/testmgr.c > +++ b/crypto/testmgr.c > @@ -1625,7 +1625,7 @@ static int alg_test_aead(const struct alg_test_desc *desc, const char *driver, > struct crypto_aead *tfm; > int err = 0; > > - tfm = crypto_alloc_aead(driver, type | CRYPTO_ALG_INTERNAL, mask); > + tfm = crypto_alloc_aead(driver, type, mask); > if (IS_ERR(tfm)) { > printk(KERN_ERR "alg: aead: Failed to load transform for %s: " > "%ld\n", driver, PTR_ERR(tfm)); > @@ -1654,7 +1654,7 @@ static int alg_test_cipher(const struct alg_test_desc *desc, > struct crypto_cipher *tfm; > int err = 0; > > - tfm = crypto_alloc_cipher(driver, type | CRYPTO_ALG_INTERNAL, mask); > + tfm = crypto_alloc_cipher(driver, type, mask); > if (IS_ERR(tfm)) { > printk(KERN_ERR "alg: cipher: Failed to load transform for " > "%s: %ld\n", driver, PTR_ERR(tfm)); > @@ -1683,7 +1683,7 @@ static int alg_test_skcipher(const struct alg_test_desc *desc, > struct crypto_skcipher *tfm; > int err = 0; > > - tfm = crypto_alloc_skcipher(driver, type | CRYPTO_ALG_INTERNAL, mask); > + tfm = crypto_alloc_skcipher(driver, type, mask); > if (IS_ERR(tfm)) { > printk(KERN_ERR "alg: skcipher: Failed to load transform for " > "%s: %ld\n", driver, PTR_ERR(tfm)); > @@ -1750,7 +1750,7 @@ static int alg_test_hash(const struct alg_test_desc *desc, const char *driver, > struct crypto_ahash *tfm; > int err; > > - tfm = crypto_alloc_ahash(driver, type | CRYPTO_ALG_INTERNAL, mask); > + tfm = crypto_alloc_ahash(driver, type, mask); > if (IS_ERR(tfm)) { > printk(KERN_ERR "alg: hash: Failed to load transform for %s: " > "%ld\n", driver, PTR_ERR(tfm)); > @@ -1778,7 +1778,7 @@ static int alg_test_crc32c(const struct alg_test_desc *desc, > if (err) > goto out; > > - tfm = crypto_alloc_shash(driver, type | CRYPTO_ALG_INTERNAL, mask); > + tfm = crypto_alloc_shash(driver, type, mask); > if (IS_ERR(tfm)) { > printk(KERN_ERR "alg: crc32c: Failed to load transform for %s: " > "%ld\n", driver, PTR_ERR(tfm)); > @@ -1820,7 +1820,7 @@ static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver, > struct crypto_rng *rng; > int err; > > - rng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask); > + rng = crypto_alloc_rng(driver, type, mask); > if (IS_ERR(rng)) { > printk(KERN_ERR "alg: cprng: Failed to load transform for %s: " > "%ld\n", driver, PTR_ERR(rng)); > @@ -1847,7 +1847,7 @@ static int drbg_cavs_test(struct drbg_testvec *test, int pr, > if (!buf) > return -ENOMEM; > > - drng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask); > + drng = crypto_alloc_rng(driver, type, mask); > if (IS_ERR(drng)) { > printk(KERN_ERR "alg: drbg: could not allocate DRNG handle for " > "%s\n", driver); > @@ -2041,7 +2041,7 @@ static int alg_test_kpp(const struct alg_test_desc *desc, const char *driver, > struct crypto_kpp *tfm; > int err = 0; > > - tfm = crypto_alloc_kpp(driver, type | CRYPTO_ALG_INTERNAL, mask); > + tfm = crypto_alloc_kpp(driver, type, mask); > if (IS_ERR(tfm)) { > pr_err("alg: kpp: Failed to load tfm for %s: %ld\n", > driver, PTR_ERR(tfm)); > @@ -2200,7 +2200,7 @@ static int alg_test_akcipher(const struct alg_test_desc *desc, > struct crypto_akcipher *tfm; > int err = 0; > > - tfm = crypto_alloc_akcipher(driver, type | CRYPTO_ALG_INTERNAL, mask); > + tfm = crypto_alloc_akcipher(driver, type, mask); > if (IS_ERR(tfm)) { > pr_err("alg: akcipher: Failed to load tfm for %s: %ld\n", > driver, PTR_ERR(tfm)); > @@ -2223,88 +2223,6 @@ static int alg_test_null(const struct alg_test_desc *desc, > /* Please keep this list sorted by algorithm name. */ > static const struct alg_test_desc alg_test_descs[] = { > { > - .alg = "__cbc-cast5-avx", > - .test = alg_test_null, > - }, { > - .alg = "__cbc-cast6-avx", > - .test = alg_test_null, > - }, { > - .alg = "__cbc-serpent-avx", > - .test = alg_test_null, > - }, { > - .alg = "__cbc-serpent-avx2", > - .test = alg_test_null, > - }, { > - .alg = "__cbc-serpent-sse2", > - .test = alg_test_null, > - }, { > - .alg = "__cbc-twofish-avx", > - .test = alg_test_null, > - }, { > - .alg = "__driver-cbc-aes-aesni", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > - .alg = "__driver-cbc-camellia-aesni", > - .test = alg_test_null, > - }, { > - .alg = "__driver-cbc-camellia-aesni-avx2", > - .test = alg_test_null, > - }, { > - .alg = "__driver-cbc-cast5-avx", > - .test = alg_test_null, > - }, { > - .alg = "__driver-cbc-cast6-avx", > - .test = alg_test_null, > - }, { > - .alg = "__driver-cbc-serpent-avx", > - .test = alg_test_null, > - }, { > - .alg = "__driver-cbc-serpent-avx2", > - .test = alg_test_null, > - }, { > - .alg = "__driver-cbc-serpent-sse2", > - .test = alg_test_null, > - }, { > - .alg = "__driver-cbc-twofish-avx", > - .test = alg_test_null, > - }, { > - .alg = "__driver-ecb-aes-aesni", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > - .alg = "__driver-ecb-camellia-aesni", > - .test = alg_test_null, > - }, { > - .alg = "__driver-ecb-camellia-aesni-avx2", > - .test = alg_test_null, > - }, { > - .alg = "__driver-ecb-cast5-avx", > - .test = alg_test_null, > - }, { > - .alg = "__driver-ecb-cast6-avx", > - .test = alg_test_null, > - }, { > - .alg = "__driver-ecb-serpent-avx", > - .test = alg_test_null, > - }, { > - .alg = "__driver-ecb-serpent-avx2", > - .test = alg_test_null, > - }, { > - .alg = "__driver-ecb-serpent-sse2", > - .test = alg_test_null, > - }, { > - .alg = "__driver-ecb-twofish-avx", > - .test = alg_test_null, > - }, { > - .alg = "__driver-gcm-aes-aesni", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > - .alg = "__ghash-pclmulqdqni", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > .alg = "ansi_cprng", > .test = alg_test_cprng, > .suite = { > @@ -2791,55 +2709,6 @@ static int alg_test_null(const struct alg_test_desc *desc, > } > } > }, { > - .alg = "cryptd(__driver-cbc-aes-aesni)", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > - .alg = "cryptd(__driver-cbc-camellia-aesni)", > - .test = alg_test_null, > - }, { > - .alg = "cryptd(__driver-cbc-camellia-aesni-avx2)", > - .test = alg_test_null, > - }, { > - .alg = "cryptd(__driver-cbc-serpent-avx2)", > - .test = alg_test_null, > - }, { > - .alg = "cryptd(__driver-ecb-aes-aesni)", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > - .alg = "cryptd(__driver-ecb-camellia-aesni)", > - .test = alg_test_null, > - }, { > - .alg = "cryptd(__driver-ecb-camellia-aesni-avx2)", > - .test = alg_test_null, > - }, { > - .alg = "cryptd(__driver-ecb-cast5-avx)", > - .test = alg_test_null, > - }, { > - .alg = "cryptd(__driver-ecb-cast6-avx)", > - .test = alg_test_null, > - }, { > - .alg = "cryptd(__driver-ecb-serpent-avx)", > - .test = alg_test_null, > - }, { > - .alg = "cryptd(__driver-ecb-serpent-avx2)", > - .test = alg_test_null, > - }, { > - .alg = "cryptd(__driver-ecb-serpent-sse2)", > - .test = alg_test_null, > - }, { > - .alg = "cryptd(__driver-ecb-twofish-avx)", > - .test = alg_test_null, > - }, { > - .alg = "cryptd(__driver-gcm-aes-aesni)", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > - .alg = "cryptd(__ghash-pclmulqdqni)", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > .alg = "ctr(aes)", > .test = alg_test_skcipher, > .fips_allowed = 1, > @@ -3166,10 +3035,6 @@ static int alg_test_null(const struct alg_test_desc *desc, > .fips_allowed = 1, > .test = alg_test_null, > }, { > - .alg = "ecb(__aes-aesni)", > - .test = alg_test_null, > - .fips_allowed = 1, > - }, { > .alg = "ecb(aes)", > .test = alg_test_skcipher, > .fips_allowed = 1, > -- > To unsubscribe from this list: send the line "unsubscribe linux-crypto" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html
Attachment:
signature.asc
Description: PGP signature