Re: [PATCH] crypto: xts - use 'spawn' for underlying single-block cipher

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Eric Biggers <ebiggers@xxxxxxxxxx> wrote:
> From: Eric Biggers <ebiggers@xxxxxxxxxx>
> 
> Since commit adad556efcdd ("crypto: api - Fix built-in testing
> dependency failures"), the following warning appears when booting an
> x86_64 kernel that is configured with
> CONFIG_CRYPTO_MANAGER_EXTRA_TESTS=y and CONFIG_CRYPTO_AES_NI_INTEL=y,
> even when CONFIG_CRYPTO_XTS=y and CONFIG_CRYPTO_AES=y:
> 
>    alg: skcipher: skipping comparison tests for xts-aes-aesni because xts(ecb(aes-generic)) is unavailable
> 
> This is caused by an issue in the xts template where it allocates an
> "aes" single-block cipher without declaring a dependency on it via the
> crypto_spawn mechanism.  This issue was exposed by the above commit
> because it reversed the order that the algorithms are tested in.
> 
> Specifically, when "xts(ecb(aes-generic))" is instantiated and tested
> during the comparison tests for "xts-aes-aesni", the "xts" template
> allocates an "aes" crypto_cipher for encrypting tweaks.  This resolves
> to "aes-aesni".  (Getting "aes-aesni" instead of "aes-generic" here is a
> bit weird, but it's apparently intended.)  Due to the above-mentioned
> commit, the testing of "aes-aesni", and the finalization of its
> registration, now happens at this point instead of before.  At the end
> of that, crypto_remove_spawns() unregisters all algorithm instances that
> depend on a lower-priority "aes" implementation such as "aes-generic"
> but that do not depend on "aes-aesni".  However, because "xts" does not
> use the crypto_spawn mechanism for its "aes", its dependency on
> "aes-aesni" is not recognized by crypto_remove_spawns().  Thus,
> crypto_remove_spawns() unexpectedly unregisters "xts(ecb(aes-generic))".
> 
> Fix this issue by making the "xts" template use the crypto_spawn
> mechanism for its "aes" dependency, like what other templates do.
> 
> Note, this fix could be applied as far back as commit f1c131b45410
> ("crypto: xts - Convert to skcipher").  However, the issue only got
> exposed by the much more recent changes to how the crypto API runs the
> self-tests, so there should be no need to backport this to very old
> kernels.  Also, an alternative fix would be to flip the list iteration
> order in crypto_start_tests() to restore the original testing order.
> I'm thinking we should do that too, since the original order seems more
> natural, but it shouldn't be relied on for correctness.
> 
> Fixes: adad556efcdd ("crypto: api - Fix built-in testing dependency failures")
> Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>
> ---
> crypto/xts.c | 23 +++++++++++++++--------
> 1 file changed, 15 insertions(+), 8 deletions(-)

Patch applied.  Thanks.
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]
  Powered by Linux