On 02/01/2025 10:46, Harald Freudenberger wrote:
> - Add a little helper inline function
> crypto_tfm_alg_get_flags()
> to crypto.h to retrieve the alg flags.
> - Add key preparation code in case of selftest running
> to the phmac setkey function.
> - Add phmac selftest invocation to the crypto testmanager.
Can you please split this self-test enablement for phmac into a separate patch series.
> Signed-off-by: Harald Freudenberger <freude@xxxxxxxxxxxxx>
> ---
> arch/s390/crypto/phmac_s390.c | 144 ++++++++++++++++++++++++++++++++--
> crypto/testmgr.c | 30 +++++++
> include/linux/crypto.h | 5 ++
> 3 files changed, 174 insertions(+), 5 deletions(-)
>
> diff --git a/arch/s390/crypto/phmac_s390.c b/arch/s390/crypto/phmac_s390.c
> index b2b389e94a37..3d80168775ab 100644
> --- a/arch/s390/crypto/phmac_s390.c
> +++ b/arch/s390/crypto/phmac_s390.c
[...]
> @@ -687,10 +799,26 @@ static int s390_phmac_setkey(struct crypto_ahash *tfm,
> tfm_ctx->keylen = 0;
> }
>
> - tfm_ctx->key = kmemdup(key, keylen, GFP_ATOMIC);
> - if (!tfm_ctx->key)
> - return -ENOMEM;
> - tfm_ctx->keylen = keylen;
> + if (crypto_tfm_alg_get_flags(tfm_base) & CRYPTO_ALG_TESTED) {
> + /* no selftest: key is always a key token digestable by PKEY */
> + tfm_ctx->key = kmemdup(key, keylen, GFP_ATOMIC);
> + if (!tfm_ctx->key) {
> + rc = -ENOMEM;
> + goto out;
> + }
> + tfm_ctx->keylen = keylen;
> + } else {
> + /* selftest running: key is a raw hmac clear key */
> + tfm_ctx->keylen = sizeof(struct hmac_clrkey_token) + bs;
> + tfm_ctx->key = kzalloc(tfm_ctx->keylen, GFP_ATOMIC);
> + if (!tfm_ctx->key) {
> + rc = -ENOMEM;
> + goto out;
> + }
> + rc = make_clrkey_token(key, keylen, ds, tfm_ctx->key);
> + if (rc)
> + goto out;
> + }
I would prefer, if the conversion of the self-test clear-key is an additional code path and not a replacement. I know, that this might end up in an additional memory allocation, but I think it is worth to do so.
--
Mit freundlichen Grüßen / Kind regards
Holger Dengler
--
IBM Systems, Linux on IBM Z Development
dengler@xxxxxxxxxxxxx
