R0dn3yS/android_kernel_xiaomi_sm7250
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
lineage-20.0
android_kernel_xiaomi_sm7250/crypto/authenc.c
UtsavBalar1231 0074f618ea Merge remote-tracking branch 'aosp/android-4.19-stable' into android12-base 
* aosp/android-4.19-stable:
  ANDROID: GKI: fix crc issue with commit 6281beee5b ("block: don't merge across cgroup boundaries if blkcg is enabled")
  Revert "PCI: Reduce warnings on possible RW1C corruption"
  Linux 4.19.238
  drm/amdkfd: Use drm_priv to pass VM from KFD to amdgpu
  drm/amdgpu: Check if fd really is an amdgpu fd.
  xfrm: policy: match with both mark and mask on user interfaces
  selftests: cgroup: Test open-time cgroup namespace usage for migration checks
  selftests: cgroup: Test open-time credential usage for migration checks
  selftests: cgroup: Make cg_create() use 0755 for permission instead of 0644
  cgroup: Use open-time cgroup namespace for process migration perm checks
  cgroup: Allocate cgroup_file_ctx for kernfs_open_file->priv
  cgroup: Use open-time credentials for process migraton perm checks
  mm/sparsemem: fix 'mem_section' will never be NULL gcc 12 warning
  arm64: module: remove (NOLOAD) from linker script
  mm: don't skip swap entry even if zap_details specified
  dmaengine: Revert "dmaengine: shdma: Fix runtime PM imbalance on error"
  tools build: Use $(shell ) instead of `` to get embedded libperl's ccopts
  tools build: Filter out options and warnings not supported by clang
  irqchip/gic-v3: Fix GICR_CTLR.RWP polling
  perf: qcom_l2_pmu: fix an incorrect NULL check on list iterator
  ata: sata_dwc_460ex: Fix crash due to OOB write
  arm64: patch_text: Fixup last cpu should be master
  btrfs: fix qgroup reserve overflow the qgroup limit
  x86/speculation: Restore speculation related MSRs during S3 resume
  x86/pm: Save the MSR validity status at context setup
  mm/mempolicy: fix mpol_new leak in shared_policy_replace
  mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0)
  mmc: renesas_sdhi: don't overwrite TAP settings when HS400 tuning is complete
  Revert "mmc: sdhci-xenon: fix annoying 1.8V regulator warning"
  drbd: Fix five use after free bugs in get_initial_state
  spi: bcm-qspi: fix MSPI only access with bcm_qspi_exec_mem_op()
  qede: confirm skb is allocated before using
  rxrpc: fix a race in rxrpc_exit_net()
  net: openvswitch: don't send internal clone attribute to the userspace.
  drm/imx: Fix memory leak in imx_pd_connector_get_modes
  net: stmmac: Fix unset max_speed difference between DT and non-DT platforms
  scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one()
  Drivers: hv: vmbus: Fix potential crash on module unload
  drm/amdgpu: fix off by one in amdgpu_gfx_kiq_acquire()
  KVM: arm64: Check arm64_get_bp_hardening_data() didn't return NULL
  mm: fix race between MADV_FREE reclaim and blkdev direct IO read
  net: add missing SOF_TIMESTAMPING_OPT_ID support
  parisc: Fix CPU affinity for Lasi, WAX and Dino chips
  jfs: prevent NULL deref in diFree
  virtio_console: eliminate anonymous module_init & module_exit
  serial: samsung_tty: do not unlock port->lock for uart_write_wakeup()
  NFS: swap-out must always use STABLE writes.
  NFS: swap IO handling is slightly different for O_DIRECT IO
  SUNRPC/call_alloc: async tasks mustn't block waiting for memory
  clk: Enforce that disjoints limits are invalid
  xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32
  NFSv4: Protect the state recovery thread against direct reclaim
  w1: w1_therm: fixes w1_seq for ds28ea00 sensors
  minix: fix bug when opening a file with O_DIRECT
  init/main.c: return 1 from handled __setup() functions
  Bluetooth: Fix use after free in hci_send_acl
  xtensa: fix DTC warning unit_address_format
  usb: dwc3: omap: fix "unbalanced disables for smps10_out1" on omap5evm
  scsi: libfc: Fix use after free in fc_exch_abts_resp()
  MIPS: fix fortify panic when copying asm exception handlers
  bnxt_en: Eliminate unintended link toggle during FW reset
  macvtap: advertise link netns via netlink
  net/smc: correct settings of RMB window update limit
  scsi: aha152x: Fix aha152x_setup() __setup handler return value
  scsi: pm8001: Fix pm8001_mpi_task_abort_resp()
  drm/amdkfd: make CRAT table missing message informational only
  dm ioctl: prevent potential spectre v1 gadget
  ipv4: Invalidate neighbour for broadcast address upon address addition
  PCI: pciehp: Add Qualcomm quirk for Command Completed erratum
  usb: ehci: add pci device support for Aspeed platforms
  iommu/arm-smmu-v3: fix event handling soft lockup
  PCI: aardvark: Fix support for MSI interrupts
  powerpc: Set crashkernel offset to mid of RMA region
  power: supply: axp20x_battery: properly report current when discharging
  scsi: bfa: Replace snprintf() with sysfs_emit()
  scsi: mvsas: Replace snprintf() with sysfs_emit()
  powerpc: dts: t104xrdb: fix phy type for FMAN 4/5
  ptp: replace snprintf with sysfs_emit
  drm/amd/amdgpu/amdgpu_cs: fix refcount leak of a dma_fence obj
  ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111
  drm: Add orientation quirk for GPD Win Max
  KVM: x86/svm: Clear reserved bits written to PerfEvtSeln MSRs
  ARM: 9187/1: JIVE: fix return value of __setup handler
  riscv module: remove (NOLOAD)
  rtc: wm8350: Handle error for wm8350_register_irq
  ubifs: Rectify space amount budget for mkdir/tmpfile operations
  KVM: x86: Forbid VMM to set SYNIC/STIMER MSRs when SynIC wasn't activated
  openvswitch: Fixed nd target mask field in the flow dump.
  um: Fix uml_mconsole stop/go
  ARM: dts: spear13xx: Update SPI dma properties
  ARM: dts: spear1340: Update serial node properties
  ASoC: topology: Allow TLV control to be either read or write
  ubi: fastmap: Return error code if memory allocation fails in add_aeb()
  bpf: Fix comment for helper bpf_current_task_under_cgroup()
  mm/usercopy: return 1 from hardened_usercopy __setup() handler
  mm/memcontrol: return 1 from cgroup.memory __setup() handler
  mm/mmap: return 1 from stack_guard_gap __setup() handler
  ACPI: CPPC: Avoid out of bounds access when parsing _CPC data
  ubi: Fix race condition between ctrl_cdev_ioctl and ubi_cdev_ioctl
  pinctrl: pinconf-generic: Print arguments for bias-pull-*
  gfs2: Make sure FITRIM minlen is rounded up to fs block size
  can: mcba_usb: properly check endpoint type
  can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path
  ubifs: rename_whiteout: correct old_dir size computing
  ubifs: Fix read out-of-bounds in ubifs_wbuf_write_nolock()
  ubifs: setflags: Make dirtied_ino_d 8 bytes aligned
  ubifs: Add missing iput if do_tmpfile() failed in rename whiteout
  ubifs: Fix deadlock in concurrent rename whiteout and inode writeback
  ubifs: rename_whiteout: Fix double free for whiteout_ui->data
  KVM: x86: fix sending PV IPI
  KVM: Prevent module exit until all VMs are freed
  scsi: qla2xxx: Use correct feature type field during RFF_ID processing
  scsi: qla2xxx: Reduce false trigger to login
  scsi: qla2xxx: Fix hang due to session stuck
  scsi: qla2xxx: Fix incorrect reporting of task management failure
  scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair()
  scsi: qla2xxx: Check for firmware dump already collected
  scsi: qla2xxx: Fix warning for missing error code
  scsi: qla2xxx: Fix stuck session in gpdb
  powerpc: Fix build errors with newer binutils
  powerpc/lib/sstep: Fix build errors with newer binutils
  powerpc/lib/sstep: Fix 'sthcx' instruction
  mmc: host: Return an error when ->enable_sdio_irq() ops is missing
  media: hdpvr: initialize dev->worker at hdpvr_register_videodev
  media: Revert "media: em28xx: add missing em28xx_close_extension"
  video: fbdev: sm712fb: Fix crash in smtcfb_write()
  ARM: mmp: Fix failure to remove sram device
  ARM: tegra: tamonten: Fix I2C3 pad setting
  media: cx88-mpeg: clear interrupt status register before streaming video
  ASoC: soc-core: skip zero num_dai component in searching dai name
  video: fbdev: udlfb: replace snprintf in show functions with sysfs_emit
  video: fbdev: omapfb: panel-tpo-td043mtea1: Use sysfs_emit() instead of snprintf()
  video: fbdev: omapfb: panel-dsi-cm: Use sysfs_emit() instead of snprintf()
  ARM: dts: bcm2837: Add the missing L1/L2 cache information
  ARM: dts: qcom: fix gic_irq_domain_translate warnings for msm8960
  video: fbdev: omapfb: acx565akm: replace snprintf with sysfs_emit
  video: fbdev: cirrusfb: check pixclock to avoid divide by zero
  video: fbdev: w100fb: Reset global state
  video: fbdev: nvidiafb: Use strscpy() to prevent buffer overflow
  ntfs: add sanity check on allocation size
  ext4: don't BUG if someone dirty pages without asking ext4 first
  spi: tegra20: Use of_device_get_match_data()
  PM: core: keep irq flags in device_pm_check_callbacks()
  ACPI/APEI: Limit printable size of BERT table data
  Revert "Revert "block, bfq: honor already-setup queue merges""
  lib/raid6/test/Makefile: Use $(pound) instead of \# for Make 4.3
  ACPICA: Avoid walking the ACPI Namespace if it is not there
  bfq: fix use-after-free in bfq_dispatch_request
  irqchip/nvic: Release nvic_base upon failure
  irqchip/qcom-pdc: Fix broken locking
  Fix incorrect type in assignment of ipv6 port for audit
  loop: use sysfs_emit() in the sysfs xxx show()
  selinux: use correct type for context length
  lib/test: use after free in register_test_dev_kmod()
  NFSv4/pNFS: Fix another issue with a list iterator pointing to the head
  net/x25: Fix null-ptr-deref caused by x25_disconnect
  qlcnic: dcb: default to returning -EOPNOTSUPP
  net: phy: broadcom: Fix brcm_fet_config_init()
  xen: fix is_xen_pmu()
  clk: qcom: gcc-msm8994: Fix gpll4 width
  netfilter: nf_conntrack_tcp: preserve liberal flag in tcp options
  jfs: fix divide error in dbNextAG
  kgdbts: fix return value of __setup handler
  kgdboc: fix return value of __setup handler
  tty: hvc: fix return value of __setup handler
  pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe
  pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe
  pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init
  NFS: remove unneeded check in decode_devicenotify_args()
  clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver
  clk: clps711x: Terminate clk_div_table with sentinel element
  clk: loongson1: Terminate clk_div_table with sentinel element
  clk: actions: Terminate clk_div_table with sentinel element
  remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region
  clk: qcom: clk-rcg2: Update the frac table for pixel clock
  dma-debug: fix return value of __setup handlers
  iio: adc: Add check for devm_request_threaded_irq
  serial: 8250: Fix race condition in RTS-after-send handling
  serial: 8250_mid: Balance reference count for PCI DMA device
  clk: qcom: ipq8074: Use floor ops for SDCC1 clock
  staging:iio:adc:ad7280a: Fix handing of device address bit reversing.
  pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add()
  mxser: fix xmit_buf leak in activate when LSR == 0xff
  mfd: asic3: Add missing iounmap() on error asic3_mfd_probe
  tcp: ensure PMTU updates are processed during fastopen
  selftests/bpf/test_lirc_mode2.sh: Exit with proper code
  i2c: mux: demux-pinctrl: do not deactivate a master that is not active
  af_netlink: Fix shift out of bounds in group mask calculation
  USB: storage: ums-realtek: fix error code in rts51x_read_mem()
  mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init
  MIPS: RB532: fix return value of __setup handler
  vxcan: enable local echo for sent CAN frames
  mfd: mc13xxx: Add check for mc13xxx_irq_request
  powerpc/sysdev: fix incorrect use to determine if list is empty
  PCI: Reduce warnings on possible RW1C corruption
  power: supply: wm8350-power: Add missing free in free_charger_irq
  power: supply: wm8350-power: Handle error for wm8350_register_irq
  i2c: xiic: Make bus names unique
  hv_balloon: rate-limit "Unhandled message" warning
  KVM: x86/emulator: Defer not-present segment check in __load_segment_descriptor()
  KVM: x86: Fix emulation in writing cr8
  powerpc/Makefile: Don't pass -mcpu=powerpc64 when building 32-bit
  drm/bridge: cdns-dsi: Make sure to to create proper aliases for dt
  power: supply: bq24190_charger: Fix bq24190_vbus_is_enabled() wrong false return
  drm/tegra: Fix reference leak in tegra_dsi_ganged_probe
  ext2: correct max file size computing
  TOMOYO: fix __setup handlers return values
  scsi: pm8001: Fix abort all task initialization
  scsi: pm8001: Fix payload initialization in pm80xx_set_thermal_config()
  scsi: pm8001: Fix command initialization in pm8001_chip_ssp_tm_req()
  scsi: pm8001: Fix command initialization in pm80XX_send_read_log()
  dm crypt: fix get_key_size compiler warning if !CONFIG_KEYS
  iwlwifi: Fix -EIO error code that is never returned
  HID: i2c-hid: fix GET/SET_REPORT for unnumbered reports
  power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init
  ray_cs: Check ioremap return value
  power: reset: gemini-poweroff: Fix IRQ check in gemini_poweroff_probe
  KVM: PPC: Fix vmx/vsx mixup in mmio emulation
  ath9k_htc: fix uninit value bugs
  drm/amd/display: Fix a NULL pointer dereference in amdgpu_dm_connector_add_common_modes()
  drm/edid: Don't clear formats if using deep color
  mtd: onenand: Check for error irq
  Bluetooth: hci_serdev: call init_rwsem() before p->open()
  ath10k: fix memory overwrite of the WoWLAN wakeup packet pattern
  drm/bridge: Fix free wrong object in sii8620_init_rcp_input_dev
  mmc: davinci_mmc: Handle error for clk_enable
  ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe
  ASoC: imx-es8328: Fix error return code in imx_es8328_probe()
  ASoC: mxs: Fix error handling in mxs_sgtl5000_probe
  ASoC: dmaengine: do not use a NULL prepare_slave_config() callback
  video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of
  ASoC: fsi: Add check for clk_enable
  ASoC: wm8350: Handle error for wm8350_register_irq
  ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe
  media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED
  ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction
  memory: emif: check the pointer temp in get_device_details()
  memory: emif: Add check for setup_interrupts
  ASoC: atmel_ssc_dai: Handle errors for clk_enable
  ASoC: mxs-saif: Handle errors for clk_enable
  printk: fix return value of printk.devkmsg __setup handler
  arm64: dts: broadcom: Fix sata nodename
  arm64: dts: ns2: Fix spi-cpol and spi-cpha property
  ALSA: spi: Add check for clk_enable()
  ASoC: ti: davinci-i2s: Add check for clk_enable()
  ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp()
  media: usb: go7007: s2250-board: fix leak in probe()
  media: em28xx: initialize refcount before kref_get
  soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe
  ARM: dts: qcom: ipq4019: fix sleep clock
  video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name()
  video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe()
  media: coda: Fix missing put_device() call in coda_get_vdoa_data
  perf/x86/intel/pt: Fix address filter config for 32-bit kernel
  perf/core: Fix address filter parser for multiple filters
  sched/debug: Remove mpol_get/put and task_lock/unlock from sched_show_numa
  clocksource: acpi_pm: fix return value of __setup handler
  hwmon: (pmbus) Add Vin unit off handling
  crypto: ccp - ccp_dmaengine_unregister release dma channels
  ACPI: APEI: fix return value of __setup handlers
  clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init()
  crypto: vmx - add missing dependencies
  hwrng: atmel - disable trng on failure path
  PM: suspend: fix return value of __setup handler
  PM: hibernate: fix __setup handler error handling
  block: don't delete queue kobject before its children
  hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING
  hwmon: (pmbus) Add mutex to regulator ops
  spi: pxa2xx-pci: Balance reference count for PCI DMA device
  selftests/x86: Add validity check and allow field splitting
  spi: tegra114: Add missing IRQ check in tegra_spi_probe
  crypto: mxs-dcp - Fix scatterlist processing
  crypto: authenc - Fix sleep in atomic context in decrypt_tail
  regulator: qcom_smd: fix for_each_child.cocci warnings
  PCI: pciehp: Clear cmd_busy bit in polling mode
  brcmfmac: pcie: Replace brcmf_pcie_copy_mem_todev with memcpy_toio
  brcmfmac: firmware: Allocate space for default boardrev in nvram
  media: davinci: vpif: fix unbalanced runtime PM get
  DEC: Limit PMAX memory probing to R3k systems
  lib/raid6/test: fix multiple definition linking error
  thermal: int340x: Increase bitmap size
  carl9170: fix missing bit-wise or operator for tx_params
  ARM: dts: exynos: add missing HDMI supplies on SMDK5420
  ARM: dts: exynos: add missing HDMI supplies on SMDK5250
  ARM: dts: exynos: fix UART3 pins configuration in Exynos5250
  ARM: dts: at91: sama5d2: Fix PMERRLOC resource size
  video: fbdev: atari: Atari 2 bpp (STe) palette bugfix
  video: fbdev: sm712fb: Fix crash in smtcfb_read()
  drm/edid: check basic audio support on CEA extension block
  block: don't merge across cgroup boundaries if blkcg is enabled
  drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
  ACPI: properties: Consistently return -ENOENT if there are no more references
  powerpc/kvm: Fix kvm_use_magic_page
  drbd: fix potential silent data corruption
  mm,hwpoison: unmap poisoned page before invalidation
  ALSA: hda/realtek: Fix audio regression on Mi Notebook Pro 2020
  ALSA: cs4236: fix an incorrect NULL check on list iterator
  Revert "Input: clear BTN_RIGHT/MIDDLE on buttonpads"
  qed: validate and restrict untrusted VFs vlan promisc mode
  qed: display VF trust config
  scsi: libsas: Fix sas_ata_qc_issue() handling of NCQ NON DATA commands
  mempolicy: mbind_range() set_policy() after vma_merge()
  mm: invalidate hwpoison page cache page in fault path
  mm/pages_alloc.c: don't create ZONE_MOVABLE beyond the end of a node
  jffs2: fix memory leak in jffs2_scan_medium
  jffs2: fix memory leak in jffs2_do_mount_fs
  jffs2: fix use-after-free in jffs2_clear_xattr_subsystem
  can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
  pinctrl: samsung: drop pin banks references on error paths
  f2fs: fix to unlock page correctly in error path of is_alive()
  NFSD: prevent integer overflow on 32 bit systems
  NFSD: prevent underflow in nfssvc_decode_writeargs()
  SUNRPC: avoid race between mod_timer() and del_timer_sync()
  Documentation: update stable tree link
  Documentation: add link to stable release candidate tree
  ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
  clk: uniphier: Fix fixed-rate initialization
  iio: inkern: make a best effort on offset calculation
  iio: inkern: apply consumer scale when no channel scale is available
  iio: inkern: apply consumer scale on IIO_VAL_INT cases
  iio: afe: rescale: use s64 for temporary scale calculations
  coresight: Fix TRCCONFIGR.QE sysfs interface
  xhci: make xhci_handshake timeout for xhci_reset() adjustable
  USB: usb-storage: Fix use of bitfields for hardware data in ene_ub6250.c
  virtio-blk: Use blk_validate_block_size() to validate block size
  block: Add a helper to validate the block size
  tpm: fix reference counting for struct tpm_chip
  fuse: fix pipe buffer lifetime for direct_io
  af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register
  spi: Fix erroneous sgs value with min_t()
  net:mcf8390: Use platform_get_irq() to get the interrupt
  spi: Fix invalid sgs value
  ethernet: sun: Free the coherent when failing in probing
  virtio_console: break out of buf poll on remove
  xfrm: fix tunnel model fragmentation behavior
  netdevice: add the case if dev is NULL
  USB: serial: simple: add Nokia phone driver
  USB: serial: pl2303: add IBM device IDs
  ANDROID: incremental-fs: limit mount stack depth
  UPSTREAM: binderfs: use __u32 for device numbers

Change-Id: I9b0e91bd0ad82b16888f9f7063ce346d520018f9
Signed-off-by: UtsavBalar1231 <utsavbalar1231@gmail.com>

Conflicts:
	drivers/irqchip/irq-gic-v3.c
	drivers/irqchip/qcom-pdc.c
	drivers/mmc/core/host.c
	drivers/usb/host/xhci.c
	drivers/usb/host/xhci.h
2022-04-20 19:50:03 +05:30

517 lines
14 KiB
C
Raw Permalink Blame History

/*
* Authenc: Simple AEAD wrapper for IPsec
*
* Copyright (c) 2007-2015 Herbert Xu <herbert@gondor.apana.org.au>
*
* This program is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
*/
#include <crypto/internal/aead.h>
#include <crypto/internal/hash.h>
#include <crypto/internal/skcipher.h>
#include <crypto/authenc.h>
#include <crypto/null.h>
#include <crypto/scatterwalk.h>
#include <linux/err.h>
#include <linux/init.h>
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/rtnetlink.h>
#include <linux/slab.h>
#include <linux/spinlock.h>
struct authenc_instance_ctx {
struct crypto_ahash_spawn auth;
struct crypto_skcipher_spawn enc;
unsigned int reqoff;
};
struct crypto_authenc_ctx {
struct crypto_ahash *auth;
struct crypto_skcipher *enc;
struct crypto_sync_skcipher *null;
};
struct authenc_request_ctx {
struct scatterlist src[2];
struct scatterlist dst[2];
char tail[];
};
static void authenc_request_complete(struct aead_request *req, int err)
{
if (err != -EINPROGRESS)
aead_request_complete(req, err);
}
int crypto_authenc_extractkeys(struct crypto_authenc_keys *keys, const u8 *key,
unsigned int keylen)
{
struct rtattr *rta = (struct rtattr *)key;
struct crypto_authenc_key_param *param;
if (!RTA_OK(rta, keylen))
return -EINVAL;
if (rta->rta_type != CRYPTO_AUTHENC_KEYA_PARAM)
return -EINVAL;
/*
* RTA_OK() didn't align the rtattr's payload when validating that it
* fits in the buffer. Yet, the keys should start on the next 4-byte
* aligned boundary. To avoid confusion, require that the rtattr
* payload be exactly the param struct, which has a 4-byte aligned size.
*/
if (RTA_PAYLOAD(rta) != sizeof(*param))
return -EINVAL;
BUILD_BUG_ON(sizeof(*param) % RTA_ALIGNTO);
param = RTA_DATA(rta);
keys->enckeylen = be32_to_cpu(param->enckeylen);
key += rta->rta_len;
keylen -= rta->rta_len;
if (keylen < keys->enckeylen)
return -EINVAL;
keys->authkeylen = keylen - keys->enckeylen;
keys->authkey = key;
keys->enckey = key + keys->authkeylen;
return 0;
}
EXPORT_SYMBOL_GPL(crypto_authenc_extractkeys);
static int crypto_authenc_setkey(struct crypto_aead *authenc, const u8 *key,
unsigned int keylen)
{
struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
struct crypto_ahash *auth = ctx->auth;
struct crypto_skcipher *enc = ctx->enc;
struct crypto_authenc_keys keys;
int err = -EINVAL;
if (crypto_authenc_extractkeys(&keys, key, keylen) != 0)
goto badkey;
crypto_ahash_clear_flags(auth, CRYPTO_TFM_REQ_MASK);
crypto_ahash_set_flags(auth, crypto_aead_get_flags(authenc) &
CRYPTO_TFM_REQ_MASK);
err = crypto_ahash_setkey(auth, keys.authkey, keys.authkeylen);
crypto_aead_set_flags(authenc, crypto_ahash_get_flags(auth) &
CRYPTO_TFM_RES_MASK);
if (err)
goto out;
crypto_skcipher_clear_flags(enc, CRYPTO_TFM_REQ_MASK);
crypto_skcipher_set_flags(enc, crypto_aead_get_flags(authenc) &
CRYPTO_TFM_REQ_MASK);
err = crypto_skcipher_setkey(enc, keys.enckey, keys.enckeylen);
crypto_aead_set_flags(authenc, crypto_skcipher_get_flags(enc) &
CRYPTO_TFM_RES_MASK);
out:
memzero_explicit(&keys, sizeof(keys));
return err;
badkey:
crypto_aead_set_flags(authenc, CRYPTO_TFM_RES_BAD_KEY_LEN);
goto out;
}
static void authenc_geniv_ahash_done(struct crypto_async_request *areq, int err)
{
struct aead_request *req = areq->data;
struct crypto_aead *authenc = crypto_aead_reqtfm(req);
struct aead_instance *inst = aead_alg_instance(authenc);
struct authenc_instance_ctx *ictx = aead_instance_ctx(inst);
struct authenc_request_ctx *areq_ctx = aead_request_ctx(req);
struct ahash_request *ahreq = (void *)(areq_ctx->tail + ictx->reqoff);
if (err)
goto out;
scatterwalk_map_and_copy(ahreq->result, req->dst,
req->assoclen + req->cryptlen,
crypto_aead_authsize(authenc), 1);
out:
aead_request_complete(req, err);
}
static int crypto_authenc_genicv(struct aead_request *req, unsigned int flags)
{
struct crypto_aead *authenc = crypto_aead_reqtfm(req);
struct aead_instance *inst = aead_alg_instance(authenc);
struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
struct authenc_instance_ctx *ictx = aead_instance_ctx(inst);
struct crypto_ahash *auth = ctx->auth;
struct authenc_request_ctx *areq_ctx = aead_request_ctx(req);
struct ahash_request *ahreq = (void *)(areq_ctx->tail + ictx->reqoff);
u8 *hash = areq_ctx->tail;
int err;
hash = (u8 *)ALIGN((unsigned long)hash + crypto_ahash_alignmask(auth),
crypto_ahash_alignmask(auth) + 1);
ahash_request_set_tfm(ahreq, auth);
ahash_request_set_crypt(ahreq, req->dst, hash,
req->assoclen + req->cryptlen);
ahash_request_set_callback(ahreq, flags,
authenc_geniv_ahash_done, req);
err = crypto_ahash_digest(ahreq);
if (err)
return err;
scatterwalk_map_and_copy(hash, req->dst, req->assoclen + req->cryptlen,
crypto_aead_authsize(authenc), 1);
return 0;
}
static void crypto_authenc_encrypt_done(struct crypto_async_request *req,
int err)
{
struct aead_request *areq = req->data;
if (err)
goto out;
err = crypto_authenc_genicv(areq, 0);
out:
authenc_request_complete(areq, err);
}
static int crypto_authenc_copy_assoc(struct aead_request *req)
{
struct crypto_aead *authenc = crypto_aead_reqtfm(req);
struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
SYNC_SKCIPHER_REQUEST_ON_STACK(skreq, ctx->null);
skcipher_request_set_sync_tfm(skreq, ctx->null);
skcipher_request_set_callback(skreq, aead_request_flags(req),
NULL, NULL);
skcipher_request_set_crypt(skreq, req->src, req->dst, req->assoclen,
NULL);
return crypto_skcipher_encrypt(skreq);
}
static int crypto_authenc_encrypt(struct aead_request *req)
{
struct crypto_aead *authenc = crypto_aead_reqtfm(req);
struct aead_instance *inst = aead_alg_instance(authenc);
struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
struct authenc_instance_ctx *ictx = aead_instance_ctx(inst);
struct authenc_request_ctx *areq_ctx = aead_request_ctx(req);
struct crypto_skcipher *enc = ctx->enc;
unsigned int cryptlen = req->cryptlen;
struct skcipher_request *skreq = (void *)(areq_ctx->tail +
ictx->reqoff);
struct scatterlist *src, *dst;
int err;
src = scatterwalk_ffwd(areq_ctx->src, req->src, req->assoclen);
dst = src;
if (req->src != req->dst) {
err = crypto_authenc_copy_assoc(req);
if (err)
return err;
dst = scatterwalk_ffwd(areq_ctx->dst, req->dst, req->assoclen);
}
skcipher_request_set_tfm(skreq, enc);
skcipher_request_set_callback(skreq, aead_request_flags(req),
crypto_authenc_encrypt_done, req);
skcipher_request_set_crypt(skreq, src, dst, cryptlen, req->iv);
err = crypto_skcipher_encrypt(skreq);
if (err)
return err;
return crypto_authenc_genicv(req, aead_request_flags(req));
}
static int crypto_authenc_decrypt_tail(struct aead_request *req,
unsigned int flags)
{
struct crypto_aead *authenc = crypto_aead_reqtfm(req);
struct aead_instance *inst = aead_alg_instance(authenc);
struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
struct authenc_instance_ctx *ictx = aead_instance_ctx(inst);
struct authenc_request_ctx *areq_ctx = aead_request_ctx(req);
struct ahash_request *ahreq = (void *)(areq_ctx->tail + ictx->reqoff);
struct skcipher_request *skreq = (void *)(areq_ctx->tail +
ictx->reqoff);
unsigned int authsize = crypto_aead_authsize(authenc);
u8 *ihash = ahreq->result + authsize;
struct scatterlist *src, *dst;
scatterwalk_map_and_copy(ihash, req->src, ahreq->nbytes, authsize, 0);
if (crypto_memneq(ihash, ahreq->result, authsize))
return -EBADMSG;
src = scatterwalk_ffwd(areq_ctx->src, req->src, req->assoclen);
dst = src;
if (req->src != req->dst)
dst = scatterwalk_ffwd(areq_ctx->dst, req->dst, req->assoclen);
skcipher_request_set_tfm(skreq, ctx->enc);
skcipher_request_set_callback(skreq, flags,
req->base.complete, req->base.data);
skcipher_request_set_crypt(skreq, src, dst,
req->cryptlen - authsize, req->iv);
return crypto_skcipher_decrypt(skreq);
}
static void authenc_verify_ahash_done(struct crypto_async_request *areq,
int err)
{
struct aead_request *req = areq->data;
if (err)
goto out;
err = crypto_authenc_decrypt_tail(req, 0);
out:
authenc_request_complete(req, err);
}
static int crypto_authenc_decrypt(struct aead_request *req)
{
struct crypto_aead *authenc = crypto_aead_reqtfm(req);
unsigned int authsize = crypto_aead_authsize(authenc);
struct aead_instance *inst = aead_alg_instance(authenc);
struct crypto_authenc_ctx *ctx = crypto_aead_ctx(authenc);
struct authenc_instance_ctx *ictx = aead_instance_ctx(inst);
struct crypto_ahash *auth = ctx->auth;
struct authenc_request_ctx *areq_ctx = aead_request_ctx(req);
struct ahash_request *ahreq = (void *)(areq_ctx->tail + ictx->reqoff);
u8 *hash = areq_ctx->tail;
int err;
hash = (u8 *)ALIGN((unsigned long)hash + crypto_ahash_alignmask(auth),
crypto_ahash_alignmask(auth) + 1);
ahash_request_set_tfm(ahreq, auth);
ahash_request_set_crypt(ahreq, req->src, hash,
req->assoclen + req->cryptlen - authsize);
ahash_request_set_callback(ahreq, aead_request_flags(req),
authenc_verify_ahash_done, req);
err = crypto_ahash_digest(ahreq);
if (err)
return err;
return crypto_authenc_decrypt_tail(req, aead_request_flags(req));
}
static int crypto_authenc_init_tfm(struct crypto_aead *tfm)
{
struct aead_instance *inst = aead_alg_instance(tfm);
struct authenc_instance_ctx *ictx = aead_instance_ctx(inst);
struct crypto_authenc_ctx *ctx = crypto_aead_ctx(tfm);
struct crypto_ahash *auth;
struct crypto_skcipher *enc;
struct crypto_sync_skcipher *null;
int err;
auth = crypto_spawn_ahash(&ictx->auth);
if (IS_ERR(auth))
return PTR_ERR(auth);
enc = crypto_spawn_skcipher(&ictx->enc);
err = PTR_ERR(enc);
if (IS_ERR(enc))
goto err_free_ahash;
null = crypto_get_default_null_skcipher();
err = PTR_ERR(null);
if (IS_ERR(null))
goto err_free_skcipher;
ctx->auth = auth;
ctx->enc = enc;
ctx->null = null;
crypto_aead_set_reqsize(
tfm,
sizeof(struct authenc_request_ctx) +
ictx->reqoff +
max_t(unsigned int,
crypto_ahash_reqsize(auth) +
sizeof(struct ahash_request),
sizeof(struct skcipher_request) +
crypto_skcipher_reqsize(enc)));
return 0;
err_free_skcipher:
crypto_free_skcipher(enc);
err_free_ahash:
crypto_free_ahash(auth);
return err;
}
static void crypto_authenc_exit_tfm(struct crypto_aead *tfm)
{
struct crypto_authenc_ctx *ctx = crypto_aead_ctx(tfm);
crypto_free_ahash(ctx->auth);
crypto_free_skcipher(ctx->enc);
crypto_put_default_null_skcipher();
}
static void crypto_authenc_free(struct aead_instance *inst)
{
struct authenc_instance_ctx *ctx = aead_instance_ctx(inst);
crypto_drop_skcipher(&ctx->enc);
crypto_drop_ahash(&ctx->auth);
kfree(inst);
}
static int crypto_authenc_create(struct crypto_template *tmpl,
struct rtattr **tb)
{
struct crypto_attr_type *algt;
struct aead_instance *inst;
struct hash_alg_common *auth;
struct crypto_alg *auth_base;
struct skcipher_alg *enc;
struct authenc_instance_ctx *ctx;
const char *enc_name;
int err;
algt = crypto_get_attr_type(tb);
if (IS_ERR(algt))
return PTR_ERR(algt);
if ((algt->type ^ CRYPTO_ALG_TYPE_AEAD) & algt->mask)
return -EINVAL;
auth = ahash_attr_alg(tb[1], CRYPTO_ALG_TYPE_HASH,
CRYPTO_ALG_TYPE_AHASH_MASK |
crypto_requires_sync(algt->type, algt->mask));
if (IS_ERR(auth))
return PTR_ERR(auth);
auth_base = &auth->base;
enc_name = crypto_attr_alg_name(tb[2]);
err = PTR_ERR(enc_name);
if (IS_ERR(enc_name))
goto out_put_auth;
inst = kzalloc(sizeof(*inst) + sizeof(*ctx), GFP_KERNEL);
err = -ENOMEM;
if (!inst)
goto out_put_auth;
ctx = aead_instance_ctx(inst);
err = crypto_init_ahash_spawn(&ctx->auth, auth,
aead_crypto_instance(inst));
if (err)
goto err_free_inst;
crypto_set_skcipher_spawn(&ctx->enc, aead_crypto_instance(inst));
err = crypto_grab_skcipher(&ctx->enc, enc_name, 0,
crypto_requires_sync(algt->type,
algt->mask));
if (err)
goto err_drop_auth;
enc = crypto_spawn_skcipher_alg(&ctx->enc);
ctx->reqoff = ALIGN(2 * auth->digestsize + auth_base->cra_alignmask,
auth_base->cra_alignmask + 1);
err = -ENAMETOOLONG;
if (snprintf(inst->alg.base.cra_name, CRYPTO_MAX_ALG_NAME,
"authenc(%s,%s)", auth_base->cra_name,
enc->base.cra_name) >=
CRYPTO_MAX_ALG_NAME)
goto err_drop_enc;
if (snprintf(inst->alg.base.cra_driver_name, CRYPTO_MAX_ALG_NAME,
"authenc(%s,%s)", auth_base->cra_driver_name,
enc->base.cra_driver_name) >= CRYPTO_MAX_ALG_NAME)
goto err_drop_enc;
inst->alg.base.cra_flags = (auth_base->cra_flags |
enc->base.cra_flags) & CRYPTO_ALG_ASYNC;
inst->alg.base.cra_priority = enc->base.cra_priority * 10 +
auth_base->cra_priority;
inst->alg.base.cra_blocksize = enc->base.cra_blocksize;
inst->alg.base.cra_alignmask = auth_base->cra_alignmask |
enc->base.cra_alignmask;
inst->alg.base.cra_ctxsize = sizeof(struct crypto_authenc_ctx);
inst->alg.ivsize = crypto_skcipher_alg_ivsize(enc);
inst->alg.chunksize = crypto_skcipher_alg_chunksize(enc);
inst->alg.maxauthsize = auth->digestsize;
inst->alg.init = crypto_authenc_init_tfm;
inst->alg.exit = crypto_authenc_exit_tfm;
inst->alg.setkey = crypto_authenc_setkey;
inst->alg.encrypt = crypto_authenc_encrypt;
inst->alg.decrypt = crypto_authenc_decrypt;
inst->free = crypto_authenc_free;
err = aead_register_instance(tmpl, inst);
if (err)
goto err_drop_enc;
out:
crypto_mod_put(auth_base);
return err;
err_drop_enc:
crypto_drop_skcipher(&ctx->enc);
err_drop_auth:
crypto_drop_ahash(&ctx->auth);
err_free_inst:
kfree(inst);
out_put_auth:
goto out;
}
static struct crypto_template crypto_authenc_tmpl = {
.name = "authenc",
.create = crypto_authenc_create,
.module = THIS_MODULE,
};
static int __init crypto_authenc_module_init(void)
{
return crypto_register_template(&crypto_authenc_tmpl);
}
static void __exit crypto_authenc_module_exit(void)
{
crypto_unregister_template(&crypto_authenc_tmpl);
}
module_init(crypto_authenc_module_init);
module_exit(crypto_authenc_module_exit);
MODULE_LICENSE("GPL");
MODULE_DESCRIPTION("Simple AEAD wrapper for IPsec");
MODULE_ALIAS_CRYPTO("authenc");
Reference in New Issue View Git Blame Copy Permalink