linux/crypto/algapi.c
<<
>>
Prefs
   1// SPDX-License-Identifier: GPL-2.0-or-later
   2/*
   3 * Cryptographic API for algorithms (i.e., low-level API).
   4 *
   5 * Copyright (c) 2006 Herbert Xu <herbert@gondor.apana.org.au>
   6 */
   7
   8#include <crypto/algapi.h>
   9#include <linux/err.h>
  10#include <linux/errno.h>
  11#include <linux/fips.h>
  12#include <linux/init.h>
  13#include <linux/kernel.h>
  14#include <linux/list.h>
  15#include <linux/module.h>
  16#include <linux/rtnetlink.h>
  17#include <linux/slab.h>
  18#include <linux/string.h>
  19
  20#include "internal.h"
  21
  22static LIST_HEAD(crypto_template_list);
  23
  24static inline void crypto_check_module_sig(struct module *mod)
  25{
  26        if (fips_enabled && mod && !module_sig_ok(mod))
  27                panic("Module %s signature verification failed in FIPS mode\n",
  28                      module_name(mod));
  29}
  30
  31static int crypto_check_alg(struct crypto_alg *alg)
  32{
  33        crypto_check_module_sig(alg->cra_module);
  34
  35        if (!alg->cra_name[0] || !alg->cra_driver_name[0])
  36                return -EINVAL;
  37
  38        if (alg->cra_alignmask & (alg->cra_alignmask + 1))
  39                return -EINVAL;
  40
  41        /* General maximums for all algs. */
  42        if (alg->cra_alignmask > MAX_ALGAPI_ALIGNMASK)
  43                return -EINVAL;
  44
  45        if (alg->cra_blocksize > MAX_ALGAPI_BLOCKSIZE)
  46                return -EINVAL;
  47
  48        /* Lower maximums for specific alg types. */
  49        if (!alg->cra_type && (alg->cra_flags & CRYPTO_ALG_TYPE_MASK) ==
  50                               CRYPTO_ALG_TYPE_CIPHER) {
  51                if (alg->cra_alignmask > MAX_CIPHER_ALIGNMASK)
  52                        return -EINVAL;
  53
  54                if (alg->cra_blocksize > MAX_CIPHER_BLOCKSIZE)
  55                        return -EINVAL;
  56        }
  57
  58        if (alg->cra_priority < 0)
  59                return -EINVAL;
  60
  61        refcount_set(&alg->cra_refcnt, 1);
  62
  63        return 0;
  64}
  65
  66static void crypto_free_instance(struct crypto_instance *inst)
  67{
  68        inst->alg.cra_type->free(inst);
  69}
  70
  71static void crypto_destroy_instance(struct crypto_alg *alg)
  72{
  73        struct crypto_instance *inst = (void *)alg;
  74        struct crypto_template *tmpl = inst->tmpl;
  75
  76        crypto_free_instance(inst);
  77        crypto_tmpl_put(tmpl);
  78}
  79
  80/*
  81 * This function adds a spawn to the list secondary_spawns which
  82 * will be used at the end of crypto_remove_spawns to unregister
  83 * instances, unless the spawn happens to be one that is depended
  84 * on by the new algorithm (nalg in crypto_remove_spawns).
  85 *
  86 * This function is also responsible for resurrecting any algorithms
  87 * in the dependency chain of nalg by unsetting n->dead.
  88 */
  89static struct list_head *crypto_more_spawns(struct crypto_alg *alg,
  90                                            struct list_head *stack,
  91                                            struct list_head *top,
  92                                            struct list_head *secondary_spawns)
  93{
  94        struct crypto_spawn *spawn, *n;
  95
  96        spawn = list_first_entry_or_null(stack, struct crypto_spawn, list);
  97        if (!spawn)
  98                return NULL;
  99
 100        n = list_prev_entry(spawn, list);
 101        list_move(&spawn->list, secondary_spawns);
 102
 103        if (list_is_last(&n->list, stack))
 104                return top;
 105
 106        n = list_next_entry(n, list);
 107        if (!spawn->dead)
 108                n->dead = false;
 109
 110        return &n->inst->alg.cra_users;
 111}
 112
 113static void crypto_remove_instance(struct crypto_instance *inst,
 114                                   struct list_head *list)
 115{
 116        struct crypto_template *tmpl = inst->tmpl;
 117
 118        if (crypto_is_dead(&inst->alg))
 119                return;
 120
 121        inst->alg.cra_flags |= CRYPTO_ALG_DEAD;
 122
 123        if (!tmpl || !crypto_tmpl_get(tmpl))
 124                return;
 125
 126        list_move(&inst->alg.cra_list, list);
 127        hlist_del(&inst->list);
 128        inst->alg.cra_destroy = crypto_destroy_instance;
 129
 130        BUG_ON(!list_empty(&inst->alg.cra_users));
 131}
 132
 133/*
 134 * Given an algorithm alg, remove all algorithms that depend on it
 135 * through spawns.  If nalg is not null, then exempt any algorithms
 136 * that is depended on by nalg.  This is useful when nalg itself
 137 * depends on alg.
 138 */
 139void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list,
 140                          struct crypto_alg *nalg)
 141{
 142        u32 new_type = (nalg ?: alg)->cra_flags;
 143        struct crypto_spawn *spawn, *n;
 144        LIST_HEAD(secondary_spawns);
 145        struct list_head *spawns;
 146        LIST_HEAD(stack);
 147        LIST_HEAD(top);
 148
 149        spawns = &alg->cra_users;
 150        list_for_each_entry_safe(spawn, n, spawns, list) {
 151                if ((spawn->alg->cra_flags ^ new_type) & spawn->mask)
 152                        continue;
 153
 154                list_move(&spawn->list, &top);
 155        }
 156
 157        /*
 158         * Perform a depth-first walk starting from alg through
 159         * the cra_users tree.  The list stack records the path
 160         * from alg to the current spawn.
 161         */
 162        spawns = &top;
 163        do {
 164                while (!list_empty(spawns)) {
 165                        struct crypto_instance *inst;
 166
 167                        spawn = list_first_entry(spawns, struct crypto_spawn,
 168                                                 list);
 169                        inst = spawn->inst;
 170
 171                        list_move(&spawn->list, &stack);
 172                        spawn->dead = !spawn->registered || &inst->alg != nalg;
 173
 174                        if (!spawn->registered)
 175                                break;
 176
 177                        BUG_ON(&inst->alg == alg);
 178
 179                        if (&inst->alg == nalg)
 180                                break;
 181
 182                        spawns = &inst->alg.cra_users;
 183
 184                        /*
 185                         * Even if spawn->registered is true, the
 186                         * instance itself may still be unregistered.
 187                         * This is because it may have failed during
 188                         * registration.  Therefore we still need to
 189                         * make the following test.
 190                         *
 191                         * We may encounter an unregistered instance here, since
 192                         * an instance's spawns are set up prior to the instance
 193                         * being registered.  An unregistered instance will have
 194                         * NULL ->cra_users.next, since ->cra_users isn't
 195                         * properly initialized until registration.  But an
 196                         * unregistered instance cannot have any users, so treat
 197                         * it the same as ->cra_users being empty.
 198                         */
 199                        if (spawns->next == NULL)
 200                                break;
 201                }
 202        } while ((spawns = crypto_more_spawns(alg, &stack, &top,
 203                                              &secondary_spawns)));
 204
 205        /*
 206         * Remove all instances that are marked as dead.  Also
 207         * complete the resurrection of the others by moving them
 208         * back to the cra_users list.
 209         */
 210        list_for_each_entry_safe(spawn, n, &secondary_spawns, list) {
 211                if (!spawn->dead)
 212                        list_move(&spawn->list, &spawn->alg->cra_users);
 213                else if (spawn->registered)
 214                        crypto_remove_instance(spawn->inst, list);
 215        }
 216}
 217EXPORT_SYMBOL_GPL(crypto_remove_spawns);
 218
 219static struct crypto_larval *__crypto_register_alg(struct crypto_alg *alg)
 220{
 221        struct crypto_alg *q;
 222        struct crypto_larval *larval;
 223        int ret = -EAGAIN;
 224
 225        if (crypto_is_dead(alg))
 226                goto err;
 227
 228        INIT_LIST_HEAD(&alg->cra_users);
 229
 230        /* No cheating! */
 231        alg->cra_flags &= ~CRYPTO_ALG_TESTED;
 232
 233        ret = -EEXIST;
 234
 235        list_for_each_entry(q, &crypto_alg_list, cra_list) {
 236                if (q == alg)
 237                        goto err;
 238
 239                if (crypto_is_moribund(q))
 240                        continue;
 241
 242                if (crypto_is_larval(q)) {
 243                        if (!strcmp(alg->cra_driver_name, q->cra_driver_name))
 244                                goto err;
 245                        continue;
 246                }
 247
 248                if (!strcmp(q->cra_driver_name, alg->cra_name) ||
 249                    !strcmp(q->cra_name, alg->cra_driver_name))
 250                        goto err;
 251        }
 252
 253        larval = crypto_larval_alloc(alg->cra_name,
 254                                     alg->cra_flags | CRYPTO_ALG_TESTED, 0);
 255        if (IS_ERR(larval))
 256                goto out;
 257
 258        ret = -ENOENT;
 259        larval->adult = crypto_mod_get(alg);
 260        if (!larval->adult)
 261                goto free_larval;
 262
 263        refcount_set(&larval->alg.cra_refcnt, 1);
 264        memcpy(larval->alg.cra_driver_name, alg->cra_driver_name,
 265               CRYPTO_MAX_ALG_NAME);
 266        larval->alg.cra_priority = alg->cra_priority;
 267
 268        list_add(&alg->cra_list, &crypto_alg_list);
 269        list_add(&larval->alg.cra_list, &crypto_alg_list);
 270
 271        crypto_stats_init(alg);
 272
 273out:
 274        return larval;
 275
 276free_larval:
 277        kfree(larval);
 278err:
 279        larval = ERR_PTR(ret);
 280        goto out;
 281}
 282
 283void crypto_alg_tested(const char *name, int err)
 284{
 285        struct crypto_larval *test;
 286        struct crypto_alg *alg;
 287        struct crypto_alg *q;
 288        LIST_HEAD(list);
 289        bool best;
 290
 291        down_write(&crypto_alg_sem);
 292        list_for_each_entry(q, &crypto_alg_list, cra_list) {
 293                if (crypto_is_moribund(q) || !crypto_is_larval(q))
 294                        continue;
 295
 296                test = (struct crypto_larval *)q;
 297
 298                if (!strcmp(q->cra_driver_name, name))
 299                        goto found;
 300        }
 301
 302        pr_err("alg: Unexpected test result for %s: %d\n", name, err);
 303        goto unlock;
 304
 305found:
 306        q->cra_flags |= CRYPTO_ALG_DEAD;
 307        alg = test->adult;
 308        if (err || list_empty(&alg->cra_list))
 309                goto complete;
 310
 311        alg->cra_flags |= CRYPTO_ALG_TESTED;
 312
 313        /* Only satisfy larval waiters if we are the best. */
 314        best = true;
 315        list_for_each_entry(q, &crypto_alg_list, cra_list) {
 316                if (crypto_is_moribund(q) || !crypto_is_larval(q))
 317                        continue;
 318
 319                if (strcmp(alg->cra_name, q->cra_name))
 320                        continue;
 321
 322                if (q->cra_priority > alg->cra_priority) {
 323                        best = false;
 324                        break;
 325                }
 326        }
 327
 328        list_for_each_entry(q, &crypto_alg_list, cra_list) {
 329                if (q == alg)
 330                        continue;
 331
 332                if (crypto_is_moribund(q))
 333                        continue;
 334
 335                if (crypto_is_larval(q)) {
 336                        struct crypto_larval *larval = (void *)q;
 337
 338                        /*
 339                         * Check to see if either our generic name or
 340                         * specific name can satisfy the name requested
 341                         * by the larval entry q.
 342                         */
 343                        if (strcmp(alg->cra_name, q->cra_name) &&
 344                            strcmp(alg->cra_driver_name, q->cra_name))
 345                                continue;
 346
 347                        if (larval->adult)
 348                                continue;
 349                        if ((q->cra_flags ^ alg->cra_flags) & larval->mask)
 350                                continue;
 351
 352                        if (best && crypto_mod_get(alg))
 353                                larval->adult = alg;
 354                        else
 355                                larval->adult = ERR_PTR(-EAGAIN);
 356
 357                        continue;
 358                }
 359
 360                if (strcmp(alg->cra_name, q->cra_name))
 361                        continue;
 362
 363                if (strcmp(alg->cra_driver_name, q->cra_driver_name) &&
 364                    q->cra_priority > alg->cra_priority)
 365                        continue;
 366
 367                crypto_remove_spawns(q, &list, alg);
 368        }
 369
 370complete:
 371        complete_all(&test->completion);
 372
 373unlock:
 374        up_write(&crypto_alg_sem);
 375
 376        crypto_remove_final(&list);
 377}
 378EXPORT_SYMBOL_GPL(crypto_alg_tested);
 379
 380void crypto_remove_final(struct list_head *list)
 381{
 382        struct crypto_alg *alg;
 383        struct crypto_alg *n;
 384
 385        list_for_each_entry_safe(alg, n, list, cra_list) {
 386                list_del_init(&alg->cra_list);
 387                crypto_alg_put(alg);
 388        }
 389}
 390EXPORT_SYMBOL_GPL(crypto_remove_final);
 391
 392static void crypto_wait_for_test(struct crypto_larval *larval)
 393{
 394        int err;
 395
 396        err = crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER, larval->adult);
 397        if (err != NOTIFY_STOP) {
 398                if (WARN_ON(err != NOTIFY_DONE))
 399                        goto out;
 400                crypto_alg_tested(larval->alg.cra_driver_name, 0);
 401        }
 402
 403        err = wait_for_completion_killable(&larval->completion);
 404        WARN_ON(err);
 405        if (!err)
 406                crypto_notify(CRYPTO_MSG_ALG_LOADED, larval);
 407
 408out:
 409        crypto_larval_kill(&larval->alg);
 410}
 411
 412int crypto_register_alg(struct crypto_alg *alg)
 413{
 414        struct crypto_larval *larval;
 415        int err;
 416
 417        alg->cra_flags &= ~CRYPTO_ALG_DEAD;
 418        err = crypto_check_alg(alg);
 419        if (err)
 420                return err;
 421
 422        down_write(&crypto_alg_sem);
 423        larval = __crypto_register_alg(alg);
 424        up_write(&crypto_alg_sem);
 425
 426        if (IS_ERR(larval))
 427                return PTR_ERR(larval);
 428
 429        crypto_wait_for_test(larval);
 430        return 0;
 431}
 432EXPORT_SYMBOL_GPL(crypto_register_alg);
 433
 434static int crypto_remove_alg(struct crypto_alg *alg, struct list_head *list)
 435{
 436        if (unlikely(list_empty(&alg->cra_list)))
 437                return -ENOENT;
 438
 439        alg->cra_flags |= CRYPTO_ALG_DEAD;
 440
 441        list_del_init(&alg->cra_list);
 442        crypto_remove_spawns(alg, list, NULL);
 443
 444        return 0;
 445}
 446
 447void crypto_unregister_alg(struct crypto_alg *alg)
 448{
 449        int ret;
 450        LIST_HEAD(list);
 451
 452        down_write(&crypto_alg_sem);
 453        ret = crypto_remove_alg(alg, &list);
 454        up_write(&crypto_alg_sem);
 455
 456        if (WARN(ret, "Algorithm %s is not registered", alg->cra_driver_name))
 457                return;
 458
 459        BUG_ON(refcount_read(&alg->cra_refcnt) != 1);
 460        if (alg->cra_destroy)
 461                alg->cra_destroy(alg);
 462
 463        crypto_remove_final(&list);
 464}
 465EXPORT_SYMBOL_GPL(crypto_unregister_alg);
 466
 467int crypto_register_algs(struct crypto_alg *algs, int count)
 468{
 469        int i, ret;
 470
 471        for (i = 0; i < count; i++) {
 472                ret = crypto_register_alg(&algs[i]);
 473                if (ret)
 474                        goto err;
 475        }
 476
 477        return 0;
 478
 479err:
 480        for (--i; i >= 0; --i)
 481                crypto_unregister_alg(&algs[i]);
 482
 483        return ret;
 484}
 485EXPORT_SYMBOL_GPL(crypto_register_algs);
 486
 487void crypto_unregister_algs(struct crypto_alg *algs, int count)
 488{
 489        int i;
 490
 491        for (i = 0; i < count; i++)
 492                crypto_unregister_alg(&algs[i]);
 493}
 494EXPORT_SYMBOL_GPL(crypto_unregister_algs);
 495
 496int crypto_register_template(struct crypto_template *tmpl)
 497{
 498        struct crypto_template *q;
 499        int err = -EEXIST;
 500
 501        down_write(&crypto_alg_sem);
 502
 503        crypto_check_module_sig(tmpl->module);
 504
 505        list_for_each_entry(q, &crypto_template_list, list) {
 506                if (q == tmpl)
 507                        goto out;
 508        }
 509
 510        list_add(&tmpl->list, &crypto_template_list);
 511        err = 0;
 512out:
 513        up_write(&crypto_alg_sem);
 514        return err;
 515}
 516EXPORT_SYMBOL_GPL(crypto_register_template);
 517
 518int crypto_register_templates(struct crypto_template *tmpls, int count)
 519{
 520        int i, err;
 521
 522        for (i = 0; i < count; i++) {
 523                err = crypto_register_template(&tmpls[i]);
 524                if (err)
 525                        goto out;
 526        }
 527        return 0;
 528
 529out:
 530        for (--i; i >= 0; --i)
 531                crypto_unregister_template(&tmpls[i]);
 532        return err;
 533}
 534EXPORT_SYMBOL_GPL(crypto_register_templates);
 535
 536void crypto_unregister_template(struct crypto_template *tmpl)
 537{
 538        struct crypto_instance *inst;
 539        struct hlist_node *n;
 540        struct hlist_head *list;
 541        LIST_HEAD(users);
 542
 543        down_write(&crypto_alg_sem);
 544
 545        BUG_ON(list_empty(&tmpl->list));
 546        list_del_init(&tmpl->list);
 547
 548        list = &tmpl->instances;
 549        hlist_for_each_entry(inst, list, list) {
 550                int err = crypto_remove_alg(&inst->alg, &users);
 551
 552                BUG_ON(err);
 553        }
 554
 555        up_write(&crypto_alg_sem);
 556
 557        hlist_for_each_entry_safe(inst, n, list, list) {
 558                BUG_ON(refcount_read(&inst->alg.cra_refcnt) != 1);
 559                crypto_free_instance(inst);
 560        }
 561        crypto_remove_final(&users);
 562}
 563EXPORT_SYMBOL_GPL(crypto_unregister_template);
 564
 565void crypto_unregister_templates(struct crypto_template *tmpls, int count)
 566{
 567        int i;
 568
 569        for (i = count - 1; i >= 0; --i)
 570                crypto_unregister_template(&tmpls[i]);
 571}
 572EXPORT_SYMBOL_GPL(crypto_unregister_templates);
 573
 574static struct crypto_template *__crypto_lookup_template(const char *name)
 575{
 576        struct crypto_template *q, *tmpl = NULL;
 577
 578        down_read(&crypto_alg_sem);
 579        list_for_each_entry(q, &crypto_template_list, list) {
 580                if (strcmp(q->name, name))
 581                        continue;
 582                if (unlikely(!crypto_tmpl_get(q)))
 583                        continue;
 584
 585                tmpl = q;
 586                break;
 587        }
 588        up_read(&crypto_alg_sem);
 589
 590        return tmpl;
 591}
 592
 593struct crypto_template *crypto_lookup_template(const char *name)
 594{
 595        return try_then_request_module(__crypto_lookup_template(name),
 596                                       "crypto-%s", name);
 597}
 598EXPORT_SYMBOL_GPL(crypto_lookup_template);
 599
 600int crypto_register_instance(struct crypto_template *tmpl,
 601                             struct crypto_instance *inst)
 602{
 603        struct crypto_larval *larval;
 604        struct crypto_spawn *spawn;
 605        int err;
 606
 607        err = crypto_check_alg(&inst->alg);
 608        if (err)
 609                return err;
 610
 611        inst->alg.cra_module = tmpl->module;
 612        inst->alg.cra_flags |= CRYPTO_ALG_INSTANCE;
 613
 614        down_write(&crypto_alg_sem);
 615
 616        larval = ERR_PTR(-EAGAIN);
 617        for (spawn = inst->spawns; spawn;) {
 618                struct crypto_spawn *next;
 619
 620                if (spawn->dead)
 621                        goto unlock;
 622
 623                next = spawn->next;
 624                spawn->inst = inst;
 625                spawn->registered = true;
 626
 627                crypto_mod_put(spawn->alg);
 628
 629                spawn = next;
 630        }
 631
 632        larval = __crypto_register_alg(&inst->alg);
 633        if (IS_ERR(larval))
 634                goto unlock;
 635
 636        hlist_add_head(&inst->list, &tmpl->instances);
 637        inst->tmpl = tmpl;
 638
 639unlock:
 640        up_write(&crypto_alg_sem);
 641
 642        err = PTR_ERR(larval);
 643        if (IS_ERR(larval))
 644                goto err;
 645
 646        crypto_wait_for_test(larval);
 647        err = 0;
 648
 649err:
 650        return err;
 651}
 652EXPORT_SYMBOL_GPL(crypto_register_instance);
 653
 654void crypto_unregister_instance(struct crypto_instance *inst)
 655{
 656        LIST_HEAD(list);
 657
 658        down_write(&crypto_alg_sem);
 659
 660        crypto_remove_spawns(&inst->alg, &list, NULL);
 661        crypto_remove_instance(inst, &list);
 662
 663        up_write(&crypto_alg_sem);
 664
 665        crypto_remove_final(&list);
 666}
 667EXPORT_SYMBOL_GPL(crypto_unregister_instance);
 668
 669int crypto_grab_spawn(struct crypto_spawn *spawn, struct crypto_instance *inst,
 670                      const char *name, u32 type, u32 mask)
 671{
 672        struct crypto_alg *alg;
 673        int err = -EAGAIN;
 674
 675        if (WARN_ON_ONCE(inst == NULL))
 676                return -EINVAL;
 677
 678        /* Allow the result of crypto_attr_alg_name() to be passed directly */
 679        if (IS_ERR(name))
 680                return PTR_ERR(name);
 681
 682        alg = crypto_find_alg(name, spawn->frontend, type, mask);
 683        if (IS_ERR(alg))
 684                return PTR_ERR(alg);
 685
 686        down_write(&crypto_alg_sem);
 687        if (!crypto_is_moribund(alg)) {
 688                list_add(&spawn->list, &alg->cra_users);
 689                spawn->alg = alg;
 690                spawn->mask = mask;
 691                spawn->next = inst->spawns;
 692                inst->spawns = spawn;
 693                inst->alg.cra_flags |=
 694                        (alg->cra_flags & CRYPTO_ALG_INHERITED_FLAGS);
 695                err = 0;
 696        }
 697        up_write(&crypto_alg_sem);
 698        if (err)
 699                crypto_mod_put(alg);
 700        return err;
 701}
 702EXPORT_SYMBOL_GPL(crypto_grab_spawn);
 703
 704void crypto_drop_spawn(struct crypto_spawn *spawn)
 705{
 706        if (!spawn->alg) /* not yet initialized? */
 707                return;
 708
 709        down_write(&crypto_alg_sem);
 710        if (!spawn->dead)
 711                list_del(&spawn->list);
 712        up_write(&crypto_alg_sem);
 713
 714        if (!spawn->registered)
 715                crypto_mod_put(spawn->alg);
 716}
 717EXPORT_SYMBOL_GPL(crypto_drop_spawn);
 718
 719static struct crypto_alg *crypto_spawn_alg(struct crypto_spawn *spawn)
 720{
 721        struct crypto_alg *alg = ERR_PTR(-EAGAIN);
 722        struct crypto_alg *target;
 723        bool shoot = false;
 724
 725        down_read(&crypto_alg_sem);
 726        if (!spawn->dead) {
 727                alg = spawn->alg;
 728                if (!crypto_mod_get(alg)) {
 729                        target = crypto_alg_get(alg);
 730                        shoot = true;
 731                        alg = ERR_PTR(-EAGAIN);
 732                }
 733        }
 734        up_read(&crypto_alg_sem);
 735
 736        if (shoot) {
 737                crypto_shoot_alg(target);
 738                crypto_alg_put(target);
 739        }
 740
 741        return alg;
 742}
 743
 744struct crypto_tfm *crypto_spawn_tfm(struct crypto_spawn *spawn, u32 type,
 745                                    u32 mask)
 746{
 747        struct crypto_alg *alg;
 748        struct crypto_tfm *tfm;
 749
 750        alg = crypto_spawn_alg(spawn);
 751        if (IS_ERR(alg))
 752                return ERR_CAST(alg);
 753
 754        tfm = ERR_PTR(-EINVAL);
 755        if (unlikely((alg->cra_flags ^ type) & mask))
 756                goto out_put_alg;
 757
 758        tfm = __crypto_alloc_tfm(alg, type, mask);
 759        if (IS_ERR(tfm))
 760                goto out_put_alg;
 761
 762        return tfm;
 763
 764out_put_alg:
 765        crypto_mod_put(alg);
 766        return tfm;
 767}
 768EXPORT_SYMBOL_GPL(crypto_spawn_tfm);
 769
 770void *crypto_spawn_tfm2(struct crypto_spawn *spawn)
 771{
 772        struct crypto_alg *alg;
 773        struct crypto_tfm *tfm;
 774
 775        alg = crypto_spawn_alg(spawn);
 776        if (IS_ERR(alg))
 777                return ERR_CAST(alg);
 778
 779        tfm = crypto_create_tfm(alg, spawn->frontend);
 780        if (IS_ERR(tfm))
 781                goto out_put_alg;
 782
 783        return tfm;
 784
 785out_put_alg:
 786        crypto_mod_put(alg);
 787        return tfm;
 788}
 789EXPORT_SYMBOL_GPL(crypto_spawn_tfm2);
 790
 791int crypto_register_notifier(struct notifier_block *nb)
 792{
 793        return blocking_notifier_chain_register(&crypto_chain, nb);
 794}
 795EXPORT_SYMBOL_GPL(crypto_register_notifier);
 796
 797int crypto_unregister_notifier(struct notifier_block *nb)
 798{
 799        return blocking_notifier_chain_unregister(&crypto_chain, nb);
 800}
 801EXPORT_SYMBOL_GPL(crypto_unregister_notifier);
 802
 803struct crypto_attr_type *crypto_get_attr_type(struct rtattr **tb)
 804{
 805        struct rtattr *rta = tb[0];
 806        struct crypto_attr_type *algt;
 807
 808        if (!rta)
 809                return ERR_PTR(-ENOENT);
 810        if (RTA_PAYLOAD(rta) < sizeof(*algt))
 811                return ERR_PTR(-EINVAL);
 812        if (rta->rta_type != CRYPTOA_TYPE)
 813                return ERR_PTR(-EINVAL);
 814
 815        algt = RTA_DATA(rta);
 816
 817        return algt;
 818}
 819EXPORT_SYMBOL_GPL(crypto_get_attr_type);
 820
 821/**
 822 * crypto_check_attr_type() - check algorithm type and compute inherited mask
 823 * @tb: the template parameters
 824 * @type: the algorithm type the template would be instantiated as
 825 * @mask_ret: (output) the mask that should be passed to crypto_grab_*()
 826 *            to restrict the flags of any inner algorithms
 827 *
 828 * Validate that the algorithm type the user requested is compatible with the
 829 * one the template would actually be instantiated as.  E.g., if the user is
 830 * doing crypto_alloc_shash("cbc(aes)", ...), this would return an error because
 831 * the "cbc" template creates an "skcipher" algorithm, not an "shash" algorithm.
 832 *
 833 * Also compute the mask to use to restrict the flags of any inner algorithms.
 834 *
 835 * Return: 0 on success; -errno on failure
 836 */
 837int crypto_check_attr_type(struct rtattr **tb, u32 type, u32 *mask_ret)
 838{
 839        struct crypto_attr_type *algt;
 840
 841        algt = crypto_get_attr_type(tb);
 842        if (IS_ERR(algt))
 843                return PTR_ERR(algt);
 844
 845        if ((algt->type ^ type) & algt->mask)
 846                return -EINVAL;
 847
 848        *mask_ret = crypto_algt_inherited_mask(algt);
 849        return 0;
 850}
 851EXPORT_SYMBOL_GPL(crypto_check_attr_type);
 852
 853const char *crypto_attr_alg_name(struct rtattr *rta)
 854{
 855        struct crypto_attr_alg *alga;
 856
 857        if (!rta)
 858                return ERR_PTR(-ENOENT);
 859        if (RTA_PAYLOAD(rta) < sizeof(*alga))
 860                return ERR_PTR(-EINVAL);
 861        if (rta->rta_type != CRYPTOA_ALG)
 862                return ERR_PTR(-EINVAL);
 863
 864        alga = RTA_DATA(rta);
 865        alga->name[CRYPTO_MAX_ALG_NAME - 1] = 0;
 866
 867        return alga->name;
 868}
 869EXPORT_SYMBOL_GPL(crypto_attr_alg_name);
 870
 871int crypto_inst_setname(struct crypto_instance *inst, const char *name,
 872                        struct crypto_alg *alg)
 873{
 874        if (snprintf(inst->alg.cra_name, CRYPTO_MAX_ALG_NAME, "%s(%s)", name,
 875                     alg->cra_name) >= CRYPTO_MAX_ALG_NAME)
 876                return -ENAMETOOLONG;
 877
 878        if (snprintf(inst->alg.cra_driver_name, CRYPTO_MAX_ALG_NAME, "%s(%s)",
 879                     name, alg->cra_driver_name) >= CRYPTO_MAX_ALG_NAME)
 880                return -ENAMETOOLONG;
 881
 882        return 0;
 883}
 884EXPORT_SYMBOL_GPL(crypto_inst_setname);
 885
 886void crypto_init_queue(struct crypto_queue *queue, unsigned int max_qlen)
 887{
 888        INIT_LIST_HEAD(&queue->list);
 889        queue->backlog = &queue->list;
 890        queue->qlen = 0;
 891        queue->max_qlen = max_qlen;
 892}
 893EXPORT_SYMBOL_GPL(crypto_init_queue);
 894
 895int crypto_enqueue_request(struct crypto_queue *queue,
 896                           struct crypto_async_request *request)
 897{
 898        int err = -EINPROGRESS;
 899
 900        if (unlikely(queue->qlen >= queue->max_qlen)) {
 901                if (!(request->flags & CRYPTO_TFM_REQ_MAY_BACKLOG)) {
 902                        err = -ENOSPC;
 903                        goto out;
 904                }
 905                err = -EBUSY;
 906                if (queue->backlog == &queue->list)
 907                        queue->backlog = &request->list;
 908        }
 909
 910        queue->qlen++;
 911        list_add_tail(&request->list, &queue->list);
 912
 913out:
 914        return err;
 915}
 916EXPORT_SYMBOL_GPL(crypto_enqueue_request);
 917
 918void crypto_enqueue_request_head(struct crypto_queue *queue,
 919                                 struct crypto_async_request *request)
 920{
 921        queue->qlen++;
 922        list_add(&request->list, &queue->list);
 923}
 924EXPORT_SYMBOL_GPL(crypto_enqueue_request_head);
 925
 926struct crypto_async_request *crypto_dequeue_request(struct crypto_queue *queue)
 927{
 928        struct list_head *request;
 929
 930        if (unlikely(!queue->qlen))
 931                return NULL;
 932
 933        queue->qlen--;
 934
 935        if (queue->backlog != &queue->list)
 936                queue->backlog = queue->backlog->next;
 937
 938        request = queue->list.next;
 939        list_del(request);
 940
 941        return list_entry(request, struct crypto_async_request, list);
 942}
 943EXPORT_SYMBOL_GPL(crypto_dequeue_request);
 944
 945static inline void crypto_inc_byte(u8 *a, unsigned int size)
 946{
 947        u8 *b = (a + size);
 948        u8 c;
 949
 950        for (; size; size--) {
 951                c = *--b + 1;
 952                *b = c;
 953                if (c)
 954                        break;
 955        }
 956}
 957
 958void crypto_inc(u8 *a, unsigned int size)
 959{
 960        __be32 *b = (__be32 *)(a + size);
 961        u32 c;
 962
 963        if (IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) ||
 964            IS_ALIGNED((unsigned long)b, __alignof__(*b)))
 965                for (; size >= 4; size -= 4) {
 966                        c = be32_to_cpu(*--b) + 1;
 967                        *b = cpu_to_be32(c);
 968                        if (likely(c))
 969                                return;
 970                }
 971
 972        crypto_inc_byte(a, size);
 973}
 974EXPORT_SYMBOL_GPL(crypto_inc);
 975
 976void __crypto_xor(u8 *dst, const u8 *src1, const u8 *src2, unsigned int len)
 977{
 978        int relalign = 0;
 979
 980        if (!IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS)) {
 981                int size = sizeof(unsigned long);
 982                int d = (((unsigned long)dst ^ (unsigned long)src1) |
 983                         ((unsigned long)dst ^ (unsigned long)src2)) &
 984                        (size - 1);
 985
 986                relalign = d ? 1 << __ffs(d) : size;
 987
 988                /*
 989                 * If we care about alignment, process as many bytes as
 990                 * needed to advance dst and src to values whose alignments
 991                 * equal their relative alignment. This will allow us to
 992                 * process the remainder of the input using optimal strides.
 993                 */
 994                while (((unsigned long)dst & (relalign - 1)) && len > 0) {
 995                        *dst++ = *src1++ ^ *src2++;
 996                        len--;
 997                }
 998        }
 999
1000        while (IS_ENABLED(CONFIG_64BIT) && len >= 8 && !(relalign & 7)) {
1001                *(u64 *)dst = *(u64 *)src1 ^  *(u64 *)src2;
1002                dst += 8;
1003                src1 += 8;
1004                src2 += 8;
1005                len -= 8;
1006        }
1007
1008        while (len >= 4 && !(relalign & 3)) {
1009                *(u32 *)dst = *(u32 *)src1 ^ *(u32 *)src2;
1010                dst += 4;
1011                src1 += 4;
1012                src2 += 4;
1013                len -= 4;
1014        }
1015
1016        while (len >= 2 && !(relalign & 1)) {
1017                *(u16 *)dst = *(u16 *)src1 ^ *(u16 *)src2;
1018                dst += 2;
1019                src1 += 2;
1020                src2 += 2;
1021                len -= 2;
1022        }
1023
1024        while (len--)
1025                *dst++ = *src1++ ^ *src2++;
1026}
1027EXPORT_SYMBOL_GPL(__crypto_xor);
1028
1029unsigned int crypto_alg_extsize(struct crypto_alg *alg)
1030{
1031        return alg->cra_ctxsize +
1032               (alg->cra_alignmask & ~(crypto_tfm_ctx_alignment() - 1));
1033}
1034EXPORT_SYMBOL_GPL(crypto_alg_extsize);
1035
1036int crypto_type_has_alg(const char *name, const struct crypto_type *frontend,
1037                        u32 type, u32 mask)
1038{
1039        int ret = 0;
1040        struct crypto_alg *alg = crypto_find_alg(name, frontend, type, mask);
1041
1042        if (!IS_ERR(alg)) {
1043                crypto_mod_put(alg);
1044                ret = 1;
1045        }
1046
1047        return ret;
1048}
1049EXPORT_SYMBOL_GPL(crypto_type_has_alg);
1050
1051#ifdef CONFIG_CRYPTO_STATS
1052void crypto_stats_init(struct crypto_alg *alg)
1053{
1054        memset(&alg->stats, 0, sizeof(alg->stats));
1055}
1056EXPORT_SYMBOL_GPL(crypto_stats_init);
1057
1058void crypto_stats_get(struct crypto_alg *alg)
1059{
1060        crypto_alg_get(alg);
1061}
1062EXPORT_SYMBOL_GPL(crypto_stats_get);
1063
1064void crypto_stats_aead_encrypt(unsigned int cryptlen, struct crypto_alg *alg,
1065                               int ret)
1066{
1067        if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1068                atomic64_inc(&alg->stats.aead.err_cnt);
1069        } else {
1070                atomic64_inc(&alg->stats.aead.encrypt_cnt);
1071                atomic64_add(cryptlen, &alg->stats.aead.encrypt_tlen);
1072        }
1073        crypto_alg_put(alg);
1074}
1075EXPORT_SYMBOL_GPL(crypto_stats_aead_encrypt);
1076
1077void crypto_stats_aead_decrypt(unsigned int cryptlen, struct crypto_alg *alg,
1078                               int ret)
1079{
1080        if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1081                atomic64_inc(&alg->stats.aead.err_cnt);
1082        } else {
1083                atomic64_inc(&alg->stats.aead.decrypt_cnt);
1084                atomic64_add(cryptlen, &alg->stats.aead.decrypt_tlen);
1085        }
1086        crypto_alg_put(alg);
1087}
1088EXPORT_SYMBOL_GPL(crypto_stats_aead_decrypt);
1089
1090void crypto_stats_akcipher_encrypt(unsigned int src_len, int ret,
1091                                   struct crypto_alg *alg)
1092{
1093        if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1094                atomic64_inc(&alg->stats.akcipher.err_cnt);
1095        } else {
1096                atomic64_inc(&alg->stats.akcipher.encrypt_cnt);
1097                atomic64_add(src_len, &alg->stats.akcipher.encrypt_tlen);
1098        }
1099        crypto_alg_put(alg);
1100}
1101EXPORT_SYMBOL_GPL(crypto_stats_akcipher_encrypt);
1102
1103void crypto_stats_akcipher_decrypt(unsigned int src_len, int ret,
1104                                   struct crypto_alg *alg)
1105{
1106        if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1107                atomic64_inc(&alg->stats.akcipher.err_cnt);
1108        } else {
1109                atomic64_inc(&alg->stats.akcipher.decrypt_cnt);
1110                atomic64_add(src_len, &alg->stats.akcipher.decrypt_tlen);
1111        }
1112        crypto_alg_put(alg);
1113}
1114EXPORT_SYMBOL_GPL(crypto_stats_akcipher_decrypt);
1115
1116void crypto_stats_akcipher_sign(int ret, struct crypto_alg *alg)
1117{
1118        if (ret && ret != -EINPROGRESS && ret != -EBUSY)
1119                atomic64_inc(&alg->stats.akcipher.err_cnt);
1120        else
1121                atomic64_inc(&alg->stats.akcipher.sign_cnt);
1122        crypto_alg_put(alg);
1123}
1124EXPORT_SYMBOL_GPL(crypto_stats_akcipher_sign);
1125
1126void crypto_stats_akcipher_verify(int ret, struct crypto_alg *alg)
1127{
1128        if (ret && ret != -EINPROGRESS && ret != -EBUSY)
1129                atomic64_inc(&alg->stats.akcipher.err_cnt);
1130        else
1131                atomic64_inc(&alg->stats.akcipher.verify_cnt);
1132        crypto_alg_put(alg);
1133}
1134EXPORT_SYMBOL_GPL(crypto_stats_akcipher_verify);
1135
1136void crypto_stats_compress(unsigned int slen, int ret, struct crypto_alg *alg)
1137{
1138        if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1139                atomic64_inc(&alg->stats.compress.err_cnt);
1140        } else {
1141                atomic64_inc(&alg->stats.compress.compress_cnt);
1142                atomic64_add(slen, &alg->stats.compress.compress_tlen);
1143        }
1144        crypto_alg_put(alg);
1145}
1146EXPORT_SYMBOL_GPL(crypto_stats_compress);
1147
1148void crypto_stats_decompress(unsigned int slen, int ret, struct crypto_alg *alg)
1149{
1150        if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1151                atomic64_inc(&alg->stats.compress.err_cnt);
1152        } else {
1153                atomic64_inc(&alg->stats.compress.decompress_cnt);
1154                atomic64_add(slen, &alg->stats.compress.decompress_tlen);
1155        }
1156        crypto_alg_put(alg);
1157}
1158EXPORT_SYMBOL_GPL(crypto_stats_decompress);
1159
1160void crypto_stats_ahash_update(unsigned int nbytes, int ret,
1161                               struct crypto_alg *alg)
1162{
1163        if (ret && ret != -EINPROGRESS && ret != -EBUSY)
1164                atomic64_inc(&alg->stats.hash.err_cnt);
1165        else
1166                atomic64_add(nbytes, &alg->stats.hash.hash_tlen);
1167        crypto_alg_put(alg);
1168}
1169EXPORT_SYMBOL_GPL(crypto_stats_ahash_update);
1170
1171void crypto_stats_ahash_final(unsigned int nbytes, int ret,
1172                              struct crypto_alg *alg)
1173{
1174        if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1175                atomic64_inc(&alg->stats.hash.err_cnt);
1176        } else {
1177                atomic64_inc(&alg->stats.hash.hash_cnt);
1178                atomic64_add(nbytes, &alg->stats.hash.hash_tlen);
1179        }
1180        crypto_alg_put(alg);
1181}
1182EXPORT_SYMBOL_GPL(crypto_stats_ahash_final);
1183
1184void crypto_stats_kpp_set_secret(struct crypto_alg *alg, int ret)
1185{
1186        if (ret)
1187                atomic64_inc(&alg->stats.kpp.err_cnt);
1188        else
1189                atomic64_inc(&alg->stats.kpp.setsecret_cnt);
1190        crypto_alg_put(alg);
1191}
1192EXPORT_SYMBOL_GPL(crypto_stats_kpp_set_secret);
1193
1194void crypto_stats_kpp_generate_public_key(struct crypto_alg *alg, int ret)
1195{
1196        if (ret)
1197                atomic64_inc(&alg->stats.kpp.err_cnt);
1198        else
1199                atomic64_inc(&alg->stats.kpp.generate_public_key_cnt);
1200        crypto_alg_put(alg);
1201}
1202EXPORT_SYMBOL_GPL(crypto_stats_kpp_generate_public_key);
1203
1204void crypto_stats_kpp_compute_shared_secret(struct crypto_alg *alg, int ret)
1205{
1206        if (ret)
1207                atomic64_inc(&alg->stats.kpp.err_cnt);
1208        else
1209                atomic64_inc(&alg->stats.kpp.compute_shared_secret_cnt);
1210        crypto_alg_put(alg);
1211}
1212EXPORT_SYMBOL_GPL(crypto_stats_kpp_compute_shared_secret);
1213
1214void crypto_stats_rng_seed(struct crypto_alg *alg, int ret)
1215{
1216        if (ret && ret != -EINPROGRESS && ret != -EBUSY)
1217                atomic64_inc(&alg->stats.rng.err_cnt);
1218        else
1219                atomic64_inc(&alg->stats.rng.seed_cnt);
1220        crypto_alg_put(alg);
1221}
1222EXPORT_SYMBOL_GPL(crypto_stats_rng_seed);
1223
1224void crypto_stats_rng_generate(struct crypto_alg *alg, unsigned int dlen,
1225                               int ret)
1226{
1227        if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1228                atomic64_inc(&alg->stats.rng.err_cnt);
1229        } else {
1230                atomic64_inc(&alg->stats.rng.generate_cnt);
1231                atomic64_add(dlen, &alg->stats.rng.generate_tlen);
1232        }
1233        crypto_alg_put(alg);
1234}
1235EXPORT_SYMBOL_GPL(crypto_stats_rng_generate);
1236
1237void crypto_stats_skcipher_encrypt(unsigned int cryptlen, int ret,
1238                                   struct crypto_alg *alg)
1239{
1240        if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1241                atomic64_inc(&alg->stats.cipher.err_cnt);
1242        } else {
1243                atomic64_inc(&alg->stats.cipher.encrypt_cnt);
1244                atomic64_add(cryptlen, &alg->stats.cipher.encrypt_tlen);
1245        }
1246        crypto_alg_put(alg);
1247}
1248EXPORT_SYMBOL_GPL(crypto_stats_skcipher_encrypt);
1249
1250void crypto_stats_skcipher_decrypt(unsigned int cryptlen, int ret,
1251                                   struct crypto_alg *alg)
1252{
1253        if (ret && ret != -EINPROGRESS && ret != -EBUSY) {
1254                atomic64_inc(&alg->stats.cipher.err_cnt);
1255        } else {
1256                atomic64_inc(&alg->stats.cipher.decrypt_cnt);
1257                atomic64_add(cryptlen, &alg->stats.cipher.decrypt_tlen);
1258        }
1259        crypto_alg_put(alg);
1260}
1261EXPORT_SYMBOL_GPL(crypto_stats_skcipher_decrypt);
1262#endif
1263
1264static int __init crypto_algapi_init(void)
1265{
1266        crypto_init_proc();
1267        return 0;
1268}
1269
1270static void __exit crypto_algapi_exit(void)
1271{
1272        crypto_exit_proc();
1273}
1274
1275module_init(crypto_algapi_init);
1276module_exit(crypto_algapi_exit);
1277
1278MODULE_LICENSE("GPL");
1279MODULE_DESCRIPTION("Cryptographic algorithms API");
1280