diff options
| author | Eric Biggers <ebiggers@google.com> | 2019-04-14 20:37:09 -0400 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2019-04-25 03:38:12 -0400 |
| commit | 877b5691f27a1aec0d9b53095a323e45c30069e2 (patch) | |
| tree | 59eba93e8d253fb0e12a0a2040de99e96e873933 /security | |
| parent | 75f2222832e0fecba7a45ca6ac07ea895ea1e046 (diff) | |
crypto: shash - remove shash_desc::flags
The flags field in 'struct shash_desc' never actually does anything.
The only ostensibly supported flag is CRYPTO_TFM_REQ_MAY_SLEEP.
However, no shash algorithm ever sleeps, making this flag a no-op.
With this being the case, inevitably some users who can't sleep wrongly
pass MAY_SLEEP. These would all need to be fixed if any shash algorithm
actually started sleeping. For example, the shash_ahash_*() functions,
which wrap a shash algorithm with the ahash API, pass through MAY_SLEEP
from the ahash API to the shash API. However, the shash functions are
called under kmap_atomic(), so actually they're assumed to never sleep.
Even if it turns out that some users do need preemption points while
hashing large buffers, we could easily provide a helper function
crypto_shash_update_large() which divides the data into smaller chunks
and calls crypto_shash_update() and cond_resched() for each chunk. It's
not necessary to have a flag in 'struct shash_desc', nor is it necessary
to make individual shash algorithms aware of this at all.
Therefore, remove shash_desc::flags, and document that the
crypto_shash_*() functions can be called from any context.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'security')
| -rw-r--r-- | security/apparmor/crypto.c | 2 | ||||
| -rw-r--r-- | security/integrity/evm/evm_crypto.c | 1 | ||||
| -rw-r--r-- | security/integrity/ima/ima_crypto.c | 4 | ||||
| -rw-r--r-- | security/keys/dh.c | 1 | ||||
| -rw-r--r-- | security/keys/encrypted-keys/encrypted.c | 1 | ||||
| -rw-r--r-- | security/keys/trusted.c | 1 |
6 files changed, 0 insertions, 10 deletions
diff --git a/security/apparmor/crypto.c b/security/apparmor/crypto.c index af03d98c7552..baba63bc66b1 100644 --- a/security/apparmor/crypto.c +++ b/security/apparmor/crypto.c | |||
| @@ -43,7 +43,6 @@ char *aa_calc_hash(void *data, size_t len) | |||
| 43 | goto fail; | 43 | goto fail; |
| 44 | 44 | ||
| 45 | desc->tfm = apparmor_tfm; | 45 | desc->tfm = apparmor_tfm; |
| 46 | desc->flags = 0; | ||
| 47 | 46 | ||
| 48 | error = crypto_shash_init(desc); | 47 | error = crypto_shash_init(desc); |
| 49 | if (error) | 48 | if (error) |
| @@ -81,7 +80,6 @@ int aa_calc_profile_hash(struct aa_profile *profile, u32 version, void *start, | |||
| 81 | goto fail; | 80 | goto fail; |
| 82 | 81 | ||
| 83 | desc->tfm = apparmor_tfm; | 82 | desc->tfm = apparmor_tfm; |
| 84 | desc->flags = 0; | ||
| 85 | 83 | ||
| 86 | error = crypto_shash_init(desc); | 84 | error = crypto_shash_init(desc); |
| 87 | if (error) | 85 | if (error) |
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c index c37d08118af5..e11564eb645b 100644 --- a/security/integrity/evm/evm_crypto.c +++ b/security/integrity/evm/evm_crypto.c | |||
| @@ -124,7 +124,6 @@ out: | |||
| 124 | return ERR_PTR(-ENOMEM); | 124 | return ERR_PTR(-ENOMEM); |
| 125 | 125 | ||
| 126 | desc->tfm = *tfm; | 126 | desc->tfm = *tfm; |
| 127 | desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP; | ||
| 128 | 127 | ||
| 129 | rc = crypto_shash_init(desc); | 128 | rc = crypto_shash_init(desc); |
| 130 | if (rc) { | 129 | if (rc) { |
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index 16a4f45863b1..a32878e10ebc 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c | |||
| @@ -333,7 +333,6 @@ static int ima_calc_file_hash_tfm(struct file *file, | |||
| 333 | SHASH_DESC_ON_STACK(shash, tfm); | 333 | SHASH_DESC_ON_STACK(shash, tfm); |
| 334 | 334 | ||
| 335 | shash->tfm = tfm; | 335 | shash->tfm = tfm; |
| 336 | shash->flags = 0; | ||
| 337 | 336 | ||
| 338 | hash->length = crypto_shash_digestsize(tfm); | 337 | hash->length = crypto_shash_digestsize(tfm); |
| 339 | 338 | ||
| @@ -469,7 +468,6 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, | |||
| 469 | int rc, i; | 468 | int rc, i; |
| 470 | 469 | ||
| 471 | shash->tfm = tfm; | 470 | shash->tfm = tfm; |
| 472 | shash->flags = 0; | ||
| 473 | 471 | ||
| 474 | hash->length = crypto_shash_digestsize(tfm); | 472 | hash->length = crypto_shash_digestsize(tfm); |
| 475 | 473 | ||
| @@ -591,7 +589,6 @@ static int calc_buffer_shash_tfm(const void *buf, loff_t size, | |||
| 591 | int rc; | 589 | int rc; |
| 592 | 590 | ||
| 593 | shash->tfm = tfm; | 591 | shash->tfm = tfm; |
| 594 | shash->flags = 0; | ||
| 595 | 592 | ||
| 596 | hash->length = crypto_shash_digestsize(tfm); | 593 | hash->length = crypto_shash_digestsize(tfm); |
| 597 | 594 | ||
| @@ -664,7 +661,6 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest, | |||
| 664 | SHASH_DESC_ON_STACK(shash, tfm); | 661 | SHASH_DESC_ON_STACK(shash, tfm); |
| 665 | 662 | ||
| 666 | shash->tfm = tfm; | 663 | shash->tfm = tfm; |
| 667 | shash->flags = 0; | ||
| 668 | 664 | ||
| 669 | rc = crypto_shash_init(shash); | 665 | rc = crypto_shash_init(shash); |
| 670 | if (rc != 0) | 666 | if (rc != 0) |
diff --git a/security/keys/dh.c b/security/keys/dh.c index 711e89d8c415..23f95dec771b 100644 --- a/security/keys/dh.c +++ b/security/keys/dh.c | |||
| @@ -112,7 +112,6 @@ static int kdf_alloc(struct kdf_sdesc **sdesc_ret, char *hashname) | |||
| 112 | if (!sdesc) | 112 | if (!sdesc) |
| 113 | goto out_free_tfm; | 113 | goto out_free_tfm; |
| 114 | sdesc->shash.tfm = tfm; | 114 | sdesc->shash.tfm = tfm; |
| 115 | sdesc->shash.flags = 0x0; | ||
| 116 | 115 | ||
| 117 | *sdesc_ret = sdesc; | 116 | *sdesc_ret = sdesc; |
| 118 | 117 | ||
diff --git a/security/keys/encrypted-keys/encrypted.c b/security/keys/encrypted-keys/encrypted.c index 347108f660a1..1b1456b21a93 100644 --- a/security/keys/encrypted-keys/encrypted.c +++ b/security/keys/encrypted-keys/encrypted.c | |||
| @@ -333,7 +333,6 @@ static int calc_hash(struct crypto_shash *tfm, u8 *digest, | |||
| 333 | int err; | 333 | int err; |
| 334 | 334 | ||
| 335 | desc->tfm = tfm; | 335 | desc->tfm = tfm; |
| 336 | desc->flags = 0; | ||
| 337 | 336 | ||
| 338 | err = crypto_shash_digest(desc, buf, buflen, digest); | 337 | err = crypto_shash_digest(desc, buf, buflen, digest); |
| 339 | shash_desc_zero(desc); | 338 | shash_desc_zero(desc); |
diff --git a/security/keys/trusted.c b/security/keys/trusted.c index bcc9c6ead7fd..45ffd9e53937 100644 --- a/security/keys/trusted.c +++ b/security/keys/trusted.c | |||
| @@ -55,7 +55,6 @@ static struct sdesc *init_sdesc(struct crypto_shash *alg) | |||
| 55 | if (!sdesc) | 55 | if (!sdesc) |
| 56 | return ERR_PTR(-ENOMEM); | 56 | return ERR_PTR(-ENOMEM); |
| 57 | sdesc->shash.tfm = alg; | 57 | sdesc->shash.tfm = alg; |
| 58 | sdesc->shash.flags = 0x0; | ||
| 59 | return sdesc; | 58 | return sdesc; |
| 60 | } | 59 | } |
| 61 | 60 | ||