diff options
-rw-r--r-- | drivers/md/dm-crypt.c | 30 | ||||
-rw-r--r-- | drivers/net/ppp_mppe.c | 34 | ||||
-rw-r--r-- | fs/nfsd/nfs4recover.c | 21 | ||||
-rw-r--r-- | net/ieee80211/ieee80211_crypt_tkip.c | 25 | ||||
-rw-r--r-- | net/sunrpc/auth_gss/gss_krb5_crypto.c | 38 | ||||
-rw-r--r-- | security/seclvl.c | 18 |
6 files changed, 97 insertions, 69 deletions
diff --git a/drivers/md/dm-crypt.c b/drivers/md/dm-crypt.c index 91d4081cb00e..73f8be837a45 100644 --- a/drivers/md/dm-crypt.c +++ b/drivers/md/dm-crypt.c | |||
@@ -122,7 +122,8 @@ static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti, | |||
122 | const char *opts) | 122 | const char *opts) |
123 | { | 123 | { |
124 | struct crypto_cipher *essiv_tfm; | 124 | struct crypto_cipher *essiv_tfm; |
125 | struct crypto_tfm *hash_tfm; | 125 | struct crypto_hash *hash_tfm; |
126 | struct hash_desc desc; | ||
126 | struct scatterlist sg; | 127 | struct scatterlist sg; |
127 | unsigned int saltsize; | 128 | unsigned int saltsize; |
128 | u8 *salt; | 129 | u8 *salt; |
@@ -134,29 +135,30 @@ static int crypt_iv_essiv_ctr(struct crypt_config *cc, struct dm_target *ti, | |||
134 | } | 135 | } |
135 | 136 | ||
136 | /* Hash the cipher key with the given hash algorithm */ | 137 | /* Hash the cipher key with the given hash algorithm */ |
137 | hash_tfm = crypto_alloc_tfm(opts, CRYPTO_TFM_REQ_MAY_SLEEP); | 138 | hash_tfm = crypto_alloc_hash(opts, 0, CRYPTO_ALG_ASYNC); |
138 | if (hash_tfm == NULL) { | 139 | if (IS_ERR(hash_tfm)) { |
139 | ti->error = "Error initializing ESSIV hash"; | 140 | ti->error = "Error initializing ESSIV hash"; |
140 | return -EINVAL; | 141 | return PTR_ERR(hash_tfm); |
141 | } | ||
142 | |||
143 | if (crypto_tfm_alg_type(hash_tfm) != CRYPTO_ALG_TYPE_DIGEST) { | ||
144 | ti->error = "Expected digest algorithm for ESSIV hash"; | ||
145 | crypto_free_tfm(hash_tfm); | ||
146 | return -EINVAL; | ||
147 | } | 142 | } |
148 | 143 | ||
149 | saltsize = crypto_tfm_alg_digestsize(hash_tfm); | 144 | saltsize = crypto_hash_digestsize(hash_tfm); |
150 | salt = kmalloc(saltsize, GFP_KERNEL); | 145 | salt = kmalloc(saltsize, GFP_KERNEL); |
151 | if (salt == NULL) { | 146 | if (salt == NULL) { |
152 | ti->error = "Error kmallocing salt storage in ESSIV"; | 147 | ti->error = "Error kmallocing salt storage in ESSIV"; |
153 | crypto_free_tfm(hash_tfm); | 148 | crypto_free_hash(hash_tfm); |
154 | return -ENOMEM; | 149 | return -ENOMEM; |
155 | } | 150 | } |
156 | 151 | ||
157 | sg_set_buf(&sg, cc->key, cc->key_size); | 152 | sg_set_buf(&sg, cc->key, cc->key_size); |
158 | crypto_digest_digest(hash_tfm, &sg, 1, salt); | 153 | desc.tfm = hash_tfm; |
159 | crypto_free_tfm(hash_tfm); | 154 | desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; |
155 | err = crypto_hash_digest(&desc, &sg, cc->key_size, salt); | ||
156 | crypto_free_hash(hash_tfm); | ||
157 | |||
158 | if (err) { | ||
159 | ti->error = "Error calculating hash in ESSIV"; | ||
160 | return err; | ||
161 | } | ||
160 | 162 | ||
161 | /* Setup the essiv_tfm with the given salt */ | 163 | /* Setup the essiv_tfm with the given salt */ |
162 | essiv_tfm = crypto_alloc_cipher(cc->cipher, 0, CRYPTO_ALG_ASYNC); | 164 | essiv_tfm = crypto_alloc_cipher(cc->cipher, 0, CRYPTO_ALG_ASYNC); |
diff --git a/drivers/net/ppp_mppe.c b/drivers/net/ppp_mppe.c index 495d8667419a..e7a0eb4fca60 100644 --- a/drivers/net/ppp_mppe.c +++ b/drivers/net/ppp_mppe.c | |||
@@ -65,12 +65,13 @@ MODULE_LICENSE("Dual BSD/GPL"); | |||
65 | MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE)); | 65 | MODULE_ALIAS("ppp-compress-" __stringify(CI_MPPE)); |
66 | MODULE_VERSION("1.0.2"); | 66 | MODULE_VERSION("1.0.2"); |
67 | 67 | ||
68 | static void | 68 | static unsigned int |
69 | setup_sg(struct scatterlist *sg, const void *address, unsigned int length) | 69 | setup_sg(struct scatterlist *sg, const void *address, unsigned int length) |
70 | { | 70 | { |
71 | sg[0].page = virt_to_page(address); | 71 | sg[0].page = virt_to_page(address); |
72 | sg[0].offset = offset_in_page(address); | 72 | sg[0].offset = offset_in_page(address); |
73 | sg[0].length = length; | 73 | sg[0].length = length; |
74 | return length; | ||
74 | } | 75 | } |
75 | 76 | ||
76 | #define SHA1_PAD_SIZE 40 | 77 | #define SHA1_PAD_SIZE 40 |
@@ -97,7 +98,7 @@ static inline void sha_pad_init(struct sha_pad *shapad) | |||
97 | */ | 98 | */ |
98 | struct ppp_mppe_state { | 99 | struct ppp_mppe_state { |
99 | struct crypto_blkcipher *arc4; | 100 | struct crypto_blkcipher *arc4; |
100 | struct crypto_tfm *sha1; | 101 | struct crypto_hash *sha1; |
101 | unsigned char *sha1_digest; | 102 | unsigned char *sha1_digest; |
102 | unsigned char master_key[MPPE_MAX_KEY_LEN]; | 103 | unsigned char master_key[MPPE_MAX_KEY_LEN]; |
103 | unsigned char session_key[MPPE_MAX_KEY_LEN]; | 104 | unsigned char session_key[MPPE_MAX_KEY_LEN]; |
@@ -137,14 +138,21 @@ struct ppp_mppe_state { | |||
137 | */ | 138 | */ |
138 | static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *InterimKey) | 139 | static void get_new_key_from_sha(struct ppp_mppe_state * state, unsigned char *InterimKey) |
139 | { | 140 | { |
141 | struct hash_desc desc; | ||
140 | struct scatterlist sg[4]; | 142 | struct scatterlist sg[4]; |
143 | unsigned int nbytes; | ||
141 | 144 | ||
142 | setup_sg(&sg[0], state->master_key, state->keylen); | 145 | nbytes = setup_sg(&sg[0], state->master_key, state->keylen); |
143 | setup_sg(&sg[1], sha_pad->sha_pad1, sizeof(sha_pad->sha_pad1)); | 146 | nbytes += setup_sg(&sg[1], sha_pad->sha_pad1, |
144 | setup_sg(&sg[2], state->session_key, state->keylen); | 147 | sizeof(sha_pad->sha_pad1)); |
145 | setup_sg(&sg[3], sha_pad->sha_pad2, sizeof(sha_pad->sha_pad2)); | 148 | nbytes += setup_sg(&sg[2], state->session_key, state->keylen); |
149 | nbytes += setup_sg(&sg[3], sha_pad->sha_pad2, | ||
150 | sizeof(sha_pad->sha_pad2)); | ||
146 | 151 | ||
147 | crypto_digest_digest (state->sha1, sg, 4, state->sha1_digest); | 152 | desc.tfm = state->sha1; |
153 | desc.flags = 0; | ||
154 | |||
155 | crypto_hash_digest(&desc, sg, nbytes, state->sha1_digest); | ||
148 | 156 | ||
149 | memcpy(InterimKey, state->sha1_digest, state->keylen); | 157 | memcpy(InterimKey, state->sha1_digest, state->keylen); |
150 | } | 158 | } |
@@ -204,11 +212,13 @@ static void *mppe_alloc(unsigned char *options, int optlen) | |||
204 | goto out_free; | 212 | goto out_free; |
205 | } | 213 | } |
206 | 214 | ||
207 | state->sha1 = crypto_alloc_tfm("sha1", 0); | 215 | state->sha1 = crypto_alloc_hash("sha1", 0, CRYPTO_ALG_ASYNC); |
208 | if (!state->sha1) | 216 | if (IS_ERR(state->sha1)) { |
217 | state->sha1 = NULL; | ||
209 | goto out_free; | 218 | goto out_free; |
219 | } | ||
210 | 220 | ||
211 | digestsize = crypto_tfm_alg_digestsize(state->sha1); | 221 | digestsize = crypto_hash_digestsize(state->sha1); |
212 | if (digestsize < MPPE_MAX_KEY_LEN) | 222 | if (digestsize < MPPE_MAX_KEY_LEN) |
213 | goto out_free; | 223 | goto out_free; |
214 | 224 | ||
@@ -233,7 +243,7 @@ static void *mppe_alloc(unsigned char *options, int optlen) | |||
233 | if (state->sha1_digest) | 243 | if (state->sha1_digest) |
234 | kfree(state->sha1_digest); | 244 | kfree(state->sha1_digest); |
235 | if (state->sha1) | 245 | if (state->sha1) |
236 | crypto_free_tfm(state->sha1); | 246 | crypto_free_hash(state->sha1); |
237 | if (state->arc4) | 247 | if (state->arc4) |
238 | crypto_free_blkcipher(state->arc4); | 248 | crypto_free_blkcipher(state->arc4); |
239 | kfree(state); | 249 | kfree(state); |
@@ -251,7 +261,7 @@ static void mppe_free(void *arg) | |||
251 | if (state->sha1_digest) | 261 | if (state->sha1_digest) |
252 | kfree(state->sha1_digest); | 262 | kfree(state->sha1_digest); |
253 | if (state->sha1) | 263 | if (state->sha1) |
254 | crypto_free_tfm(state->sha1); | 264 | crypto_free_hash(state->sha1); |
255 | if (state->arc4) | 265 | if (state->arc4) |
256 | crypto_free_blkcipher(state->arc4); | 266 | crypto_free_blkcipher(state->arc4); |
257 | kfree(state); | 267 | kfree(state); |
diff --git a/fs/nfsd/nfs4recover.c b/fs/nfsd/nfs4recover.c index 06da7506363c..e35d7e52fdeb 100644 --- a/fs/nfsd/nfs4recover.c +++ b/fs/nfsd/nfs4recover.c | |||
@@ -33,7 +33,7 @@ | |||
33 | * | 33 | * |
34 | */ | 34 | */ |
35 | 35 | ||
36 | 36 | #include <linux/err.h> | |
37 | #include <linux/sunrpc/svc.h> | 37 | #include <linux/sunrpc/svc.h> |
38 | #include <linux/nfsd/nfsd.h> | 38 | #include <linux/nfsd/nfsd.h> |
39 | #include <linux/nfs4.h> | 39 | #include <linux/nfs4.h> |
@@ -87,34 +87,35 @@ int | |||
87 | nfs4_make_rec_clidname(char *dname, struct xdr_netobj *clname) | 87 | nfs4_make_rec_clidname(char *dname, struct xdr_netobj *clname) |
88 | { | 88 | { |
89 | struct xdr_netobj cksum; | 89 | struct xdr_netobj cksum; |
90 | struct crypto_tfm *tfm; | 90 | struct hash_desc desc; |
91 | struct scatterlist sg[1]; | 91 | struct scatterlist sg[1]; |
92 | int status = nfserr_resource; | 92 | int status = nfserr_resource; |
93 | 93 | ||
94 | dprintk("NFSD: nfs4_make_rec_clidname for %.*s\n", | 94 | dprintk("NFSD: nfs4_make_rec_clidname for %.*s\n", |
95 | clname->len, clname->data); | 95 | clname->len, clname->data); |
96 | tfm = crypto_alloc_tfm("md5", CRYPTO_TFM_REQ_MAY_SLEEP); | 96 | desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; |
97 | if (tfm == NULL) | 97 | desc.tfm = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC); |
98 | goto out; | 98 | if (IS_ERR(desc.tfm)) |
99 | cksum.len = crypto_tfm_alg_digestsize(tfm); | 99 | goto out_no_tfm; |
100 | cksum.len = crypto_hash_digestsize(desc.tfm); | ||
100 | cksum.data = kmalloc(cksum.len, GFP_KERNEL); | 101 | cksum.data = kmalloc(cksum.len, GFP_KERNEL); |
101 | if (cksum.data == NULL) | 102 | if (cksum.data == NULL) |
102 | goto out; | 103 | goto out; |
103 | crypto_digest_init(tfm); | ||
104 | 104 | ||
105 | sg[0].page = virt_to_page(clname->data); | 105 | sg[0].page = virt_to_page(clname->data); |
106 | sg[0].offset = offset_in_page(clname->data); | 106 | sg[0].offset = offset_in_page(clname->data); |
107 | sg[0].length = clname->len; | 107 | sg[0].length = clname->len; |
108 | 108 | ||
109 | crypto_digest_update(tfm, sg, 1); | 109 | if (crypto_hash_digest(&desc, sg, sg->length, cksum.data)) |
110 | crypto_digest_final(tfm, cksum.data); | 110 | goto out; |
111 | 111 | ||
112 | md5_to_hex(dname, cksum.data); | 112 | md5_to_hex(dname, cksum.data); |
113 | 113 | ||
114 | kfree(cksum.data); | 114 | kfree(cksum.data); |
115 | status = nfs_ok; | 115 | status = nfs_ok; |
116 | out: | 116 | out: |
117 | crypto_free_tfm(tfm); | 117 | crypto_free_hash(desc.tfm); |
118 | out_no_tfm: | ||
118 | return status; | 119 | return status; |
119 | } | 120 | } |
120 | 121 | ||
diff --git a/net/ieee80211/ieee80211_crypt_tkip.c b/net/ieee80211/ieee80211_crypt_tkip.c index d60ce9b49b4f..407a17495b61 100644 --- a/net/ieee80211/ieee80211_crypt_tkip.c +++ b/net/ieee80211/ieee80211_crypt_tkip.c | |||
@@ -54,7 +54,7 @@ struct ieee80211_tkip_data { | |||
54 | int key_idx; | 54 | int key_idx; |
55 | 55 | ||
56 | struct crypto_blkcipher *tfm_arc4; | 56 | struct crypto_blkcipher *tfm_arc4; |
57 | struct crypto_tfm *tfm_michael; | 57 | struct crypto_hash *tfm_michael; |
58 | 58 | ||
59 | /* scratch buffers for virt_to_page() (crypto API) */ | 59 | /* scratch buffers for virt_to_page() (crypto API) */ |
60 | u8 rx_hdr[16], tx_hdr[16]; | 60 | u8 rx_hdr[16], tx_hdr[16]; |
@@ -95,10 +95,12 @@ static void *ieee80211_tkip_init(int key_idx) | |||
95 | goto fail; | 95 | goto fail; |
96 | } | 96 | } |
97 | 97 | ||
98 | priv->tfm_michael = crypto_alloc_tfm("michael_mic", 0); | 98 | priv->tfm_michael = crypto_alloc_hash("michael_mic", 0, |
99 | if (priv->tfm_michael == NULL) { | 99 | CRYPTO_ALG_ASYNC); |
100 | if (IS_ERR(priv->tfm_michael)) { | ||
100 | printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate " | 101 | printk(KERN_DEBUG "ieee80211_crypt_tkip: could not allocate " |
101 | "crypto API michael_mic\n"); | 102 | "crypto API michael_mic\n"); |
103 | priv->tfm_michael = NULL; | ||
102 | goto fail; | 104 | goto fail; |
103 | } | 105 | } |
104 | 106 | ||
@@ -107,7 +109,7 @@ static void *ieee80211_tkip_init(int key_idx) | |||
107 | fail: | 109 | fail: |
108 | if (priv) { | 110 | if (priv) { |
109 | if (priv->tfm_michael) | 111 | if (priv->tfm_michael) |
110 | crypto_free_tfm(priv->tfm_michael); | 112 | crypto_free_hash(priv->tfm_michael); |
111 | if (priv->tfm_arc4) | 113 | if (priv->tfm_arc4) |
112 | crypto_free_blkcipher(priv->tfm_arc4); | 114 | crypto_free_blkcipher(priv->tfm_arc4); |
113 | kfree(priv); | 115 | kfree(priv); |
@@ -120,7 +122,7 @@ static void ieee80211_tkip_deinit(void *priv) | |||
120 | { | 122 | { |
121 | struct ieee80211_tkip_data *_priv = priv; | 123 | struct ieee80211_tkip_data *_priv = priv; |
122 | if (_priv && _priv->tfm_michael) | 124 | if (_priv && _priv->tfm_michael) |
123 | crypto_free_tfm(_priv->tfm_michael); | 125 | crypto_free_hash(_priv->tfm_michael); |
124 | if (_priv && _priv->tfm_arc4) | 126 | if (_priv && _priv->tfm_arc4) |
125 | crypto_free_blkcipher(_priv->tfm_arc4); | 127 | crypto_free_blkcipher(_priv->tfm_arc4); |
126 | kfree(priv); | 128 | kfree(priv); |
@@ -485,6 +487,7 @@ static int ieee80211_tkip_decrypt(struct sk_buff *skb, int hdr_len, void *priv) | |||
485 | static int michael_mic(struct ieee80211_tkip_data *tkey, u8 * key, u8 * hdr, | 487 | static int michael_mic(struct ieee80211_tkip_data *tkey, u8 * key, u8 * hdr, |
486 | u8 * data, size_t data_len, u8 * mic) | 488 | u8 * data, size_t data_len, u8 * mic) |
487 | { | 489 | { |
490 | struct hash_desc desc; | ||
488 | struct scatterlist sg[2]; | 491 | struct scatterlist sg[2]; |
489 | 492 | ||
490 | if (tkey->tfm_michael == NULL) { | 493 | if (tkey->tfm_michael == NULL) { |
@@ -499,12 +502,12 @@ static int michael_mic(struct ieee80211_tkip_data *tkey, u8 * key, u8 * hdr, | |||
499 | sg[1].offset = offset_in_page(data); | 502 | sg[1].offset = offset_in_page(data); |
500 | sg[1].length = data_len; | 503 | sg[1].length = data_len; |
501 | 504 | ||
502 | crypto_digest_init(tkey->tfm_michael); | 505 | if (crypto_hash_setkey(tkey->tfm_michael, key, 8)) |
503 | crypto_digest_setkey(tkey->tfm_michael, key, 8); | 506 | return -1; |
504 | crypto_digest_update(tkey->tfm_michael, sg, 2); | ||
505 | crypto_digest_final(tkey->tfm_michael, mic); | ||
506 | 507 | ||
507 | return 0; | 508 | desc.tfm = tkey->tfm_michael; |
509 | desc.flags = 0; | ||
510 | return crypto_hash_digest(&desc, sg, data_len + 16, mic); | ||
508 | } | 511 | } |
509 | 512 | ||
510 | static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr) | 513 | static void michael_mic_hdr(struct sk_buff *skb, u8 * hdr) |
@@ -628,7 +631,7 @@ static int ieee80211_tkip_set_key(void *key, int len, u8 * seq, void *priv) | |||
628 | { | 631 | { |
629 | struct ieee80211_tkip_data *tkey = priv; | 632 | struct ieee80211_tkip_data *tkey = priv; |
630 | int keyidx; | 633 | int keyidx; |
631 | struct crypto_tfm *tfm = tkey->tfm_michael; | 634 | struct crypto_hash *tfm = tkey->tfm_michael; |
632 | struct crypto_blkcipher *tfm2 = tkey->tfm_arc4; | 635 | struct crypto_blkcipher *tfm2 = tkey->tfm_arc4; |
633 | 636 | ||
634 | keyidx = tkey->key_idx; | 637 | keyidx = tkey->key_idx; |
diff --git a/net/sunrpc/auth_gss/gss_krb5_crypto.c b/net/sunrpc/auth_gss/gss_krb5_crypto.c index 57192dfe3065..e11a40b25cce 100644 --- a/net/sunrpc/auth_gss/gss_krb5_crypto.c +++ b/net/sunrpc/auth_gss/gss_krb5_crypto.c | |||
@@ -34,6 +34,7 @@ | |||
34 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. | 34 | * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. |
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include <linux/err.h> | ||
37 | #include <linux/types.h> | 38 | #include <linux/types.h> |
38 | #include <linux/mm.h> | 39 | #include <linux/mm.h> |
39 | #include <linux/slab.h> | 40 | #include <linux/slab.h> |
@@ -199,11 +200,9 @@ out: | |||
199 | static int | 200 | static int |
200 | checksummer(struct scatterlist *sg, void *data) | 201 | checksummer(struct scatterlist *sg, void *data) |
201 | { | 202 | { |
202 | struct crypto_tfm *tfm = (struct crypto_tfm *)data; | 203 | struct hash_desc *desc = data; |
203 | 204 | ||
204 | crypto_digest_update(tfm, sg, 1); | 205 | return crypto_hash_update(desc, sg, sg->length); |
205 | |||
206 | return 0; | ||
207 | } | 206 | } |
208 | 207 | ||
209 | /* checksum the plaintext data and hdrlen bytes of the token header */ | 208 | /* checksum the plaintext data and hdrlen bytes of the token header */ |
@@ -212,8 +211,9 @@ make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body, | |||
212 | int body_offset, struct xdr_netobj *cksum) | 211 | int body_offset, struct xdr_netobj *cksum) |
213 | { | 212 | { |
214 | char *cksumname; | 213 | char *cksumname; |
215 | struct crypto_tfm *tfm = NULL; /* XXX add to ctx? */ | 214 | struct hash_desc desc; /* XXX add to ctx? */ |
216 | struct scatterlist sg[1]; | 215 | struct scatterlist sg[1]; |
216 | int err; | ||
217 | 217 | ||
218 | switch (cksumtype) { | 218 | switch (cksumtype) { |
219 | case CKSUMTYPE_RSA_MD5: | 219 | case CKSUMTYPE_RSA_MD5: |
@@ -224,18 +224,28 @@ make_checksum(s32 cksumtype, char *header, int hdrlen, struct xdr_buf *body, | |||
224 | " unsupported checksum %d", cksumtype); | 224 | " unsupported checksum %d", cksumtype); |
225 | return GSS_S_FAILURE; | 225 | return GSS_S_FAILURE; |
226 | } | 226 | } |
227 | if (!(tfm = crypto_alloc_tfm(cksumname, CRYPTO_TFM_REQ_MAY_SLEEP))) | 227 | desc.tfm = crypto_alloc_hash(cksumname, 0, CRYPTO_ALG_ASYNC); |
228 | if (IS_ERR(desc.tfm)) | ||
228 | return GSS_S_FAILURE; | 229 | return GSS_S_FAILURE; |
229 | cksum->len = crypto_tfm_alg_digestsize(tfm); | 230 | cksum->len = crypto_hash_digestsize(desc.tfm); |
231 | desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; | ||
230 | 232 | ||
231 | crypto_digest_init(tfm); | 233 | err = crypto_hash_init(&desc); |
234 | if (err) | ||
235 | goto out; | ||
232 | sg_set_buf(sg, header, hdrlen); | 236 | sg_set_buf(sg, header, hdrlen); |
233 | crypto_digest_update(tfm, sg, 1); | 237 | err = crypto_hash_update(&desc, sg, hdrlen); |
234 | process_xdr_buf(body, body_offset, body->len - body_offset, | 238 | if (err) |
235 | checksummer, tfm); | 239 | goto out; |
236 | crypto_digest_final(tfm, cksum->data); | 240 | err = process_xdr_buf(body, body_offset, body->len - body_offset, |
237 | crypto_free_tfm(tfm); | 241 | checksummer, &desc); |
238 | return 0; | 242 | if (err) |
243 | goto out; | ||
244 | err = crypto_hash_final(&desc, cksum->data); | ||
245 | |||
246 | out: | ||
247 | crypto_free_hash(desc.tfm); | ||
248 | return err ? GSS_S_FAILURE : 0; | ||
239 | } | 249 | } |
240 | 250 | ||
241 | EXPORT_SYMBOL(make_checksum); | 251 | EXPORT_SYMBOL(make_checksum); |
diff --git a/security/seclvl.c b/security/seclvl.c index c26dd7de0471..8f6291991fbc 100644 --- a/security/seclvl.c +++ b/security/seclvl.c | |||
@@ -16,6 +16,7 @@ | |||
16 | * (at your option) any later version. | 16 | * (at your option) any later version. |
17 | */ | 17 | */ |
18 | 18 | ||
19 | #include <linux/err.h> | ||
19 | #include <linux/module.h> | 20 | #include <linux/module.h> |
20 | #include <linux/moduleparam.h> | 21 | #include <linux/moduleparam.h> |
21 | #include <linux/kernel.h> | 22 | #include <linux/kernel.h> |
@@ -197,26 +198,27 @@ static unsigned char hashedPassword[SHA1_DIGEST_SIZE]; | |||
197 | static int | 198 | static int |
198 | plaintext_to_sha1(unsigned char *hash, const char *plaintext, unsigned int len) | 199 | plaintext_to_sha1(unsigned char *hash, const char *plaintext, unsigned int len) |
199 | { | 200 | { |
200 | struct crypto_tfm *tfm; | 201 | struct hash_desc desc; |
201 | struct scatterlist sg; | 202 | struct scatterlist sg; |
203 | int err; | ||
204 | |||
202 | if (len > PAGE_SIZE) { | 205 | if (len > PAGE_SIZE) { |
203 | seclvl_printk(0, KERN_ERR, "Plaintext password too large (%d " | 206 | seclvl_printk(0, KERN_ERR, "Plaintext password too large (%d " |
204 | "characters). Largest possible is %lu " | 207 | "characters). Largest possible is %lu " |
205 | "bytes.\n", len, PAGE_SIZE); | 208 | "bytes.\n", len, PAGE_SIZE); |
206 | return -EINVAL; | 209 | return -EINVAL; |
207 | } | 210 | } |
208 | tfm = crypto_alloc_tfm("sha1", CRYPTO_TFM_REQ_MAY_SLEEP); | 211 | desc.tfm = crypto_alloc_hash("sha1", 0, CRYPTO_ALG_ASYNC); |
209 | if (tfm == NULL) { | 212 | if (IS_ERR(desc.tfm)) { |
210 | seclvl_printk(0, KERN_ERR, | 213 | seclvl_printk(0, KERN_ERR, |
211 | "Failed to load transform for SHA1\n"); | 214 | "Failed to load transform for SHA1\n"); |
212 | return -EINVAL; | 215 | return -EINVAL; |
213 | } | 216 | } |
214 | sg_init_one(&sg, (u8 *)plaintext, len); | 217 | sg_init_one(&sg, (u8 *)plaintext, len); |
215 | crypto_digest_init(tfm); | 218 | desc.flags = CRYPTO_TFM_REQ_MAY_SLEEP; |
216 | crypto_digest_update(tfm, &sg, 1); | 219 | err = crypto_hash_digest(&desc, &sg, len, hash); |
217 | crypto_digest_final(tfm, hash); | 220 | crypto_free_hash(desc.tfm); |
218 | crypto_free_tfm(tfm); | 221 | return err; |
219 | return 0; | ||
220 | } | 222 | } |
221 | 223 | ||
222 | /** | 224 | /** |