diff options
Diffstat (limited to 'crypto/tcrypt.c')
| -rw-r--r-- | crypto/tcrypt.c | 183 |
1 files changed, 105 insertions, 78 deletions
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c index c3c9124209a1..d59ba5079d14 100644 --- a/crypto/tcrypt.c +++ b/crypto/tcrypt.c | |||
| @@ -27,6 +27,7 @@ | |||
| 27 | #include <linux/timex.h> | 27 | #include <linux/timex.h> |
| 28 | #include <linux/interrupt.h> | 28 | #include <linux/interrupt.h> |
| 29 | #include "tcrypt.h" | 29 | #include "tcrypt.h" |
| 30 | #include "internal.h" | ||
| 30 | 31 | ||
| 31 | /* | 32 | /* |
| 32 | * Need slab memory for testing (size in number of pages). | 33 | * Need slab memory for testing (size in number of pages). |
| @@ -396,16 +397,16 @@ static void test_hash_speed(const char *algo, unsigned int sec, | |||
| 396 | struct scatterlist sg[TVMEMSIZE]; | 397 | struct scatterlist sg[TVMEMSIZE]; |
| 397 | struct crypto_hash *tfm; | 398 | struct crypto_hash *tfm; |
| 398 | struct hash_desc desc; | 399 | struct hash_desc desc; |
| 399 | char output[1024]; | 400 | static char output[1024]; |
| 400 | int i; | 401 | int i; |
| 401 | int ret; | 402 | int ret; |
| 402 | 403 | ||
| 403 | printk("\ntesting speed of %s\n", algo); | 404 | printk(KERN_INFO "\ntesting speed of %s\n", algo); |
| 404 | 405 | ||
| 405 | tfm = crypto_alloc_hash(algo, 0, CRYPTO_ALG_ASYNC); | 406 | tfm = crypto_alloc_hash(algo, 0, CRYPTO_ALG_ASYNC); |
| 406 | 407 | ||
| 407 | if (IS_ERR(tfm)) { | 408 | if (IS_ERR(tfm)) { |
| 408 | printk("failed to load transform for %s: %ld\n", algo, | 409 | printk(KERN_ERR "failed to load transform for %s: %ld\n", algo, |
| 409 | PTR_ERR(tfm)); | 410 | PTR_ERR(tfm)); |
| 410 | return; | 411 | return; |
| 411 | } | 412 | } |
| @@ -414,7 +415,7 @@ static void test_hash_speed(const char *algo, unsigned int sec, | |||
| 414 | desc.flags = 0; | 415 | desc.flags = 0; |
| 415 | 416 | ||
| 416 | if (crypto_hash_digestsize(tfm) > sizeof(output)) { | 417 | if (crypto_hash_digestsize(tfm) > sizeof(output)) { |
| 417 | printk("digestsize(%u) > outputbuffer(%zu)\n", | 418 | printk(KERN_ERR "digestsize(%u) > outputbuffer(%zu)\n", |
| 418 | crypto_hash_digestsize(tfm), sizeof(output)); | 419 | crypto_hash_digestsize(tfm), sizeof(output)); |
| 419 | goto out; | 420 | goto out; |
| 420 | } | 421 | } |
| @@ -427,12 +428,14 @@ static void test_hash_speed(const char *algo, unsigned int sec, | |||
| 427 | 428 | ||
| 428 | for (i = 0; speed[i].blen != 0; i++) { | 429 | for (i = 0; speed[i].blen != 0; i++) { |
| 429 | if (speed[i].blen > TVMEMSIZE * PAGE_SIZE) { | 430 | if (speed[i].blen > TVMEMSIZE * PAGE_SIZE) { |
| 430 | printk("template (%u) too big for tvmem (%lu)\n", | 431 | printk(KERN_ERR |
| 432 | "template (%u) too big for tvmem (%lu)\n", | ||
| 431 | speed[i].blen, TVMEMSIZE * PAGE_SIZE); | 433 | speed[i].blen, TVMEMSIZE * PAGE_SIZE); |
| 432 | goto out; | 434 | goto out; |
| 433 | } | 435 | } |
| 434 | 436 | ||
| 435 | printk("test%3u (%5u byte blocks,%5u bytes per update,%4u updates): ", | 437 | printk(KERN_INFO "test%3u " |
| 438 | "(%5u byte blocks,%5u bytes per update,%4u updates): ", | ||
| 436 | i, speed[i].blen, speed[i].plen, speed[i].blen / speed[i].plen); | 439 | i, speed[i].blen, speed[i].plen, speed[i].blen / speed[i].plen); |
| 437 | 440 | ||
| 438 | if (sec) | 441 | if (sec) |
| @@ -443,7 +446,7 @@ static void test_hash_speed(const char *algo, unsigned int sec, | |||
| 443 | speed[i].plen, output); | 446 | speed[i].plen, output); |
| 444 | 447 | ||
| 445 | if (ret) { | 448 | if (ret) { |
| 446 | printk("hashing failed ret=%d\n", ret); | 449 | printk(KERN_ERR "hashing failed ret=%d\n", ret); |
| 447 | break; | 450 | break; |
| 448 | } | 451 | } |
| 449 | } | 452 | } |
| @@ -466,239 +469,255 @@ static void test_available(void) | |||
| 466 | 469 | ||
| 467 | static inline int tcrypt_test(const char *alg) | 470 | static inline int tcrypt_test(const char *alg) |
| 468 | { | 471 | { |
| 469 | return alg_test(alg, alg, 0, 0); | 472 | int ret; |
| 473 | |||
| 474 | ret = alg_test(alg, alg, 0, 0); | ||
| 475 | /* non-fips algs return -EINVAL in fips mode */ | ||
| 476 | if (fips_enabled && ret == -EINVAL) | ||
| 477 | ret = 0; | ||
| 478 | return ret; | ||
| 470 | } | 479 | } |
| 471 | 480 | ||
| 472 | static void do_test(int m) | 481 | static int do_test(int m) |
| 473 | { | 482 | { |
| 474 | int i; | 483 | int i; |
| 484 | int ret = 0; | ||
| 475 | 485 | ||
| 476 | switch (m) { | 486 | switch (m) { |
| 477 | case 0: | 487 | case 0: |
| 478 | for (i = 1; i < 200; i++) | 488 | for (i = 1; i < 200; i++) |
| 479 | do_test(i); | 489 | ret += do_test(i); |
| 480 | break; | 490 | break; |
| 481 | 491 | ||
| 482 | case 1: | 492 | case 1: |
| 483 | tcrypt_test("md5"); | 493 | ret += tcrypt_test("md5"); |
| 484 | break; | 494 | break; |
| 485 | 495 | ||
| 486 | case 2: | 496 | case 2: |
| 487 | tcrypt_test("sha1"); | 497 | ret += tcrypt_test("sha1"); |
| 488 | break; | 498 | break; |
| 489 | 499 | ||
| 490 | case 3: | 500 | case 3: |
| 491 | tcrypt_test("ecb(des)"); | 501 | ret += tcrypt_test("ecb(des)"); |
| 492 | tcrypt_test("cbc(des)"); | 502 | ret += tcrypt_test("cbc(des)"); |
| 493 | break; | 503 | break; |
| 494 | 504 | ||
| 495 | case 4: | 505 | case 4: |
| 496 | tcrypt_test("ecb(des3_ede)"); | 506 | ret += tcrypt_test("ecb(des3_ede)"); |
| 497 | tcrypt_test("cbc(des3_ede)"); | 507 | ret += tcrypt_test("cbc(des3_ede)"); |
| 498 | break; | 508 | break; |
| 499 | 509 | ||
| 500 | case 5: | 510 | case 5: |
| 501 | tcrypt_test("md4"); | 511 | ret += tcrypt_test("md4"); |
| 502 | break; | 512 | break; |
| 503 | 513 | ||
| 504 | case 6: | 514 | case 6: |
| 505 | tcrypt_test("sha256"); | 515 | ret += tcrypt_test("sha256"); |
| 506 | break; | 516 | break; |
| 507 | 517 | ||
| 508 | case 7: | 518 | case 7: |
| 509 | tcrypt_test("ecb(blowfish)"); | 519 | ret += tcrypt_test("ecb(blowfish)"); |
| 510 | tcrypt_test("cbc(blowfish)"); | 520 | ret += tcrypt_test("cbc(blowfish)"); |
| 511 | break; | 521 | break; |
| 512 | 522 | ||
| 513 | case 8: | 523 | case 8: |
| 514 | tcrypt_test("ecb(twofish)"); | 524 | ret += tcrypt_test("ecb(twofish)"); |
| 515 | tcrypt_test("cbc(twofish)"); | 525 | ret += tcrypt_test("cbc(twofish)"); |
| 516 | break; | 526 | break; |
| 517 | 527 | ||
| 518 | case 9: | 528 | case 9: |
| 519 | tcrypt_test("ecb(serpent)"); | 529 | ret += tcrypt_test("ecb(serpent)"); |
| 520 | break; | 530 | break; |
| 521 | 531 | ||
| 522 | case 10: | 532 | case 10: |
| 523 | tcrypt_test("ecb(aes)"); | 533 | ret += tcrypt_test("ecb(aes)"); |
| 524 | tcrypt_test("cbc(aes)"); | 534 | ret += tcrypt_test("cbc(aes)"); |
| 525 | tcrypt_test("lrw(aes)"); | 535 | ret += tcrypt_test("lrw(aes)"); |
| 526 | tcrypt_test("xts(aes)"); | 536 | ret += tcrypt_test("xts(aes)"); |
| 527 | tcrypt_test("rfc3686(ctr(aes))"); | 537 | ret += tcrypt_test("ctr(aes)"); |
| 538 | ret += tcrypt_test("rfc3686(ctr(aes))"); | ||
| 528 | break; | 539 | break; |
| 529 | 540 | ||
| 530 | case 11: | 541 | case 11: |
| 531 | tcrypt_test("sha384"); | 542 | ret += tcrypt_test("sha384"); |
| 532 | break; | 543 | break; |
| 533 | 544 | ||
| 534 | case 12: | 545 | case 12: |
| 535 | tcrypt_test("sha512"); | 546 | ret += tcrypt_test("sha512"); |
| 536 | break; | 547 | break; |
| 537 | 548 | ||
| 538 | case 13: | 549 | case 13: |
| 539 | tcrypt_test("deflate"); | 550 | ret += tcrypt_test("deflate"); |
| 540 | break; | 551 | break; |
| 541 | 552 | ||
| 542 | case 14: | 553 | case 14: |
| 543 | tcrypt_test("ecb(cast5)"); | 554 | ret += tcrypt_test("ecb(cast5)"); |
| 544 | break; | 555 | break; |
| 545 | 556 | ||
| 546 | case 15: | 557 | case 15: |
| 547 | tcrypt_test("ecb(cast6)"); | 558 | ret += tcrypt_test("ecb(cast6)"); |
| 548 | break; | 559 | break; |
| 549 | 560 | ||
| 550 | case 16: | 561 | case 16: |
| 551 | tcrypt_test("ecb(arc4)"); | 562 | ret += tcrypt_test("ecb(arc4)"); |
| 552 | break; | 563 | break; |
| 553 | 564 | ||
| 554 | case 17: | 565 | case 17: |
| 555 | tcrypt_test("michael_mic"); | 566 | ret += tcrypt_test("michael_mic"); |
| 556 | break; | 567 | break; |
| 557 | 568 | ||
| 558 | case 18: | 569 | case 18: |
| 559 | tcrypt_test("crc32c"); | 570 | ret += tcrypt_test("crc32c"); |
| 560 | break; | 571 | break; |
| 561 | 572 | ||
| 562 | case 19: | 573 | case 19: |
| 563 | tcrypt_test("ecb(tea)"); | 574 | ret += tcrypt_test("ecb(tea)"); |
| 564 | break; | 575 | break; |
| 565 | 576 | ||
| 566 | case 20: | 577 | case 20: |
| 567 | tcrypt_test("ecb(xtea)"); | 578 | ret += tcrypt_test("ecb(xtea)"); |
| 568 | break; | 579 | break; |
| 569 | 580 | ||
| 570 | case 21: | 581 | case 21: |
| 571 | tcrypt_test("ecb(khazad)"); | 582 | ret += tcrypt_test("ecb(khazad)"); |
| 572 | break; | 583 | break; |
| 573 | 584 | ||
| 574 | case 22: | 585 | case 22: |
| 575 | tcrypt_test("wp512"); | 586 | ret += tcrypt_test("wp512"); |
| 576 | break; | 587 | break; |
| 577 | 588 | ||
| 578 | case 23: | 589 | case 23: |
| 579 | tcrypt_test("wp384"); | 590 | ret += tcrypt_test("wp384"); |
| 580 | break; | 591 | break; |
| 581 | 592 | ||
| 582 | case 24: | 593 | case 24: |
| 583 | tcrypt_test("wp256"); | 594 | ret += tcrypt_test("wp256"); |
| 584 | break; | 595 | break; |
| 585 | 596 | ||
| 586 | case 25: | 597 | case 25: |
| 587 | tcrypt_test("ecb(tnepres)"); | 598 | ret += tcrypt_test("ecb(tnepres)"); |
| 588 | break; | 599 | break; |
| 589 | 600 | ||
| 590 | case 26: | 601 | case 26: |
| 591 | tcrypt_test("ecb(anubis)"); | 602 | ret += tcrypt_test("ecb(anubis)"); |
| 592 | tcrypt_test("cbc(anubis)"); | 603 | ret += tcrypt_test("cbc(anubis)"); |
| 593 | break; | 604 | break; |
| 594 | 605 | ||
| 595 | case 27: | 606 | case 27: |
| 596 | tcrypt_test("tgr192"); | 607 | ret += tcrypt_test("tgr192"); |
| 597 | break; | 608 | break; |
| 598 | 609 | ||
| 599 | case 28: | 610 | case 28: |
| 600 | 611 | ||
| 601 | tcrypt_test("tgr160"); | 612 | ret += tcrypt_test("tgr160"); |
| 602 | break; | 613 | break; |
| 603 | 614 | ||
| 604 | case 29: | 615 | case 29: |
| 605 | tcrypt_test("tgr128"); | 616 | ret += tcrypt_test("tgr128"); |
| 606 | break; | 617 | break; |
| 607 | 618 | ||
| 608 | case 30: | 619 | case 30: |
| 609 | tcrypt_test("ecb(xeta)"); | 620 | ret += tcrypt_test("ecb(xeta)"); |
| 610 | break; | 621 | break; |
| 611 | 622 | ||
| 612 | case 31: | 623 | case 31: |
| 613 | tcrypt_test("pcbc(fcrypt)"); | 624 | ret += tcrypt_test("pcbc(fcrypt)"); |
| 614 | break; | 625 | break; |
| 615 | 626 | ||
| 616 | case 32: | 627 | case 32: |
| 617 | tcrypt_test("ecb(camellia)"); | 628 | ret += tcrypt_test("ecb(camellia)"); |
| 618 | tcrypt_test("cbc(camellia)"); | 629 | ret += tcrypt_test("cbc(camellia)"); |
| 619 | break; | 630 | break; |
| 620 | case 33: | 631 | case 33: |
| 621 | tcrypt_test("sha224"); | 632 | ret += tcrypt_test("sha224"); |
| 622 | break; | 633 | break; |
| 623 | 634 | ||
| 624 | case 34: | 635 | case 34: |
| 625 | tcrypt_test("salsa20"); | 636 | ret += tcrypt_test("salsa20"); |
| 626 | break; | 637 | break; |
| 627 | 638 | ||
| 628 | case 35: | 639 | case 35: |
| 629 | tcrypt_test("gcm(aes)"); | 640 | ret += tcrypt_test("gcm(aes)"); |
| 630 | break; | 641 | break; |
| 631 | 642 | ||
| 632 | case 36: | 643 | case 36: |
| 633 | tcrypt_test("lzo"); | 644 | ret += tcrypt_test("lzo"); |
| 634 | break; | 645 | break; |
| 635 | 646 | ||
| 636 | case 37: | 647 | case 37: |
| 637 | tcrypt_test("ccm(aes)"); | 648 | ret += tcrypt_test("ccm(aes)"); |
| 638 | break; | 649 | break; |
| 639 | 650 | ||
| 640 | case 38: | 651 | case 38: |
| 641 | tcrypt_test("cts(cbc(aes))"); | 652 | ret += tcrypt_test("cts(cbc(aes))"); |
| 642 | break; | 653 | break; |
| 643 | 654 | ||
| 644 | case 39: | 655 | case 39: |
| 645 | tcrypt_test("rmd128"); | 656 | ret += tcrypt_test("rmd128"); |
| 646 | break; | 657 | break; |
| 647 | 658 | ||
| 648 | case 40: | 659 | case 40: |
| 649 | tcrypt_test("rmd160"); | 660 | ret += tcrypt_test("rmd160"); |
| 650 | break; | 661 | break; |
| 651 | 662 | ||
| 652 | case 41: | 663 | case 41: |
| 653 | tcrypt_test("rmd256"); | 664 | ret += tcrypt_test("rmd256"); |
| 654 | break; | 665 | break; |
| 655 | 666 | ||
| 656 | case 42: | 667 | case 42: |
| 657 | tcrypt_test("rmd320"); | 668 | ret += tcrypt_test("rmd320"); |
| 658 | break; | 669 | break; |
| 659 | 670 | ||
| 660 | case 43: | 671 | case 43: |
| 661 | tcrypt_test("ecb(seed)"); | 672 | ret += tcrypt_test("ecb(seed)"); |
| 662 | break; | 673 | break; |
| 663 | 674 | ||
| 664 | case 44: | 675 | case 44: |
| 665 | tcrypt_test("zlib"); | 676 | ret += tcrypt_test("zlib"); |
| 677 | break; | ||
| 678 | |||
| 679 | case 45: | ||
| 680 | ret += tcrypt_test("rfc4309(ccm(aes))"); | ||
| 666 | break; | 681 | break; |
| 667 | 682 | ||
| 668 | case 100: | 683 | case 100: |
| 669 | tcrypt_test("hmac(md5)"); | 684 | ret += tcrypt_test("hmac(md5)"); |
| 670 | break; | 685 | break; |
| 671 | 686 | ||
| 672 | case 101: | 687 | case 101: |
| 673 | tcrypt_test("hmac(sha1)"); | 688 | ret += tcrypt_test("hmac(sha1)"); |
| 674 | break; | 689 | break; |
| 675 | 690 | ||
| 676 | case 102: | 691 | case 102: |
| 677 | tcrypt_test("hmac(sha256)"); | 692 | ret += tcrypt_test("hmac(sha256)"); |
| 678 | break; | 693 | break; |
| 679 | 694 | ||
| 680 | case 103: | 695 | case 103: |
| 681 | tcrypt_test("hmac(sha384)"); | 696 | ret += tcrypt_test("hmac(sha384)"); |
| 682 | break; | 697 | break; |
| 683 | 698 | ||
| 684 | case 104: | 699 | case 104: |
| 685 | tcrypt_test("hmac(sha512)"); | 700 | ret += tcrypt_test("hmac(sha512)"); |
| 686 | break; | 701 | break; |
| 687 | 702 | ||
| 688 | case 105: | 703 | case 105: |
| 689 | tcrypt_test("hmac(sha224)"); | 704 | ret += tcrypt_test("hmac(sha224)"); |
| 690 | break; | 705 | break; |
| 691 | 706 | ||
| 692 | case 106: | 707 | case 106: |
| 693 | tcrypt_test("xcbc(aes)"); | 708 | ret += tcrypt_test("xcbc(aes)"); |
| 694 | break; | 709 | break; |
| 695 | 710 | ||
| 696 | case 107: | 711 | case 107: |
| 697 | tcrypt_test("hmac(rmd128)"); | 712 | ret += tcrypt_test("hmac(rmd128)"); |
| 698 | break; | 713 | break; |
| 699 | 714 | ||
| 700 | case 108: | 715 | case 108: |
| 701 | tcrypt_test("hmac(rmd160)"); | 716 | ret += tcrypt_test("hmac(rmd160)"); |
| 717 | break; | ||
| 718 | |||
| 719 | case 150: | ||
| 720 | ret += tcrypt_test("ansi_cprng"); | ||
| 702 | break; | 721 | break; |
| 703 | 722 | ||
| 704 | case 200: | 723 | case 200: |
| @@ -862,6 +881,8 @@ static void do_test(int m) | |||
| 862 | test_available(); | 881 | test_available(); |
| 863 | break; | 882 | break; |
| 864 | } | 883 | } |
| 884 | |||
| 885 | return ret; | ||
| 865 | } | 886 | } |
| 866 | 887 | ||
| 867 | static int __init tcrypt_mod_init(void) | 888 | static int __init tcrypt_mod_init(void) |
| @@ -875,15 +896,21 @@ static int __init tcrypt_mod_init(void) | |||
| 875 | goto err_free_tv; | 896 | goto err_free_tv; |
| 876 | } | 897 | } |
| 877 | 898 | ||
| 878 | do_test(mode); | 899 | err = do_test(mode); |
| 900 | if (err) { | ||
| 901 | printk(KERN_ERR "tcrypt: one or more tests failed!\n"); | ||
| 902 | goto err_free_tv; | ||
| 903 | } | ||
| 879 | 904 | ||
| 880 | /* We intentionaly return -EAGAIN to prevent keeping | 905 | /* We intentionaly return -EAGAIN to prevent keeping the module, |
| 881 | * the module. It does all its work from init() | 906 | * unless we're running in fips mode. It does all its work from |
| 882 | * and doesn't offer any runtime functionality | 907 | * init() and doesn't offer any runtime functionality, but in |
| 908 | * the fips case, checking for a successful load is helpful. | ||
| 883 | * => we don't need it in the memory, do we? | 909 | * => we don't need it in the memory, do we? |
| 884 | * -- mludvig | 910 | * -- mludvig |
| 885 | */ | 911 | */ |
| 886 | err = -EAGAIN; | 912 | if (!fips_enabled) |
| 913 | err = -EAGAIN; | ||
| 887 | 914 | ||
| 888 | err_free_tv: | 915 | err_free_tv: |
| 889 | for (i = 0; i < TVMEMSIZE && tvmem[i]; i++) | 916 | for (i = 0; i < TVMEMSIZE && tvmem[i]; i++) |