When complex algorithms that depend on other algorithms are built into the kernel, the order of registration must be done such that the underlying algorithms are ready before the ones on top are registered. As otherwise they would fail during the self-test which is required during registration.
We can enable fips=1 and ecdh, the calltrace like below:
alg: ecdh: test failed on vector 2, err=-14 Kernel panic - not syncing: alg: self-tests for ecdh-generic (ecdh) failed in fips mode! Call Trace: dump_stack+0x57/0x6e panic+0x109/0x2ca alg_test+0x414/0x420 ? __switch_to_asm+0x3a/0x60 ? __switch_to_asm+0x34/0x60 ? __schedule+0x263/0x640 ? crypto_acomp_scomp_free_ctx+0x30/0x30 cryptomgr_test+0x22/0x40 kthread+0xf9/0x130 ? kthread_park+0x90/0x90 ret_from_fork+0x22/0x30
adad556efcd ("crypto: api - Fix built-in testing dependency failures") will fix the issue, and others fix its bugs.
So we can merge them into linux-5.10-y to fix it, thanks!
Herbert Xu (4): crypto: api - Fix built-in testing dependency failures crypto: api - Do not create test larvals if manager is disabled crypto: api - Export crypto_boot_test_finished crypto: api - Fix boot-up crash when crypto manager is disabled
crypto/algapi.c | 125 +++++++++++++++++++++++++++++++--------------- crypto/api.c | 50 +++++++++++++++++-- crypto/internal.h | 10 ++++ 3 files changed, 141 insertions(+), 44 deletions(-)
From: Herbert Xu herbert@gondor.apana.org.au
When complex algorithms that depend on other algorithms are built into the kernel, the order of registration must be done such that the underlying algorithms are ready before the ones on top are registered. As otherwise they would fail during the self-test which is required during registration.
In the past we have used subsystem initialisation ordering to guarantee this. The number of such precedence levels are limited and they may cause ripple effects in other subsystems.
This patch solves this problem by delaying all self-tests during boot-up for built-in algorithms. They will be tested either when something else in the kernel requests for them, or when we have finished registering all built-in algorithms, whichever comes earlier.
Reported-by: Vladis Dronov vdronov@redhat.com Signed-off-by: Herbert Xu herbert@gondor.apana.org.au Signed-off-by: Gaosheng Cui cuigaosheng1@huawei.com --- crypto/algapi.c | 73 +++++++++++++++++++++++++++++++++-------------- crypto/api.c | 52 +++++++++++++++++++++++++++++---- crypto/internal.h | 10 +++++++ 3 files changed, 108 insertions(+), 27 deletions(-)
diff --git a/crypto/algapi.c b/crypto/algapi.c index 9de27daa98b4..d6cd860bca4f 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -389,29 +389,10 @@ void crypto_remove_final(struct list_head *list) } EXPORT_SYMBOL_GPL(crypto_remove_final);
-static void crypto_wait_for_test(struct crypto_larval *larval) -{ - int err; - - err = crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER, larval->adult); - if (err != NOTIFY_STOP) { - if (WARN_ON(err != NOTIFY_DONE)) - goto out; - crypto_alg_tested(larval->alg.cra_driver_name, 0); - } - - err = wait_for_completion_killable(&larval->completion); - WARN_ON(err); - if (!err) - crypto_notify(CRYPTO_MSG_ALG_LOADED, larval); - -out: - crypto_larval_kill(&larval->alg); -} - int crypto_register_alg(struct crypto_alg *alg) { struct crypto_larval *larval; + bool test_started; int err;
alg->cra_flags &= ~CRYPTO_ALG_DEAD; @@ -421,12 +402,15 @@ int crypto_register_alg(struct crypto_alg *alg)
down_write(&crypto_alg_sem); larval = __crypto_register_alg(alg); + test_started = static_key_enabled(&crypto_boot_test_finished); + larval->test_started = test_started; up_write(&crypto_alg_sem);
if (IS_ERR(larval)) return PTR_ERR(larval);
- crypto_wait_for_test(larval); + if (test_started) + crypto_wait_for_test(larval); return 0; } EXPORT_SYMBOL_GPL(crypto_register_alg); @@ -633,6 +617,8 @@ int crypto_register_instance(struct crypto_template *tmpl, if (IS_ERR(larval)) goto unlock;
+ larval->test_started = true; + hlist_add_head(&inst->list, &tmpl->instances); inst->tmpl = tmpl;
@@ -1279,9 +1265,48 @@ void crypto_stats_skcipher_decrypt(unsigned int cryptlen, int ret, EXPORT_SYMBOL_GPL(crypto_stats_skcipher_decrypt); #endif
+static void __init crypto_start_tests(void) +{ + for (;;) { + struct crypto_larval *larval = NULL; + struct crypto_alg *q; + + down_write(&crypto_alg_sem); + + list_for_each_entry(q, &crypto_alg_list, cra_list) { + struct crypto_larval *l; + + if (!crypto_is_larval(q)) + continue; + + l = (void *)q; + + if (!crypto_is_test_larval(l)) + continue; + + if (l->test_started) + continue; + + l->test_started = true; + larval = l; + break; + } + + up_write(&crypto_alg_sem); + + if (!larval) + break; + + crypto_wait_for_test(larval); + } + + static_branch_enable(&crypto_boot_test_finished); +} + static int __init crypto_algapi_init(void) { crypto_init_proc(); + crypto_start_tests(); return 0; }
@@ -1290,7 +1315,11 @@ static void __exit crypto_algapi_exit(void) crypto_exit_proc(); }
-module_init(crypto_algapi_init); +/* + * We run this at late_initcall so that all the built-in algorithms + * have had a chance to register themselves first. + */ +late_initcall(crypto_algapi_init); module_exit(crypto_algapi_exit);
MODULE_LICENSE("GPL"); diff --git a/crypto/api.c b/crypto/api.c index 5ffcd3ab4a75..44d3e4f8bb58 100644 --- a/crypto/api.c +++ b/crypto/api.c @@ -12,6 +12,7 @@
#include <linux/err.h> #include <linux/errno.h> +#include <linux/jump_label.h> #include <linux/kernel.h> #include <linux/kmod.h> #include <linux/module.h> @@ -30,6 +31,8 @@ EXPORT_SYMBOL_GPL(crypto_alg_sem); BLOCKING_NOTIFIER_HEAD(crypto_chain); EXPORT_SYMBOL_GPL(crypto_chain);
+DEFINE_STATIC_KEY_FALSE(crypto_boot_test_finished); + static struct crypto_alg *crypto_larval_wait(struct crypto_alg *alg);
struct crypto_alg *crypto_mod_get(struct crypto_alg *alg) @@ -47,11 +50,6 @@ void crypto_mod_put(struct crypto_alg *alg) } EXPORT_SYMBOL_GPL(crypto_mod_put);
-static inline int crypto_is_test_larval(struct crypto_larval *larval) -{ - return larval->alg.cra_driver_name[0]; -} - static struct crypto_alg *__crypto_alg_lookup(const char *name, u32 type, u32 mask) { @@ -163,11 +161,55 @@ void crypto_larval_kill(struct crypto_alg *alg) } EXPORT_SYMBOL_GPL(crypto_larval_kill);
+void crypto_wait_for_test(struct crypto_larval *larval) +{ + int err; + + err = crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER, larval->adult); + if (err != NOTIFY_STOP) { + if (WARN_ON(err != NOTIFY_DONE)) + goto out; + crypto_alg_tested(larval->alg.cra_driver_name, 0); + } + + err = wait_for_completion_killable(&larval->completion); + WARN_ON(err); + if (!err) + crypto_notify(CRYPTO_MSG_ALG_LOADED, larval); + +out: + crypto_larval_kill(&larval->alg); +} +EXPORT_SYMBOL_GPL(crypto_wait_for_test); + +static void crypto_start_test(struct crypto_larval *larval) +{ + if (!crypto_is_test_larval(larval)) + return; + + if (larval->test_started) + return; + + down_write(&crypto_alg_sem); + if (larval->test_started) { + up_write(&crypto_alg_sem); + return; + } + + larval->test_started = true; + up_write(&crypto_alg_sem); + + crypto_wait_for_test(larval); +} + static struct crypto_alg *crypto_larval_wait(struct crypto_alg *alg) { struct crypto_larval *larval = (void *)alg; long timeout;
+ if (!static_branch_likely(&crypto_boot_test_finished)) + crypto_start_test(larval); + timeout = wait_for_completion_killable_timeout( &larval->completion, 60 * HZ);
diff --git a/crypto/internal.h b/crypto/internal.h index 976ec9dfc76d..0a8986a9ca8c 100644 --- a/crypto/internal.h +++ b/crypto/internal.h @@ -10,6 +10,7 @@
#include <crypto/algapi.h> #include <linux/completion.h> +#include <linux/jump_label.h> #include <linux/list.h> #include <linux/module.h> #include <linux/notifier.h> @@ -27,12 +28,15 @@ struct crypto_larval { struct crypto_alg *adult; struct completion completion; u32 mask; + bool test_started; };
extern struct list_head crypto_alg_list; extern struct rw_semaphore crypto_alg_sem; extern struct blocking_notifier_head crypto_chain;
+DECLARE_STATIC_KEY_FALSE(crypto_boot_test_finished); + #ifdef CONFIG_PROC_FS void __init crypto_init_proc(void); void __exit crypto_exit_proc(void); @@ -58,6 +62,7 @@ struct crypto_alg *crypto_alg_mod_lookup(const char *name, u32 type, u32 mask);
struct crypto_larval *crypto_larval_alloc(const char *name, u32 type, u32 mask); void crypto_larval_kill(struct crypto_alg *alg); +void crypto_wait_for_test(struct crypto_larval *larval); void crypto_alg_tested(const char *name, int err);
void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list, @@ -144,5 +149,10 @@ static inline void crypto_yield(u32 flags) cond_resched(); }
+static inline int crypto_is_test_larval(struct crypto_larval *larval) +{ + return larval->alg.cra_driver_name[0]; +} + #endif /* _CRYPTO_INTERNAL_H */
Hi,
Thanks for your patch.
FYI: kernel test robot notices the stable kernel rule is not satisfied.
Rule: 'Cc: stable@vger.kernel.org' or 'commit <sha1> upstream.' Subject: [PATCH 5.10 1/4] crypto: api - Fix built-in testing dependency failures Link: https://lore.kernel.org/stable/20230415101158.1648486-2-cuigaosheng1%40huawe...
The check is based on https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html
Please ignore this mail if the patch is not relevant for upstream.
On Sat, Apr 15, 2023 at 06:11:55PM +0800, Gaosheng Cui wrote:
From: Herbert Xu herbert@gondor.apana.org.au
When complex algorithms that depend on other algorithms are built into the kernel, the order of registration must be done such that the underlying algorithms are ready before the ones on top are registered. As otherwise they would fail during the self-test which is required during registration.
In the past we have used subsystem initialisation ordering to guarantee this. The number of such precedence levels are limited and they may cause ripple effects in other subsystems.
This patch solves this problem by delaying all self-tests during boot-up for built-in algorithms. They will be tested either when something else in the kernel requests for them, or when we have finished registering all built-in algorithms, whichever comes earlier.
Reported-by: Vladis Dronov vdronov@redhat.com Signed-off-by: Herbert Xu herbert@gondor.apana.org.au Signed-off-by: Gaosheng Cui cuigaosheng1@huawei.com
crypto/algapi.c | 73 +++++++++++++++++++++++++++++++++-------------- crypto/api.c | 52 +++++++++++++++++++++++++++++---- crypto/internal.h | 10 +++++++ 3 files changed, 108 insertions(+), 27 deletions(-)
What is the git commit id of this, and the other 3 patches, in Linus's tree? That is required to have here, as you know.
thanks,
greg k-h
From: Herbert Xu herbert@gondor.apana.org.au
The delayed boot-time testing patch created a dependency loop between api.c and algapi.c because it added a crypto_alg_tested call to the former when the crypto manager is disabled.
We could instead avoid creating the test larvals if the crypto manager is disabled. This avoids the dependency loop as well as saving some unnecessary work, albeit in a very unlikely case.
Reported-by: Nathan Chancellor nathan@kernel.org Reported-by: Naresh Kamboju naresh.kamboju@linaro.org Reported-by: kernel test robot lkp@intel.com Fixes: adad556efcdd ("crypto: api - Fix built-in testing dependency failures") Signed-off-by: Herbert Xu herbert@gondor.apana.org.au Signed-off-by: Gaosheng Cui cuigaosheng1@huawei.com --- crypto/algapi.c | 56 +++++++++++++++++++++++++++++++------------------ crypto/api.c | 7 ++----- 2 files changed, 38 insertions(+), 25 deletions(-)
diff --git a/crypto/algapi.c b/crypto/algapi.c index d6cd860bca4f..f6481cb79946 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -216,6 +216,32 @@ void crypto_remove_spawns(struct crypto_alg *alg, struct list_head *list, } EXPORT_SYMBOL_GPL(crypto_remove_spawns);
+static struct crypto_larval *crypto_alloc_test_larval(struct crypto_alg *alg) +{ + struct crypto_larval *larval; + + if (!IS_ENABLED(CONFIG_CRYPTO_MANAGER)) + return NULL; + + larval = crypto_larval_alloc(alg->cra_name, + alg->cra_flags | CRYPTO_ALG_TESTED, 0); + if (IS_ERR(larval)) + return larval; + + larval->adult = crypto_mod_get(alg); + if (!larval->adult) { + kfree(larval); + return ERR_PTR(-ENOENT); + } + + refcount_set(&larval->alg.cra_refcnt, 1); + memcpy(larval->alg.cra_driver_name, alg->cra_driver_name, + CRYPTO_MAX_ALG_NAME); + larval->alg.cra_priority = alg->cra_priority; + + return larval; +} + static struct crypto_larval *__crypto_register_alg(struct crypto_alg *alg) { struct crypto_alg *q; @@ -250,31 +276,20 @@ static struct crypto_larval *__crypto_register_alg(struct crypto_alg *alg) goto err; }
- larval = crypto_larval_alloc(alg->cra_name, - alg->cra_flags | CRYPTO_ALG_TESTED, 0); + larval = crypto_alloc_test_larval(alg); if (IS_ERR(larval)) goto out;
- ret = -ENOENT; - larval->adult = crypto_mod_get(alg); - if (!larval->adult) - goto free_larval; - - refcount_set(&larval->alg.cra_refcnt, 1); - memcpy(larval->alg.cra_driver_name, alg->cra_driver_name, - CRYPTO_MAX_ALG_NAME); - larval->alg.cra_priority = alg->cra_priority; - list_add(&alg->cra_list, &crypto_alg_list); - list_add(&larval->alg.cra_list, &crypto_alg_list); + + if (larval) + list_add(&larval->alg.cra_list, &crypto_alg_list);
crypto_stats_init(alg);
out: return larval;
-free_larval: - kfree(larval); err: larval = ERR_PTR(ret); goto out; @@ -403,10 +418,11 @@ int crypto_register_alg(struct crypto_alg *alg) down_write(&crypto_alg_sem); larval = __crypto_register_alg(alg); test_started = static_key_enabled(&crypto_boot_test_finished); - larval->test_started = test_started; + if (!IS_ERR_OR_NULL(larval)) + larval->test_started = test_started; up_write(&crypto_alg_sem);
- if (IS_ERR(larval)) + if (IS_ERR_OR_NULL(larval)) return PTR_ERR(larval);
if (test_started) @@ -616,8 +632,8 @@ int crypto_register_instance(struct crypto_template *tmpl, larval = __crypto_register_alg(&inst->alg); if (IS_ERR(larval)) goto unlock; - - larval->test_started = true; + else if (larval) + larval->test_started = true;
hlist_add_head(&inst->list, &tmpl->instances); inst->tmpl = tmpl; @@ -626,7 +642,7 @@ int crypto_register_instance(struct crypto_template *tmpl, up_write(&crypto_alg_sem);
err = PTR_ERR(larval); - if (IS_ERR(larval)) + if (IS_ERR_OR_NULL(larval)) goto err;
crypto_wait_for_test(larval); diff --git a/crypto/api.c b/crypto/api.c index 44d3e4f8bb58..0e7a255252ca 100644 --- a/crypto/api.c +++ b/crypto/api.c @@ -166,11 +166,8 @@ void crypto_wait_for_test(struct crypto_larval *larval) int err;
err = crypto_probing_notify(CRYPTO_MSG_ALG_REGISTER, larval->adult); - if (err != NOTIFY_STOP) { - if (WARN_ON(err != NOTIFY_DONE)) - goto out; - crypto_alg_tested(larval->alg.cra_driver_name, 0); - } + if (WARN_ON_ONCE(err != NOTIFY_STOP)) + goto out;
err = wait_for_completion_killable(&larval->completion); WARN_ON(err);
From: Herbert Xu herbert@gondor.apana.org.au
We need to export crypto_boot_test_finished in case api.c is built-in while algapi.c is built as a module.
Fixes: adad556efcdd ("crypto: api - Fix built-in testing dependency failures") Reported-by: Stephen Rothwell sfr@canb.auug.org.au Signed-off-by: Herbert Xu herbert@gondor.apana.org.au Tested-by: Stephen Rothwell sfr@canb.auug.org.au # ppc32 build Signed-off-by: Gaosheng Cui cuigaosheng1@huawei.com --- crypto/api.c | 1 + 1 file changed, 1 insertion(+)
diff --git a/crypto/api.c b/crypto/api.c index 0e7a255252ca..7ddfe946dd56 100644 --- a/crypto/api.c +++ b/crypto/api.c @@ -32,6 +32,7 @@ BLOCKING_NOTIFIER_HEAD(crypto_chain); EXPORT_SYMBOL_GPL(crypto_chain);
DEFINE_STATIC_KEY_FALSE(crypto_boot_test_finished); +EXPORT_SYMBOL_GPL(crypto_boot_test_finished);
static struct crypto_alg *crypto_larval_wait(struct crypto_alg *alg);
From: Herbert Xu herbert@gondor.apana.org.au
When the crypto manager is disabled, we need to explicitly set the crypto algorithms' tested status so that they can be used.
Fixes: cad439fc040e ("crypto: api - Do not create test larvals if...") Reported-by: Geert Uytterhoeven geert@linux-m68k.org Reported-by: Ido Schimmel idosch@idosch.org Reported-by: Guenter Roeck linux@roeck-us.net Signed-off-by: Herbert Xu herbert@gondor.apana.org.au Tested-by: Ido Schimmel idosch@nvidia.com Tested-by: Geert Uytterhoeven geert@linux-m68k.org Signed-off-by: Gaosheng Cui cuigaosheng1@huawei.com --- crypto/algapi.c | 2 ++ 1 file changed, 2 insertions(+)
diff --git a/crypto/algapi.c b/crypto/algapi.c index f6481cb79946..0d0c3e937e36 100644 --- a/crypto/algapi.c +++ b/crypto/algapi.c @@ -284,6 +284,8 @@ static struct crypto_larval *__crypto_register_alg(struct crypto_alg *alg)
if (larval) list_add(&larval->alg.cra_list, &crypto_alg_list); + else + alg->cra_flags |= CRYPTO_ALG_TESTED;
crypto_stats_init(alg);
linux-stable-mirror@lists.linaro.org
-
Gaosheng Cui -
Greg KH -
kernel test robot