On Sat, May 28, 2011 at 6:03 AM, Arvid Brodin [off-list ref] wrote:

Peter Teoh wrote:

quoted

On Tue, May 24, 2011 at 6:43 AM, Arvid Brodin [off-list ref] wrote:

quoted

Hi,

I want to perform an md5 checksum on a process' text segment (I create a file
/proc/<pid>/text_checksum that, when read, should give the md5sum).

The crypto api documentation (Documentation/crypto/api-intro.txt) seems to be
quite lacking. The only example is:

? ? ? ?tfm = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);
? ? ? ?if (IS_ERR(tfm))
? ? ? ? ? ? ? ?fail();

? ? ? ?/* ... set up the scatterlists ... */

? ? ? ?desc.tfm = tfm;
? ? ? ?desc.flags = 0;

? ? ? ?if (crypto_hash_digest(&desc, sg, 2, result))
? ? ? ? ? ? ? ?fail();

? ? ? ?crypto_free_hash(tfm);

Looking at some existing code, I see usage of crypto_hash_init(),
crypto_hash_final(), desc.flag set to CRYPTO_TFM_REQ_MAY_SLEEP,
... (e.g. in fs/ecryptfs/crypto.c). Does anybody know what they do? Do I need

http://www.redhat.com/archives/dm-devel/2005-August/msg00058.html

Thanks, that explains the CRYPTO_TFM_REQ_MAY_SLEEP flag!

quoted

quoted

to, or should I, use them? The functions are are declared in include/linux/crypto.h
as some kind of wrapper functions, but lack documentation. Also, Google has not
been my friend here.

http://www.linuxjournal.com/article/6451?page=0,0

This link is one I've found before, and it really does not explain anything
about the usage of crypto_hash_{digest,init,update,final}() as far as I can
see. So I'm still looking for help on this!


Thanks,
Arvid Brodin
Enea Services Stockholm AB

As these function are just wrapper over the real crypto API, they have
nothing to do with md5.

It is not explained....I guess it is because they are self-explanatory
(eg "crypto_hash_digest()" is calculating digest from the hash etc).
I guess reading more crypto concept will help.

look into the crypto/tcrypt.c:do_test() - where usage of different
crypto scheme is shown (md5, sha1 etc).

read wiki:

http://en.wikipedia.org/wiki/MD5

and u know that the input is 16 bytes, which is what the
crypto/md5.c:md5_transform() is calculating:

static void md5_transform(u32 *hash, u32 const *in)

and understanding the above will finally help u to understand
md5_update(): which is calling md5_transform() repeatedly for each
block.   This also help to explain crypto_hash_update().

In its complete usage:

        for (start = jiffies, end = start + sec * HZ, bcount = 0;
             time_before(jiffies, end); bcount++) {
                ret = crypto_hash_init(desc);
                if (ret)
                        return ret;
                for (pcount = 0; pcount < blen; pcount += plen) {
                        ret = crypto_hash_update(desc, sg, plen);
                        if (ret)
                                return ret;
                }
                /* we assume there is enough space in 'out' for the result */
                ret = crypto_hash_final(desc, out);
                if (ret)
                        return ret;
        }

plen will correspond to the page by page of your text segment. (not
including the descriptor allocation part)

and another complete example of using all the API is in
test_hash_speed(): hash is allocated, calculated and finally freed.

I think more important is the method of the idea - not all the pages
of the text segment are loaded into the memory, and if u attempt to
access it in userspace, u will trigger a pagefault to load the text
segment into memory.   but if u attempt to access it in kernel mode
while it is not available.....hmmmmm......more info will be available
after debugging....

See page 24 of the following document:

EXECUTABLE WHITELISTS AND PROCESS AUTHENTICATION FOR PROTECTION

http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.129.5235&rep=rep1&type=pdf

-- 
Regards,
Peter Teoh