Re: [PATCH] crypto: shash - Allow cloning on algorithms with no init_tfm
From: Ard Biesheuvel <ardb@kernel.org>
Date: 2023-05-19 09:32:55
Also in:
linux-crypto, lkml
On Fri, 19 May 2023 at 11:04, Herbert Xu [off-list ref] wrote:
On Fri, May 19, 2023 at 10:54:11AM +0200, Ard Biesheuvel wrote:quoted
Does this imply that the cmac-aes-ce and cmac-aes-neon implementations for arm64 need a similar treatment?Good catch. Since these don't have init functions we can deal with them at a higher level: ---8<--- Some shash algorithms are so simple that they don't have an init_tfm function. These can be cloned trivially. Check this before failing in crypto_clone_shash.
OK. So IIUC, cloning a keyless hash just shares the TFM and bumps the refcount, but here we must actually allocate a new TFM referring to the same algo, and this new TFM needs its key to be set before use, as it doesn't inherit it from the clonee, right? And this works in the same way as cloning an instance of the generic HMAC template, as this will just clone the inner shash too, and will also leave the key unset. If so, Acked-by: Ard Biesheuvel <ardb@kernel.org> If not, could you explain it to me again? :-)
quoted hunk ↗ jump to hunk
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>diff --git a/crypto/shash.c b/crypto/shash.c index 717b42df3495..1fadb6b59bdc 100644 --- a/crypto/shash.c +++ b/crypto/shash.c@@ -597,7 +597,7 @@ struct crypto_shash *crypto_clone_shash(struct crypto_shash *hash) return hash; } - if (!alg->clone_tfm) + if (!alg->clone_tfm && (alg->init_tfm || alg->base.cra_init)) return ERR_PTR(-ENOSYS); nhash = crypto_clone_tfm(&crypto_shash_type, tfm);@@ -606,10 +606,12 @@ struct crypto_shash *crypto_clone_shash(struct crypto_shash *hash) nhash->descsize = hash->descsize; - err = alg->clone_tfm(nhash, hash); - if (err) { - crypto_free_shash(nhash); - return ERR_PTR(err); + if (alg->clone_tfm) { + err = alg->clone_tfm(nhash, hash); + if (err) { + crypto_free_shash(nhash); + return ERR_PTR(err); + } } return nhash; --Email: Herbert Xu [off-list ref] Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt