diff mbox series

[RFC/RFT,09/15] crypto: testmgr - introduce CONFIG_CRYPTO_MANAGER_EXTRA_TESTS

Message ID 20190123224926.250525-10-ebiggers@kernel.org (mailing list archive)
State Changes Requested
Delegated to: Herbert Xu
Headers show
Series crypto: improved skcipher, aead, and hash tests | expand

Commit Message

Eric Biggers Jan. 23, 2019, 10:49 p.m. UTC 
From: Eric Biggers <ebiggers@google.com>

To achieve more comprehensive crypto test coverage, I'd like to add fuzz
tests that use random data layouts and request flags.

To be most effective these tests should be part of testmgr, so they
automatically run on every algorithm registered with the crypto API.
However, they will take much longer to run than the current tests and
therefore will only really be intended to be run by developers, whereas
the current tests have a wider audience.

Therefore, add a new kconfig option CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
that can be set by developers to enable these extra, expensive tests.

Similar to the regular tests, also add a module parameter
cryptomgr.noextratests to support disabling the tests.

Finally, another module parameter cryptomgr.fuzz_iterations is added to
control how many iterations the fuzz tests do.  Note: for now setting
this to 0 will be equivalent to cryptomgr.noextratests=1.  But I opted
for separate parameters to provide more flexibility to add other types
of tests under the "extra tests" category in the future.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 crypto/Kconfig   | 10 ++++++++++
 crypto/testmgr.c | 14 ++++++++++++++
 2 files changed, 24 insertions(+)

Comments

Herbert Xu Feb. 1, 2019, 5:31 a.m. UTC | #1 
On Wed, Jan 23, 2019 at 02:49:20PM -0800, Eric Biggers wrote:
> 
> diff --git a/crypto/Kconfig b/crypto/Kconfig
> index 86960aa53e0f..cbeba16fd8c1 100644
> --- a/crypto/Kconfig
> +++ b/crypto/Kconfig
> @@ -168,6 +168,16 @@ config CRYPTO_MANAGER_DISABLE_TESTS
>  	  Disable run-time self tests that normally take place at
>  	  algorithm registration.
>  
> +config CRYPTO_MANAGER_EXTRA_TESTS
> +	bool "Enable extra run-time crypto self tests"
> +	depends on !CRYPTO_MANAGER_DISABLE_TESTS

Perhaps add a dependency on DEBUG_KERNEL so we don't bother people
who don't care?

Thanks,
Eric Biggers Feb. 1, 2019, 7 a.m. UTC | #2 
On Fri, Feb 01, 2019 at 01:31:46PM +0800, Herbert Xu wrote:
> On Wed, Jan 23, 2019 at 02:49:20PM -0800, Eric Biggers wrote:
> > 
> > diff --git a/crypto/Kconfig b/crypto/Kconfig
> > index 86960aa53e0f..cbeba16fd8c1 100644
> > --- a/crypto/Kconfig
> > +++ b/crypto/Kconfig
> > @@ -168,6 +168,16 @@ config CRYPTO_MANAGER_DISABLE_TESTS
> >  	  Disable run-time self tests that normally take place at
> >  	  algorithm registration.
> >  
> > +config CRYPTO_MANAGER_EXTRA_TESTS
> > +	bool "Enable extra run-time crypto self tests"
> > +	depends on !CRYPTO_MANAGER_DISABLE_TESTS
> 
> Perhaps add a dependency on DEBUG_KERNEL so we don't bother people
> who don't care?
> 

Yes, I'll do that.

- Eric
diff mbox series

Patch

diff --git a/crypto/Kconfig b/crypto/Kconfig
index 86960aa53e0f..cbeba16fd8c1 100644
--- a/crypto/Kconfig
+++ b/crypto/Kconfig
@@ -168,6 +168,16 @@  config CRYPTO_MANAGER_DISABLE_TESTS
 	  Disable run-time self tests that normally take place at
 	  algorithm registration.
 
+config CRYPTO_MANAGER_EXTRA_TESTS
+	bool "Enable extra run-time crypto self tests"
+	depends on !CRYPTO_MANAGER_DISABLE_TESTS
+	help
+	  Enable extra run-time self tests of registered crypto algorithms,
+	  including randomized fuzz tests.
+
+	  This is intended for developer use only, as these tests take much
+	  longer to run than the normal self tests.
+
 config CRYPTO_GF128MUL
 	tristate "GF(2^128) multiplication functions"
 	help
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index a29b42a17841..7c68b4101bd0 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -43,6 +43,16 @@  static bool notests;
 module_param(notests, bool, 0644);
 MODULE_PARM_DESC(notests, "disable crypto self-tests");
 
+#ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
+static bool noextratests;
+module_param(noextratests, bool, 0644);
+MODULE_PARM_DESC(noextratests, "disable expensive crypto self-tests");
+
+static unsigned int fuzz_iterations = 100;
+module_param(fuzz_iterations, uint, 0644);
+MODULE_PARM_DESC(fuzz_iterations, "number of fuzz test iterations");
+#endif
+
 #ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
 
 /* a perfect nop */
@@ -4099,6 +4109,10 @@  static void testmgr_onetime_init(void)
 {
 	alg_check_test_descs_order();
 	alg_check_testvec_configs();
+
+#ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS
+	pr_warn("alg: extra crypto tests enabled.  This is intended for developer use only.\n");
+#endif
 }
 
 static int alg_find_test(const char *alg)