diff mbox series

crypto: testmgr - skip crc32c context test for ahash algorithms

Message ID 20190124045735.331-1-ebiggers@kernel.org (mailing list archive)
State Accepted
Delegated to: Herbert Xu
Headers show
Series crypto: testmgr - skip crc32c context test for ahash algorithms | expand

Commit Message

Eric Biggers Jan. 24, 2019, 4:57 a.m. UTC 
From: Eric Biggers <ebiggers@google.com>

Instantiating "cryptd(crc32c)" causes a crypto self-test failure because
the crypto_alloc_shash() in alg_test_crc32c() fails.  This is because
cryptd(crc32c) is an ahash algorithm, not a shash algorithm; so it can
only be accessed through the ahash API, unlike shash algorithms which
can be accessed through both the ahash and shash APIs.

As the test is testing the shash descriptor format which is only
applicable to shash algorithms, skip it for ahash algorithms.

(Note that it's still important to fix crypto self-test failures even
 for weird algorithm instantiations like cryptd(crc32c) that no one
 would really use; in fips_enabled mode unprivileged users can use them
 to panic the kernel, and also they prevent treating a crypto self-test
 failure as a bug when fuzzing the kernel.)

Fixes: 8e3ee85e68c5 ("crypto: crc32c - Test descriptor context format")
Cc: stable@vger.kernel.org
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 crypto/testmgr.c | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

Comments

Herbert Xu Feb. 1, 2019, 6:50 a.m. UTC | #1 
On Wed, Jan 23, 2019 at 08:57:35PM -0800, Eric Biggers wrote:
> From: Eric Biggers <ebiggers@google.com>
> 
> Instantiating "cryptd(crc32c)" causes a crypto self-test failure because
> the crypto_alloc_shash() in alg_test_crc32c() fails.  This is because
> cryptd(crc32c) is an ahash algorithm, not a shash algorithm; so it can
> only be accessed through the ahash API, unlike shash algorithms which
> can be accessed through both the ahash and shash APIs.
> 
> As the test is testing the shash descriptor format which is only
> applicable to shash algorithms, skip it for ahash algorithms.
> 
> (Note that it's still important to fix crypto self-test failures even
>  for weird algorithm instantiations like cryptd(crc32c) that no one
>  would really use; in fips_enabled mode unprivileged users can use them
>  to panic the kernel, and also they prevent treating a crypto self-test
>  failure as a bug when fuzzing the kernel.)
> 
> Fixes: 8e3ee85e68c5 ("crypto: crc32c - Test descriptor context format")
> Cc: stable@vger.kernel.org
> Signed-off-by: Eric Biggers <ebiggers@google.com>
> ---
>  crypto/testmgr.c | 14 ++++++++++----
>  1 file changed, 10 insertions(+), 4 deletions(-)

Patch applied.  Thanks.
diff mbox series

Patch

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 8e36fa3605d73..45e1c3c61a19d 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2156,14 +2156,21 @@  static int alg_test_crc32c(const struct alg_test_desc *desc,
 
 	err = alg_test_hash(desc, driver, type, mask);
 	if (err)
-		goto out;
+		return err;
 
 	tfm = crypto_alloc_shash(driver, type, mask);
 	if (IS_ERR(tfm)) {
+		if (PTR_ERR(tfm) == -ENOENT) {
+			/*
+			 * This crc32c implementation is only available through
+			 * ahash API, not the shash API, so the remaining part
+			 * of the test is not applicable to it.
+			 */
+			return 0;
+		}
 		printk(KERN_ERR "alg: crc32c: Failed to load transform for %s: "
 		       "%ld\n", driver, PTR_ERR(tfm));
-		err = PTR_ERR(tfm);
-		goto out;
+		return PTR_ERR(tfm);
 	}
 
 	do {
@@ -2190,7 +2197,6 @@  static int alg_test_crc32c(const struct alg_test_desc *desc,
 
 	crypto_free_shash(tfm);
 
-out:
 	return err;
 }