thunderbolt: Use HMAC-SHA256 library instead of crypto_shash

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Use the hmac_sha256_usingrawkey() library function instead of the
"hmac(sha256)" crypto_shash. This is simpler and faster.

As a cleanup, change the input data parameters from "challenge,
sizeof(hmac)" to "challenge, sizeof(challenge)", so that the size is
being taken of the correct buffer. This is not a functional change,
since it happens that sizeof(hmac) == sizeof(challenge).

Replace the selection of CRYPTO and CRYPTO_HASH with CRYPTO_LIB_SHA256
and CRYPTO_LIB_UTILS. The latter is needed for crypto_memneq() which
was previously being pulled in via CRYPTO.

Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Mika Westerberg <mika.westerberg@linux.intel.com>

authored by

Eric Biggers and committed by

Mika Westerberg 8 months ago 0eff12ce dced755d

+8 -40

2 changed files

expand all

drivers

thunderbolt

Kconfig

domain.c

+2 -2

drivers/thunderbolt/Kconfig

··· 4 4 depends on PCI 5 5 select APPLE_PROPERTIES if EFI_STUB && X86 6 6 select CRC32 7 - select CRYPTO 8 - select CRYPTO_HASH 7 + select CRYPTO_LIB_SHA256 8 + select CRYPTO_LIB_UTILS 9 9 select NVMEM 10 10 help 11 11 USB4 and Thunderbolt driver. USB4 is the public specification

+6 -38

drivers/thunderbolt/domain.c

··· 12 12 #include <linux/pm_runtime.h> 13 13 #include <linux/slab.h> 14 14 #include <linux/random.h> 15 - #include <crypto/hash.h> 15 + #include <crypto/sha2.h> 16 16 #include <crypto/utils.h> 17 17 18 18 #include "tb.h" ··· 709 709 u8 response[TB_SWITCH_KEY_SIZE]; 710 710 u8 hmac[TB_SWITCH_KEY_SIZE]; 711 711 struct tb_switch *parent_sw; 712 - struct crypto_shash *tfm; 713 - struct shash_desc *shash; 714 712 int ret; 715 713 716 714 if (!tb->cm_ops->approve_switch || !tb->cm_ops->challenge_switch_key) ··· 724 726 if (ret) 725 727 return ret; 726 728 727 - tfm = crypto_alloc_shash("hmac(sha256)", 0, 0); 728 - if (IS_ERR(tfm)) 729 - return PTR_ERR(tfm); 730 - 731 - ret = crypto_shash_setkey(tfm, sw->key, TB_SWITCH_KEY_SIZE); 732 - if (ret) 733 - goto err_free_tfm; 734 - 735 - shash = kzalloc(sizeof(*shash) + crypto_shash_descsize(tfm), 736 - GFP_KERNEL); 737 - if (!shash) { 738 - ret = -ENOMEM; 739 - goto err_free_tfm; 740 - } 741 - 742 - shash->tfm = tfm; 743 - 744 - memset(hmac, 0, sizeof(hmac)); 745 - ret = crypto_shash_digest(shash, challenge, sizeof(hmac), hmac); 746 - if (ret) 747 - goto err_free_shash; 729 + static_assert(sizeof(hmac) == SHA256_DIGEST_SIZE); 730 + hmac_sha256_usingrawkey(sw->key, TB_SWITCH_KEY_SIZE, 731 + challenge, sizeof(challenge), hmac); 748 732 749 733 /* The returned HMAC must match the one we calculated */ 750 - if (crypto_memneq(response, hmac, sizeof(hmac))) { 751 - ret = -EKEYREJECTED; 752 - goto err_free_shash; 753 - } 754 - 755 - crypto_free_shash(tfm); 756 - kfree(shash); 734 + if (crypto_memneq(response, hmac, sizeof(hmac))) 735 + return -EKEYREJECTED; 757 736 758 737 return tb->cm_ops->approve_switch(tb, sw); 759 - 760 - err_free_shash: 761 - kfree(shash); 762 - err_free_tfm: 763 - crypto_free_shash(tfm); 764 - 765 - return ret; 766 738 } 767 739 768 740 /**