sctp: Use shash · tjh.dev/kernel@5821c76

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

sctp: Use shash

This patch replaces uses of the long obsolete hash interface with
shash.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: David S. Miller <davem@davemloft.net>

Herbert Xu 10 years ago 5821c769 1edb82d2

+55 -47

6 changed files

expand all

include

net

sctp

auth.h

structs.h

net

sctp

auth.c

endpointola.c

sm_make_chunk.c

socket.c

+2 -2

include/net/sctp/auth.h

··· 31 31 #define __sctp_auth_h__ 32 32 33 33 #include <linux/list.h> 34 - #include <linux/crypto.h> 35 34 36 35 struct sctp_endpoint; 37 36 struct sctp_association; 38 37 struct sctp_authkey; 39 38 struct sctp_hmacalgo; 39 + struct crypto_shash; 40 40 41 41 /* 42 42 * Define a generic struct that will hold all the info ··· 90 90 struct sctp_association *asoc, 91 91 gfp_t gfp); 92 92 int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp); 93 - void sctp_auth_destroy_hmacs(struct crypto_hash *auth_hmacs[]); 93 + void sctp_auth_destroy_hmacs(struct crypto_shash *auth_hmacs[]); 94 94 struct sctp_hmac *sctp_auth_get_hmac(__u16 hmac_id); 95 95 struct sctp_hmac *sctp_auth_asoc_get_hmac(const struct sctp_association *asoc); 96 96 void sctp_auth_asoc_set_default_hmac(struct sctp_association *asoc,

+3 -3

include/net/sctp/structs.h

··· 82 82 struct sctp_ulpq; 83 83 struct sctp_ep_common; 84 84 struct sctp_ssnmap; 85 - struct crypto_hash; 85 + struct crypto_shash; 86 86 87 87 88 88 #include <net/sctp/tsnmap.h> ··· 166 166 struct sctp_pf *pf; 167 167 168 168 /* Access to HMAC transform. */ 169 - struct crypto_hash *hmac; 169 + struct crypto_shash *hmac; 170 170 char *sctp_hmac_alg; 171 171 172 172 /* What is our base endpointer? */ ··· 1235 1235 /* SCTP AUTH: array of the HMACs that will be allocated 1236 1236 * we need this per association so that we don't serialize 1237 1237 */ 1238 - struct crypto_hash **auth_hmacs; 1238 + struct crypto_shash **auth_hmacs; 1239 1239 1240 1240 /* SCTP-AUTH: hmacs for the endpoint encoded into parameter */ 1241 1241 struct sctp_hmac_algo_param *auth_hmacs_list;

+19 -17

net/sctp/auth.c

··· 27 27 * Vlad Yasevich <vladislav.yasevich@hp.com> 28 28 */ 29 29 30 + #include <crypto/hash.h> 30 31 #include <linux/slab.h> 31 32 #include <linux/types.h> 32 - #include <linux/crypto.h> 33 33 #include <linux/scatterlist.h> 34 34 #include <net/sctp/sctp.h> 35 35 #include <net/sctp/auth.h> ··· 448 448 */ 449 449 int sctp_auth_init_hmacs(struct sctp_endpoint *ep, gfp_t gfp) 450 450 { 451 - struct crypto_hash *tfm = NULL; 451 + struct crypto_shash *tfm = NULL; 452 452 __u16 id; 453 453 454 454 /* If AUTH extension is disabled, we are done */ ··· 462 462 return 0; 463 463 464 464 /* Allocated the array of pointers to transorms */ 465 - ep->auth_hmacs = kzalloc( 466 - sizeof(struct crypto_hash *) * SCTP_AUTH_NUM_HMACS, 467 - gfp); 465 + ep->auth_hmacs = kzalloc(sizeof(struct crypto_shash *) * 466 + SCTP_AUTH_NUM_HMACS, gfp); 468 467 if (!ep->auth_hmacs) 469 468 return -ENOMEM; 470 469 ··· 482 483 continue; 483 484 484 485 /* Allocate the ID */ 485 - tfm = crypto_alloc_hash(sctp_hmac_list[id].hmac_name, 0, 486 - CRYPTO_ALG_ASYNC); 486 + tfm = crypto_alloc_shash(sctp_hmac_list[id].hmac_name, 0, 0); 487 487 if (IS_ERR(tfm)) 488 488 goto out_err; 489 489 ··· 498 500 } 499 501 500 502 /* Destroy the hmac tfm array */ 501 - void sctp_auth_destroy_hmacs(struct crypto_hash *auth_hmacs[]) 503 + void sctp_auth_destroy_hmacs(struct crypto_shash *auth_hmacs[]) 502 504 { 503 505 int i; 504 506 ··· 506 508 return; 507 509 508 510 for (i = 0; i < SCTP_AUTH_NUM_HMACS; i++) { 509 - if (auth_hmacs[i]) 510 - crypto_free_hash(auth_hmacs[i]); 511 + crypto_free_shash(auth_hmacs[i]); 511 512 } 512 513 kfree(auth_hmacs); 513 514 } ··· 706 709 struct sctp_auth_chunk *auth, 707 710 gfp_t gfp) 708 711 { 709 - struct scatterlist sg; 710 - struct hash_desc desc; 712 + struct crypto_shash *tfm; 711 713 struct sctp_auth_bytes *asoc_key; 712 714 __u16 key_id, hmac_id; 713 715 __u8 *digest; ··· 738 742 739 743 /* set up scatter list */ 740 744 end = skb_tail_pointer(skb); 741 - sg_init_one(&sg, auth, end - (unsigned char *)auth); 742 745 743 - desc.tfm = asoc->ep->auth_hmacs[hmac_id]; 744 - desc.flags = 0; 746 + tfm = asoc->ep->auth_hmacs[hmac_id]; 745 747 746 748 digest = auth->auth_hdr.hmac; 747 - if (crypto_hash_setkey(desc.tfm, &asoc_key->data[0], asoc_key->len)) 749 + if (crypto_shash_setkey(tfm, &asoc_key->data[0], asoc_key->len)) 748 750 goto free; 749 751 750 - crypto_hash_digest(&desc, &sg, sg.length, digest); 752 + { 753 + SHASH_DESC_ON_STACK(desc, tfm); 754 + 755 + desc->tfm = tfm; 756 + desc->flags = 0; 757 + crypto_shash_digest(desc, (u8 *)auth, 758 + end - (unsigned char *)auth, digest); 759 + shash_desc_zero(desc); 760 + } 751 761 752 762 free: 753 763 if (free_key)

-1

net/sctp/endpointola.c

··· 42 42 #include <linux/slab.h> 43 43 #include <linux/in.h> 44 44 #include <linux/random.h> /* get_random_bytes() */ 45 - #include <linux/crypto.h> 46 45 #include <net/sock.h> 47 46 #include <net/ipv6.h> 48 47 #include <net/sctp/sctp.h>

+27 -20

net/sctp/sm_make_chunk.c

··· 45 45 46 46 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 47 47 48 + #include <crypto/hash.h> 48 49 #include <linux/types.h> 49 50 #include <linux/kernel.h> 50 51 #include <linux/ip.h> ··· 53 52 #include <linux/net.h> 54 53 #include <linux/inet.h> 55 54 #include <linux/scatterlist.h> 56 - #include <linux/crypto.h> 57 55 #include <linux/slab.h> 58 56 #include <net/sock.h> 59 57 ··· 1606 1606 { 1607 1607 sctp_cookie_param_t *retval; 1608 1608 struct sctp_signed_cookie *cookie; 1609 - struct scatterlist sg; 1610 1609 int headersize, bodysize; 1611 1610 1612 1611 /* Header size is static data prior to the actual cookie, including ··· 1662 1663 ntohs(init_chunk->chunk_hdr->length), raw_addrs, addrs_len); 1663 1664 1664 1665 if (sctp_sk(ep->base.sk)->hmac) { 1665 - struct hash_desc desc; 1666 + SHASH_DESC_ON_STACK(desc, sctp_sk(ep->base.sk)->hmac); 1667 + int err; 1666 1668 1667 1669 /* Sign the message. */ 1668 - sg_init_one(&sg, &cookie->c, bodysize); 1669 - desc.tfm = sctp_sk(ep->base.sk)->hmac; 1670 - desc.flags = 0; 1670 + desc->tfm = sctp_sk(ep->base.sk)->hmac; 1671 + desc->flags = 0; 1671 1672 1672 - if (crypto_hash_setkey(desc.tfm, ep->secret_key, 1673 - sizeof(ep->secret_key)) || 1674 - crypto_hash_digest(&desc, &sg, bodysize, cookie->signature)) 1673 + err = crypto_shash_setkey(desc->tfm, ep->secret_key, 1674 + sizeof(ep->secret_key)) ?: 1675 + crypto_shash_digest(desc, (u8 *)&cookie->c, bodysize, 1676 + cookie->signature); 1677 + shash_desc_zero(desc); 1678 + if (err) 1675 1679 goto free_cookie; 1676 1680 } 1677 1681 ··· 1699 1697 struct sctp_cookie *bear_cookie; 1700 1698 int headersize, bodysize, fixed_size; 1701 1699 __u8 *digest = ep->digest; 1702 - struct scatterlist sg; 1703 1700 unsigned int len; 1704 1701 sctp_scope_t scope; 1705 1702 struct sk_buff *skb = chunk->skb; 1706 1703 ktime_t kt; 1707 - struct hash_desc desc; 1708 1704 1709 1705 /* Header size is static data prior to the actual cookie, including 1710 1706 * any padding. ··· 1733 1733 goto no_hmac; 1734 1734 1735 1735 /* Check the signature. */ 1736 - sg_init_one(&sg, bear_cookie, bodysize); 1737 - desc.tfm = sctp_sk(ep->base.sk)->hmac; 1738 - desc.flags = 0; 1736 + { 1737 + SHASH_DESC_ON_STACK(desc, sctp_sk(ep->base.sk)->hmac); 1738 + int err; 1739 1739 1740 - memset(digest, 0x00, SCTP_SIGNATURE_SIZE); 1741 - if (crypto_hash_setkey(desc.tfm, ep->secret_key, 1742 - sizeof(ep->secret_key)) || 1743 - crypto_hash_digest(&desc, &sg, bodysize, digest)) { 1744 - *error = -SCTP_IERROR_NOMEM; 1745 - goto fail; 1740 + desc->tfm = sctp_sk(ep->base.sk)->hmac; 1741 + desc->flags = 0; 1742 + 1743 + err = crypto_shash_setkey(desc->tfm, ep->secret_key, 1744 + sizeof(ep->secret_key)) ?: 1745 + crypto_shash_digest(desc, (u8 *)bear_cookie, bodysize, 1746 + digest); 1747 + shash_desc_zero(desc); 1748 + 1749 + if (err) { 1750 + *error = -SCTP_IERROR_NOMEM; 1751 + goto fail; 1752 + } 1746 1753 } 1747 1754 1748 1755 if (memcmp(digest, cookie->signature, SCTP_SIGNATURE_SIZE)) {

+4 -4

net/sctp/socket.c

··· 52 52 53 53 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 54 54 55 + #include <crypto/hash.h> 55 56 #include <linux/types.h> 56 57 #include <linux/kernel.h> 57 58 #include <linux/wait.h> ··· 62 61 #include <linux/fcntl.h> 63 62 #include <linux/poll.h> 64 63 #include <linux/init.h> 65 - #include <linux/crypto.h> 66 64 #include <linux/slab.h> 67 65 #include <linux/file.h> 68 66 #include <linux/compat.h> ··· 4160 4160 struct sctp_sock *sp = sctp_sk(sk); 4161 4161 4162 4162 /* Free up the HMAC transform. */ 4163 - crypto_free_hash(sp->hmac); 4163 + crypto_free_shash(sp->hmac); 4164 4164 4165 4165 inet_sock_destruct(sk); 4166 4166 } ··· 6299 6299 { 6300 6300 struct sctp_sock *sp = sctp_sk(sk); 6301 6301 struct sctp_endpoint *ep = sp->ep; 6302 - struct crypto_hash *tfm = NULL; 6302 + struct crypto_shash *tfm = NULL; 6303 6303 char alg[32]; 6304 6304 6305 6305 /* Allocate HMAC for generating cookie. */ 6306 6306 if (!sp->hmac && sp->sctp_hmac_alg) { 6307 6307 sprintf(alg, "hmac(%s)", sp->sctp_hmac_alg); 6308 - tfm = crypto_alloc_hash(alg, 0, CRYPTO_ALG_ASYNC); 6308 + tfm = crypto_alloc_shash(alg, 0, 0); 6309 6309 if (IS_ERR(tfm)) { 6310 6310 net_info_ratelimited("failed to load transform for %s: %ld\n", 6311 6311 sp->sctp_hmac_alg, PTR_ERR(tfm));