xref: /linux/crypto/algif_hash.c (revision a8b70ccf10e38775785d9cb12ead916474549f99) 
1 /*
2  * algif_hash: User-space interface for hash algorithms
3  *
4  * This file provides the user-space API for hash algorithms.
5  *
6  * Copyright (c) 2010 Herbert Xu <herbert@gondor.apana.org.au>
7  *
8  * This program is free software; you can redistribute it and/or modify it
9  * under the terms of the GNU General Public License as published by the Free
10  * Software Foundation; either version 2 of the License, or (at your option)
11  * any later version.
12  *
13  */
14 
15 #include <crypto/hash.h>
16 #include <crypto/if_alg.h>
17 #include <linux/init.h>
18 #include <linux/kernel.h>
19 #include <linux/mm.h>
20 #include <linux/module.h>
21 #include <linux/net.h>
22 #include <net/sock.h>
23 
24 struct hash_ctx {
25 	struct af_alg_sgl sgl;
26 
27 	u8 *result;
28 
29 	struct crypto_wait wait;
30 
31 	unsigned int len;
32 	bool more;
33 
34 	struct ahash_request req;
35 };
36 
37 static int hash_alloc_result(struct sock *sk, struct hash_ctx *ctx)
38 {
39 	unsigned ds;
40 
41 	if (ctx->result)
42 		return 0;
43 
44 	ds = crypto_ahash_digestsize(crypto_ahash_reqtfm(&ctx->req));
45 
46 	ctx->result = sock_kmalloc(sk, ds, GFP_KERNEL);
47 	if (!ctx->result)
48 		return -ENOMEM;
49 
50 	memset(ctx->result, 0, ds);
51 
52 	return 0;
53 }
54 
55 static void hash_free_result(struct sock *sk, struct hash_ctx *ctx)
56 {
57 	unsigned ds;
58 
59 	if (!ctx->result)
60 		return;
61 
62 	ds = crypto_ahash_digestsize(crypto_ahash_reqtfm(&ctx->req));
63 
64 	sock_kzfree_s(sk, ctx->result, ds);
65 	ctx->result = NULL;
66 }
67 
68 static int hash_sendmsg(struct socket *sock, struct msghdr *msg,
69 			size_t ignored)
70 {
71 	int limit = ALG_MAX_PAGES * PAGE_SIZE;
72 	struct sock *sk = sock->sk;
73 	struct alg_sock *ask = alg_sk(sk);
74 	struct hash_ctx *ctx = ask->private;
75 	long copied = 0;
76 	int err;
77 
78 	if (limit > sk->sk_sndbuf)
79 		limit = sk->sk_sndbuf;
80 
81 	lock_sock(sk);
82 	if (!ctx->more) {
83 		if ((msg->msg_flags & MSG_MORE))
84 			hash_free_result(sk, ctx);
85 
86 		err = crypto_wait_req(crypto_ahash_init(&ctx->req), &ctx->wait);
87 		if (err)
88 			goto unlock;
89 	}
90 
91 	ctx->more = 0;
92 
93 	while (msg_data_left(msg)) {
94 		int len = msg_data_left(msg);
95 
96 		if (len > limit)
97 			len = limit;
98 
99 		len = af_alg_make_sg(&ctx->sgl, &msg->msg_iter, len);
100 		if (len < 0) {
101 			err = copied ? 0 : len;
102 			goto unlock;
103 		}
104 
105 		ahash_request_set_crypt(&ctx->req, ctx->sgl.sg, NULL, len);
106 
107 		err = crypto_wait_req(crypto_ahash_update(&ctx->req),
108 				      &ctx->wait);
109 		af_alg_free_sg(&ctx->sgl);
110 		if (err)
111 			goto unlock;
112 
113 		copied += len;
114 		iov_iter_advance(&msg->msg_iter, len);
115 	}
116 
117 	err = 0;
118 
119 	ctx->more = msg->msg_flags & MSG_MORE;
120 	if (!ctx->more) {
121 		err = hash_alloc_result(sk, ctx);
122 		if (err)
123 			goto unlock;
124 
125 		ahash_request_set_crypt(&ctx->req, NULL, ctx->result, 0);
126 		err = crypto_wait_req(crypto_ahash_final(&ctx->req),
127 				      &ctx->wait);
128 	}
129 
130 unlock:
131 	release_sock(sk);
132 
133 	return err ?: copied;
134 }
135 
136 static ssize_t hash_sendpage(struct socket *sock, struct page *page,
137 			     int offset, size_t size, int flags)
138 {
139 	struct sock *sk = sock->sk;
140 	struct alg_sock *ask = alg_sk(sk);
141 	struct hash_ctx *ctx = ask->private;
142 	int err;
143 
144 	if (flags & MSG_SENDPAGE_NOTLAST)
145 		flags |= MSG_MORE;
146 
147 	lock_sock(sk);
148 	sg_init_table(ctx->sgl.sg, 1);
149 	sg_set_page(ctx->sgl.sg, page, size, offset);
150 
151 	if (!(flags & MSG_MORE)) {
152 		err = hash_alloc_result(sk, ctx);
153 		if (err)
154 			goto unlock;
155 	} else if (!ctx->more)
156 		hash_free_result(sk, ctx);
157 
158 	ahash_request_set_crypt(&ctx->req, ctx->sgl.sg, ctx->result, size);
159 
160 	if (!(flags & MSG_MORE)) {
161 		if (ctx->more)
162 			err = crypto_ahash_finup(&ctx->req);
163 		else
164 			err = crypto_ahash_digest(&ctx->req);
165 	} else {
166 		if (!ctx->more) {
167 			err = crypto_ahash_init(&ctx->req);
168 			err = crypto_wait_req(err, &ctx->wait);
169 			if (err)
170 				goto unlock;
171 		}
172 
173 		err = crypto_ahash_update(&ctx->req);
174 	}
175 
176 	err = crypto_wait_req(err, &ctx->wait);
177 	if (err)
178 		goto unlock;
179 
180 	ctx->more = flags & MSG_MORE;
181 
182 unlock:
183 	release_sock(sk);
184 
185 	return err ?: size;
186 }
187 
188 static int hash_recvmsg(struct socket *sock, struct msghdr *msg, size_t len,
189 			int flags)
190 {
191 	struct sock *sk = sock->sk;
192 	struct alg_sock *ask = alg_sk(sk);
193 	struct hash_ctx *ctx = ask->private;
194 	unsigned ds = crypto_ahash_digestsize(crypto_ahash_reqtfm(&ctx->req));
195 	bool result;
196 	int err;
197 
198 	if (len > ds)
199 		len = ds;
200 	else if (len < ds)
201 		msg->msg_flags |= MSG_TRUNC;
202 
203 	lock_sock(sk);
204 	result = ctx->result;
205 	err = hash_alloc_result(sk, ctx);
206 	if (err)
207 		goto unlock;
208 
209 	ahash_request_set_crypt(&ctx->req, NULL, ctx->result, 0);
210 
211 	if (!result && !ctx->more) {
212 		err = crypto_wait_req(crypto_ahash_init(&ctx->req),
213 				      &ctx->wait);
214 		if (err)
215 			goto unlock;
216 	}
217 
218 	if (!result || ctx->more) {
219 		ctx->more = 0;
220 		err = crypto_wait_req(crypto_ahash_final(&ctx->req),
221 				      &ctx->wait);
222 		if (err)
223 			goto unlock;
224 	}
225 
226 	err = memcpy_to_msg(msg, ctx->result, len);
227 
228 unlock:
229 	hash_free_result(sk, ctx);
230 	release_sock(sk);
231 
232 	return err ?: len;
233 }
234 
235 static int hash_accept(struct socket *sock, struct socket *newsock, int flags,
236 		       bool kern)
237 {
238 	struct sock *sk = sock->sk;
239 	struct alg_sock *ask = alg_sk(sk);
240 	struct hash_ctx *ctx = ask->private;
241 	struct ahash_request *req = &ctx->req;
242 	char state[crypto_ahash_statesize(crypto_ahash_reqtfm(req)) ? : 1];
243 	struct sock *sk2;
244 	struct alg_sock *ask2;
245 	struct hash_ctx *ctx2;
246 	bool more;
247 	int err;
248 
249 	lock_sock(sk);
250 	more = ctx->more;
251 	err = more ? crypto_ahash_export(req, state) : 0;
252 	release_sock(sk);
253 
254 	if (err)
255 		return err;
256 
257 	err = af_alg_accept(ask->parent, newsock, kern);
258 	if (err)
259 		return err;
260 
261 	sk2 = newsock->sk;
262 	ask2 = alg_sk(sk2);
263 	ctx2 = ask2->private;
264 	ctx2->more = more;
265 
266 	if (!more)
267 		return err;
268 
269 	err = crypto_ahash_import(&ctx2->req, state);
270 	if (err) {
271 		sock_orphan(sk2);
272 		sock_put(sk2);
273 	}
274 
275 	return err;
276 }
277 
278 static struct proto_ops algif_hash_ops = {
279 	.family		=	PF_ALG,
280 
281 	.connect	=	sock_no_connect,
282 	.socketpair	=	sock_no_socketpair,
283 	.getname	=	sock_no_getname,
284 	.ioctl		=	sock_no_ioctl,
285 	.listen		=	sock_no_listen,
286 	.shutdown	=	sock_no_shutdown,
287 	.getsockopt	=	sock_no_getsockopt,
288 	.mmap		=	sock_no_mmap,
289 	.bind		=	sock_no_bind,
290 	.setsockopt	=	sock_no_setsockopt,
291 	.poll		=	sock_no_poll,
292 
293 	.release	=	af_alg_release,
294 	.sendmsg	=	hash_sendmsg,
295 	.sendpage	=	hash_sendpage,
296 	.recvmsg	=	hash_recvmsg,
297 	.accept		=	hash_accept,
298 };
299 
300 static int hash_check_key(struct socket *sock)
301 {
302 	int err = 0;
303 	struct sock *psk;
304 	struct alg_sock *pask;
305 	struct crypto_ahash *tfm;
306 	struct sock *sk = sock->sk;
307 	struct alg_sock *ask = alg_sk(sk);
308 
309 	lock_sock(sk);
310 	if (ask->refcnt)
311 		goto unlock_child;
312 
313 	psk = ask->parent;
314 	pask = alg_sk(ask->parent);
315 	tfm = pask->private;
316 
317 	err = -ENOKEY;
318 	lock_sock_nested(psk, SINGLE_DEPTH_NESTING);
319 	if (crypto_ahash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY)
320 		goto unlock;
321 
322 	if (!pask->refcnt++)
323 		sock_hold(psk);
324 
325 	ask->refcnt = 1;
326 	sock_put(psk);
327 
328 	err = 0;
329 
330 unlock:
331 	release_sock(psk);
332 unlock_child:
333 	release_sock(sk);
334 
335 	return err;
336 }
337 
338 static int hash_sendmsg_nokey(struct socket *sock, struct msghdr *msg,
339 			      size_t size)
340 {
341 	int err;
342 
343 	err = hash_check_key(sock);
344 	if (err)
345 		return err;
346 
347 	return hash_sendmsg(sock, msg, size);
348 }
349 
350 static ssize_t hash_sendpage_nokey(struct socket *sock, struct page *page,
351 				   int offset, size_t size, int flags)
352 {
353 	int err;
354 
355 	err = hash_check_key(sock);
356 	if (err)
357 		return err;
358 
359 	return hash_sendpage(sock, page, offset, size, flags);
360 }
361 
362 static int hash_recvmsg_nokey(struct socket *sock, struct msghdr *msg,
363 			      size_t ignored, int flags)
364 {
365 	int err;
366 
367 	err = hash_check_key(sock);
368 	if (err)
369 		return err;
370 
371 	return hash_recvmsg(sock, msg, ignored, flags);
372 }
373 
374 static int hash_accept_nokey(struct socket *sock, struct socket *newsock,
375 			     int flags, bool kern)
376 {
377 	int err;
378 
379 	err = hash_check_key(sock);
380 	if (err)
381 		return err;
382 
383 	return hash_accept(sock, newsock, flags, kern);
384 }
385 
386 static struct proto_ops algif_hash_ops_nokey = {
387 	.family		=	PF_ALG,
388 
389 	.connect	=	sock_no_connect,
390 	.socketpair	=	sock_no_socketpair,
391 	.getname	=	sock_no_getname,
392 	.ioctl		=	sock_no_ioctl,
393 	.listen		=	sock_no_listen,
394 	.shutdown	=	sock_no_shutdown,
395 	.getsockopt	=	sock_no_getsockopt,
396 	.mmap		=	sock_no_mmap,
397 	.bind		=	sock_no_bind,
398 	.setsockopt	=	sock_no_setsockopt,
399 	.poll		=	sock_no_poll,
400 
401 	.release	=	af_alg_release,
402 	.sendmsg	=	hash_sendmsg_nokey,
403 	.sendpage	=	hash_sendpage_nokey,
404 	.recvmsg	=	hash_recvmsg_nokey,
405 	.accept		=	hash_accept_nokey,
406 };
407 
408 static void *hash_bind(const char *name, u32 type, u32 mask)
409 {
410 	return crypto_alloc_ahash(name, type, mask);
411 }
412 
413 static void hash_release(void *private)
414 {
415 	crypto_free_ahash(private);
416 }
417 
418 static int hash_setkey(void *private, const u8 *key, unsigned int keylen)
419 {
420 	return crypto_ahash_setkey(private, key, keylen);
421 }
422 
423 static void hash_sock_destruct(struct sock *sk)
424 {
425 	struct alg_sock *ask = alg_sk(sk);
426 	struct hash_ctx *ctx = ask->private;
427 
428 	hash_free_result(sk, ctx);
429 	sock_kfree_s(sk, ctx, ctx->len);
430 	af_alg_release_parent(sk);
431 }
432 
433 static int hash_accept_parent_nokey(void *private, struct sock *sk)
434 {
435 	struct crypto_ahash *tfm = private;
436 	struct alg_sock *ask = alg_sk(sk);
437 	struct hash_ctx *ctx;
438 	unsigned int len = sizeof(*ctx) + crypto_ahash_reqsize(tfm);
439 
440 	ctx = sock_kmalloc(sk, len, GFP_KERNEL);
441 	if (!ctx)
442 		return -ENOMEM;
443 
444 	ctx->result = NULL;
445 	ctx->len = len;
446 	ctx->more = 0;
447 	crypto_init_wait(&ctx->wait);
448 
449 	ask->private = ctx;
450 
451 	ahash_request_set_tfm(&ctx->req, tfm);
452 	ahash_request_set_callback(&ctx->req, CRYPTO_TFM_REQ_MAY_BACKLOG,
453 				   crypto_req_done, &ctx->wait);
454 
455 	sk->sk_destruct = hash_sock_destruct;
456 
457 	return 0;
458 }
459 
460 static int hash_accept_parent(void *private, struct sock *sk)
461 {
462 	struct crypto_ahash *tfm = private;
463 
464 	if (crypto_ahash_get_flags(tfm) & CRYPTO_TFM_NEED_KEY)
465 		return -ENOKEY;
466 
467 	return hash_accept_parent_nokey(private, sk);
468 }
469 
470 static const struct af_alg_type algif_type_hash = {
471 	.bind		=	hash_bind,
472 	.release	=	hash_release,
473 	.setkey		=	hash_setkey,
474 	.accept		=	hash_accept_parent,
475 	.accept_nokey	=	hash_accept_parent_nokey,
476 	.ops		=	&algif_hash_ops,
477 	.ops_nokey	=	&algif_hash_ops_nokey,
478 	.name		=	"hash",
479 	.owner		=	THIS_MODULE
480 };
481 
482 static int __init algif_hash_init(void)
483 {
484 	return af_alg_register_type(&algif_type_hash);
485 }
486 
487 static void __exit algif_hash_exit(void)
488 {
489 	int err = af_alg_unregister_type(&algif_type_hash);
490 	BUG_ON(err);
491 }
492 
493 module_init(algif_hash_init);
494 module_exit(algif_hash_exit);
495 MODULE_LICENSE("GPL");
496