SHA256 algorithms

Michal Ludvig Sun, 09 Jul 2006 22:40:31 -0700

Herbert Xu wrote:
> On Mon, Jul 10, 2006 at 01:22:12AM +1200, Michal Ludvig wrote:
>> padlock_cra_init() correctly says fallback TFM couldn't be allocated and 
>> returns 1. However AH SA is created anyway and padlock-sha has one user. 
>> setkey -F segfaults, because in cra_exit() I assume the fallback tfm was 
>> not null and trying to free it. I never expected to get cra_exit() 
>> called when cra_init() failed.
> 
> Are you sure your cra_init returned a non-zero error?


Yes. I added some printk()s around:
crypto/api.c::__crypto_alloc_tfm():
        if (alg->cra_init && (err = alg->cra_init(tfm))) {
                if (err == -EAGAIN)
                        crypto_shoot_alg(alg);
                printk(KERN_DEBUG "%s(): err=%d\n", __func__, err);
                goto cra_init_failed;
        }
(+printk in crypto_exit_digest_ops())

drivers/crypto/padlock-sha.c::padlock_sha_init():
        CTX(tfm)->fallback_tfm =
                crypto_alloc_tfm(CTX(tfm)->fallback_driver_name, 0);
        if (!CTX(tfm)->fallback_tfm) {
                printk(KERN_ERR PFX "Fallback driver '%s' could not be
                                loaded!\n",
                       CTX(tfm)->fallback_driver_name);
                return 1;
        }

Now doing the same procedure as before: modprobe padlock-sha, disable
sha1 and sha1-generic in modprobe.conf, setkey AH:

~# dmesg:
### Autoload of sha1/sha256 from padlock_init():
padlock: Fallback for 'sha1' is driver 'sha1-generic' (prio=0)
crypto_exit_digest_ops()
padlock: Fallback for 'sha256' is driver 'sha256-generic' (prio=0)
crypto_exit_digest_ops()
padlock: Using VIA PadLock ACE for SHA1/SHA256 algorithms.

### setkey:
NET: Registered protocol family 15
padlock: Fallback driver 'sha1-generic' could not be loaded!
__crypto_alloc_tfm(): err=1     <<< Yes, returned 1
crypto_exit_digest_ops()        <<< and immediately called this

~# lsmod
Module                  Size  Used by
ah4                     6080  1
cryptomgr               2368  0
af_key                 34416  0
sha256                 11456  0
padlock_sha             5520  1         <<< weird
(removed some lines but no sha1 in the list, really ;-)

> Could you please print out what string padlock_cra_init passed to
> crypto_alloc_tfm?

sha1-generic

(I hope I haven't done a mistake when backporting cryptodev tree to
2.6.16+Xen that I use for development. Unfortunately I can't directly
test your cryptodev tree at the moment as I don't have console access to
the VIA C7 server. That's why I use Xen for it :-/ )

Michal
-
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [CRYPTO 3/4] padlock: Driver for SHA1 / SHA256 algorithms

Reply via email to