On 4/8/21 11:30 AM, Eric Biggers wrote:
On Thu, Apr 08, 2021 at 09:15:06AM -0400, Chris von Recklinghausen wrote:
Suspend fails on a system in fips mode because md5 is used for the e820
integrity check and is not available. Use crc32 instead.
This patch changes the integrity check algorithm from md5 to
crc32. This integrity check is used only to verify accidental
corruption of the hybernation data and is not intended as a
cryptographic integrity check.
Md5 is overkill in this case and also disabled in FIPS mode because it
is known to be broken for cryptographic purposes.
Fixes: 62a03defeabd ("PM / hibernate: Verify the consistent of e820 memory map
by md5 digest")
Tested-by: Dexuan Cui <de...@microsoft.com>
Reviewed-by: Dexuan Cui <de...@microsoft.com>
Signed-off-by: Chris von Recklinghausen <creck...@redhat.com>
---
v1 -> v2
bump up RESTORE_MAGIC
v2 -> v3
move embelishment from cover letter to commit comments (no code change)
v3 -> v4
add note to comments that md5 isn't used for encryption here.
v4 -> v5
reword comment per Simo's suggestion
arch/x86/power/hibernate.c | 35 +++++++++++++++++++----------------
1 file changed, 19 insertions(+), 16 deletions(-)
diff --git a/arch/x86/power/hibernate.c b/arch/x86/power/hibernate.c
index cd3914fc9f3d..b56172553275 100644
--- a/arch/x86/power/hibernate.c
+++ b/arch/x86/power/hibernate.c
@@ -55,31 +55,31 @@ int pfn_is_nosave(unsigned long pfn)
}
-#define MD5_DIGEST_SIZE 16
+#define CRC32_DIGEST_SIZE 16
struct restore_data_record {
unsigned long jump_address;
unsigned long jump_address_phys;
unsigned long cr3;
unsigned long magic;
- u8 e820_digest[MD5_DIGEST_SIZE];
+ u8 e820_digest[CRC32_DIGEST_SIZE];
};
-#if IS_BUILTIN(CONFIG_CRYPTO_MD5)
+#if IS_BUILTIN(CONFIG_CRYPTO_CRC32)
Should CONFIG_CRYPTO_CRC32 be getting selected from somewhere?
Yes, presumably from the same source that sets CONFIG_CRYPTO_MD5. Also
presumably there's value to not forcing the check if the config value is
not set.
If that is too hard because it would pull in too much of the crypto API, maybe
using the library interface to CRC-32 (lib/crc32.c) would be a better fit?
Based on my statement above, the intent is to provide a simple drop in
replacement for md5 so that users of FIPS mode can suspend/resume
without any errors.
Thanks,
Chris
- Eric