lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20221006234138.1835739-1-keescook@chromium.org>
Date:   Thu,  6 Oct 2022 16:41:38 -0700
From:   Kees Cook <keescook@...omium.org>
To:     "Guilherme G. Piccoli" <gpiccoli@...lia.com>
Cc:     Kees Cook <keescook@...omium.org>,
        Ard Biesheuvel <ardb@...nel.org>,
        Anton Vorontsov <anton@...msg.org>,
        Colin Cross <ccross@...roid.com>,
        Tony Luck <tony.luck@...el.com>, linux-kernel@...r.kernel.org,
        linux-hardening@...r.kernel.org
Subject: [PATCH] pstore: migrate to crypto acomp interface (take 2)

From: Ard Biesheuvel <ardb@...nel.org>

The crypto 'compress' interface is deprecated, so before adding new
features, migrate to the acomp interface. Note that we are only using
synchronous implementations of acomp, so we don't have to deal with
asynchronous completion.

[ Tweaked error paths to avoid memory leak, as pointed out byGuilherme
  G. Piccoli <gpiccoli@...lia.com>, and fixed pstore_compress()
  return value -kees ]

Signed-off-by: Ard Biesheuvel <ardb@...nel.org>
Link: https://lore.kernel.org/lkml/CAMj1kXFnoqj+cn-0dT8fg0kgLvVx+Q2Ex-4CUjSnA9yRprmC-w@mail.gmail.com/
Cc: "Guilherme G. Piccoli" <gpiccoli@...lia.com>
Signed-off-by: Kees Cook <keescook@...omium.org>
---
 fs/pstore/platform.c | 74 ++++++++++++++++++++++++++++++++++----------
 1 file changed, 57 insertions(+), 17 deletions(-)

diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c
index 0c034ea39954..f82256612c19 100644
--- a/fs/pstore/platform.c
+++ b/fs/pstore/platform.c
@@ -28,11 +28,14 @@
 #include <linux/crypto.h>
 #include <linux/string.h>
 #include <linux/timer.h>
+#include <linux/scatterlist.h>
 #include <linux/slab.h>
 #include <linux/uaccess.h>
 #include <linux/jiffies.h>
 #include <linux/workqueue.h>
 
+#include <crypto/acompress.h>
+
 #include "internal.h"
 
 /*
@@ -90,7 +93,8 @@ module_param(compress, charp, 0444);
 MODULE_PARM_DESC(compress, "compression to use");
 
 /* Compression parameters */
-static struct crypto_comp *tfm;
+static struct crypto_acomp *tfm;
+static struct acomp_req *creq;
 
 struct pstore_zbackend {
 	int (*zbufsize)(size_t size);
@@ -268,23 +272,32 @@ static const struct pstore_zbackend zbackends[] = {
 static int pstore_compress(const void *in, void *out,
 			   unsigned int inlen, unsigned int outlen)
 {
+	struct scatterlist src, dst;
 	int ret;
 
 	if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS))
 		return -EINVAL;
 
-	ret = crypto_comp_compress(tfm, in, inlen, out, &outlen);
+	sg_init_table(&src, 1);
+	sg_set_buf(&src, in, inlen);
+
+	sg_init_table(&dst, 1);
+	sg_set_buf(&dst, out, outlen);
+
+	acomp_request_set_params(creq, &src, &dst, inlen, outlen);
+
+	ret = crypto_acomp_compress(creq);
 	if (ret) {
 		pr_err("crypto_comp_compress failed, ret = %d!\n", ret);
 		return ret;
 	}
 
-	return outlen;
+	return creq->dlen;
 }
 
 static void allocate_buf_for_compression(void)
 {
-	struct crypto_comp *ctx;
+	struct crypto_acomp *acomp;
 	int size;
 	char *buf;
 
@@ -296,7 +309,7 @@ static void allocate_buf_for_compression(void)
 	if (!psinfo || tfm)
 		return;
 
-	if (!crypto_has_comp(zbackend->name, 0, 0)) {
+	if (!crypto_has_acomp(zbackend->name, 0, CRYPTO_ALG_ASYNC)) {
 		pr_err("Unknown compression: %s\n", zbackend->name);
 		return;
 	}
@@ -315,16 +328,24 @@ static void allocate_buf_for_compression(void)
 		return;
 	}
 
-	ctx = crypto_alloc_comp(zbackend->name, 0, 0);
-	if (IS_ERR_OR_NULL(ctx)) {
+	acomp = crypto_alloc_acomp(zbackend->name, 0, CRYPTO_ALG_ASYNC);
+	if (IS_ERR_OR_NULL(acomp)) {
 		kfree(buf);
 		pr_err("crypto_alloc_comp('%s') failed: %ld\n", zbackend->name,
-		       PTR_ERR(ctx));
+		       PTR_ERR(acomp));
+		return;
+	}
+
+	creq = acomp_request_alloc(acomp);
+	if (!creq) {
+		crypto_free_acomp(acomp);
+		kfree(buf);
+		pr_err("acomp_request_alloc('%s') failed\n", zbackend->name);
 		return;
 	}
 
 	/* A non-NULL big_oops_buf indicates compression is available. */
-	tfm = ctx;
+	tfm = acomp;
 	big_oops_buf_sz = size;
 	big_oops_buf = buf;
 
@@ -334,7 +355,8 @@ static void allocate_buf_for_compression(void)
 static void free_buf_for_compression(void)
 {
 	if (IS_ENABLED(CONFIG_PSTORE_COMPRESS) && tfm) {
-		crypto_free_comp(tfm);
+		acomp_request_free(creq);
+		crypto_free_acomp(tfm);
 		tfm = NULL;
 	}
 	kfree(big_oops_buf);
@@ -671,6 +693,8 @@ static void decompress_record(struct pstore_record *record)
 	int ret;
 	int unzipped_len;
 	char *unzipped, *workspace;
+	struct acomp_req *dreq;
+	struct scatterlist src, dst;
 
 	if (!IS_ENABLED(CONFIG_PSTORE_COMPRESS) || !record->compressed)
 		return;
@@ -694,31 +718,47 @@ static void decompress_record(struct pstore_record *record)
 	if (!workspace)
 		return;
 
+	dreq = acomp_request_alloc(tfm);
+	if (!dreq)
+		goto out_free_workspace;
+
+	sg_init_table(&src, 1);
+	sg_set_buf(&src, record->buf, record->size);
+
+	sg_init_table(&dst, 1);
+	sg_set_buf(&dst, workspace, unzipped_len);
+
+	acomp_request_set_params(dreq, &src, &dst, record->size, unzipped_len);
+
 	/* After decompression "unzipped_len" is almost certainly smaller. */
-	ret = crypto_comp_decompress(tfm, record->buf, record->size,
-					  workspace, &unzipped_len);
+	ret = crypto_acomp_decompress(dreq);
 	if (ret) {
-		pr_err("crypto_comp_decompress failed, ret = %d!\n", ret);
-		kfree(workspace);
-		return;
+		pr_err("crypto_acomp_decompress failed, ret = %d!\n", ret);
+		goto out;
 	}
 
 	/* Append ECC notice to decompressed buffer. */
+	unzipped_len = dreq->dlen;
 	memcpy(workspace + unzipped_len, record->buf + record->size,
 	       record->ecc_notice_size);
 
 	/* Copy decompressed contents into an minimum-sized allocation. */
 	unzipped = kmemdup(workspace, unzipped_len + record->ecc_notice_size,
 			   GFP_KERNEL);
-	kfree(workspace);
 	if (!unzipped)
-		return;
+		goto out;
 
 	/* Swap out compressed contents with decompressed contents. */
 	kfree(record->buf);
 	record->buf = unzipped;
 	record->size = unzipped_len;
 	record->compressed = false;
+
+out:
+	acomp_request_free(dreq);
+out_free_workspace:
+	kfree(workspace);
+	return;
 }
 
 /*
-- 
2.34.1

Powered by blists - more mailing lists