lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 20 Dec 2017 20:09:24 +0000
From:   Corentin Labbe <clabbe@...libre.com>
To:     davem@...emloft.net, herbert@...dor.apana.org.au,
        nhorman@...driver.com
Cc:     linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
        Corentin Labbe <clabbe@...libre.com>
Subject: [PATCH RFC 0/3] crypto: Implement a generic crypto statistics

Hello

This patch is a try to implement a generic crypto driver statistics.
The goal is to have an "ifconfig" for crypto device.

Some driver tried to implement this via a debugfs interface.

My proposed way is to embed this in the crypto framework by registering
a /sys/kernel/crypto tree and create a directory for each cra_driver_name.
Note that I assume than cra_driver_name will only exists once, which seems false for arm64 ctr-aes-ce.
But for me, it's a bug.
Each crypto algorithm "cra_name" can have multiple implementation called
"cra_driver_name".
If two different implementation have the same cra_driver_name, nothing
can easily differentiate them.
Furthermore the mechanism for getting a crypto algorithm with its
implementation name (crypto_alg_match() in crypto/crypto_user.c) will
get only the first one found.

Then an userspace tool will collect information in this tree.

Example of output:
./cryptostat
aes-arm (cipher) aes
	Encrypt: 0	bytes 0
	Decrypt: 0	bytes 0
aes-generic (cipher) aes
	Encrypt: 0	bytes 0
	Decrypt: 0	bytes 0
arc4-generic (cipher) arc4
	Encrypt: 0	bytes 0
	Decrypt: 0	bytes 0
cbc(aes-arm) (cipher) cbc(aes)
	Encrypt: 94	bytes 6096
	Decrypt: 94	bytes 6096
cbc-aes-sun8i-ce (cipher) cbc(aes)
	Encrypt: 24	bytes 3712
	Decrypt: 24	bytes 3712
cbc(des3_ede-generic) (cipher) cbc(des3_ede)
	Encrypt: 14	bytes 5104
	Decrypt: 14	bytes 5104
cbc-des3-sun8i-ce (cipher) cbc(des3_ede)
	Encrypt: 10	bytes 3488
	Decrypt: 10	bytes 3488
cipher_null-generic (cipher) cipher_null
	Encrypt: 0	bytes 0
	Decrypt: 0	bytes 0
compress_null-generic (compress) compress_null
	Compress: 0	bytes 0
	Decompress: 0	bytes 0
crc32c-generic (hash) crc32c
	Hash: 88	bytes 15826
crct10dif-generic (hash) crct10dif
	Hash: 20	bytes 2246
ctr(aes-arm) (cipher) ctr(aes)
	Encrypt: 31	bytes 10225
	Decrypt: 31	bytes 10225
ctr-aes-sun8i-ce (cipher) ctr(aes)
	Encrypt: 24	bytes 6738
	Decrypt: 24	bytes 6738
cts(cbc(aes-arm)) (cipher) cts(cbc(aes))
	Encrypt: 33	bytes 1241
	Decrypt: 33	bytes 1241
cts(cbc-aes-sun8i-ce) (cipher) cts(cbc(aes))
	Encrypt: 24	bytes 956
	Decrypt: 24	bytes 956
deflate-generic (compress) deflate
	Compress: 0	bytes 0
	Decompress: 0	bytes 0
deflate-scomp (compress) deflate
	Compress: 2	bytes 261
	Decompress: 4	bytes 320
des3_ede-generic (cipher) des3_ede
	Encrypt: 0	bytes 0
	Decrypt: 0	bytes 0
des-generic (cipher) des
	Encrypt: 0	bytes 0
	Decrypt: 0	bytes 0
dh-generic (kpp) dh
	Set_secret: 2
	Generate_public_key: 2
	Compute_shared_secret: 2
digest_null-generic (hash) digest_null
	Hash: 0	bytes 0
drbg_nopr_hmac_sha1 (rng) stdrng
	Generate: 0	bytes 0
	Seed: 0
drbg_nopr_hmac_sha256 (rng) stdrng
	Generate: 8	bytes 1024
	Seed: 4
drbg_nopr_hmac_sha384 (rng) stdrng
	Generate: 0	bytes 0
	Seed: 0
drbg_nopr_hmac_sha512 (rng) stdrng
	Generate: 0	bytes 0
	Seed: 0
drbg_pr_hmac_sha1 (rng) stdrng
	Generate: 0	bytes 0
	Seed: 0
drbg_pr_hmac_sha256 (rng) stdrng
	Generate: 8	bytes 1024
	Seed: 4
drbg_pr_hmac_sha384 (rng) stdrng
	Generate: 0	bytes 0
	Seed: 0
drbg_pr_hmac_sha512 (rng) stdrng
	Generate: 0	bytes 0
	Seed: 0
ecb(aes-arm) (cipher) ecb(aes)
	Encrypt: 20	bytes 4160
	Decrypt: 20	bytes 4160
ecb-aes-sun8i-ce (cipher) ecb(aes)
	Encrypt: 18	bytes 3168
	Decrypt: 18	bytes 3168
ecb(arc4)-generic (cipher) ecb(arc4)
	Encrypt: 21	bytes 270
	Decrypt: 21	bytes 270
ecb-cipher_null (cipher) ecb(cipher_null)
	Encrypt: 0	bytes 0
	Decrypt: 0	bytes 0
ecb(des3_ede-generic) (cipher) ecb(des3_ede)
	Encrypt: 24	bytes 4584
	Decrypt: 24	bytes 4584
ecb-des3-sun8i-ce (cipher) ecb(des3_ede)
	Encrypt: 18	bytes 3072
	Decrypt: 18	bytes 3072
hmac(sha256-neon) (hash) hmac(sha256)
	Hash: 40	bytes 1788
jitterentropy_rng (rng) jitterentropy_rng
	Generate: 0	bytes 0
	Seed: 0
lzo-generic (compress) lzo
	Compress: 0	bytes 0
	Decompress: 0	bytes 0
lzo-scomp (compress) lzo
	Compress: 2	bytes 229
	Decompress: 4	bytes 367
md5-generic (hash) md5
	Hash: 28	bytes 718
pkcs1pad(rsa-sun8i-ce,sha1) (asymetric) pkcs1pad(rsa,sha1)
	Encrypt: 0	bytes 0
	Decrypt: 0	bytes 0
	Verify: 2
	Sign: 0
rsa-generic (asymetric) rsa
	Encrypt: 14	bytes 0
	Decrypt: 9	bytes 0
	Verify: 5
	Sign: 0
rsa-sun8i-ce (asymetric) rsa
	Encrypt: 7	bytes 0
	Decrypt: 6	bytes 0
	Verify: 2
	Sign: 0
sha1-asm (hash) sha1
	Hash: 24	bytes 4864
sha1-generic (hash) sha1
	Hash: 24	bytes 4864
sha1-neon (hash) sha1
	Hash: 24	bytes 4864
sha224-asm (hash) sha224
	Hash: 20	bytes 4528
sha224-generic (hash) sha224
	Hash: 20	bytes 4528
sha224-neon (hash) sha224
	Hash: 20	bytes 4528
sha256-asm (hash) sha256
	Hash: 20	bytes 4528
sha256-generic (hash) sha256
	Hash: 20	bytes 4528
sha256-neon (hash) sha256
	Hash: 20	bytes 4528
sha384-generic (hash) sha384
	Hash: 24	bytes 5036
sha512-generic (hash) sha512
	Hash: 24	bytes 5036
zlib-deflate-scomp (compress) zlib-deflate
	Compress: 2	bytes 261
	Decompress: 4	bytes 345

Note that this patch could be a starting base for a /proc/crypto replacement.

Please let me know your opinions about it

Regards

Corentin Labbe (3):
  crypto: Prevent to register duplicate cra_driver_name
  crypto: Implement a generic crypto statistics
  crypto: tools: Add cryptostat userspace

 crypto/Kconfig             |  11 +++
 crypto/ahash.c             |  18 +++++
 crypto/algapi.c            | 191 +++++++++++++++++++++++++++++++++++++++++++++
 crypto/rng.c               |   3 +
 include/crypto/acompress.h |  10 +++
 include/crypto/akcipher.h  |  12 +++
 include/crypto/kpp.h       |   9 +++
 include/crypto/rng.h       |   5 ++
 include/crypto/skcipher.h  |   8 ++
 include/linux/crypto.h     |  22 ++++++
 tools/crypto/cryptostat    |  40 ++++++++++
 11 files changed, 329 insertions(+)
 create mode 100755 tools/crypto/cryptostat

-- 
2.13.6

Powered by blists - more mailing lists