| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250731192545.29869-3-ebiggers@kernel.org>
Date: Thu, 31 Jul 2025 12:25:45 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: linux-usb@...r.kernel.org,
Andreas Noever <andreas.noever@...il.com>,
Michael Jamet <michael.jamet@...el.com>,
Mika Westerberg <westeri@...nel.org>,
Yehezkel Bernat <YehezkelShB@...il.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: linux-crypto@...r.kernel.org,
linux-kernel@...r.kernel.org,
Eric Biggers <ebiggers@...nel.org>
Subject: [PATCH 2/2] thunderbolt: Use HMAC-SHA256 library instead of crypto_shash
Use the hmac_sha256_usingrawkey() library function instead of the
"hmac(sha256)" crypto_shash. This is simpler and faster.
As a cleanup, change the input data parameters from "challenge,
sizeof(hmac)" to "challenge, sizeof(challenge)", so that the size is
being taken of the correct buffer. This is not a functional change,
since it happens that sizeof(hmac) == sizeof(challenge).
Replace the selection of CRYPTO and CRYPTO_HASH with CRYPTO_LIB_SHA256
and CRYPTO_LIB_UTILS. The latter is needed for crypto_memneq() which
was previously being pulled in via CRYPTO.
Signed-off-by: Eric Biggers <ebiggers@...nel.org>
---
drivers/thunderbolt/Kconfig | 4 ++--
drivers/thunderbolt/domain.c | 44 +++++-------------------------------
2 files changed, 8 insertions(+), 40 deletions(-)
diff --git a/drivers/thunderbolt/Kconfig b/drivers/thunderbolt/Kconfig
index 0abdb69ee9f43..db3b0bef48f4c 100644
--- a/drivers/thunderbolt/Kconfig
+++ b/drivers/thunderbolt/Kconfig
@@ -2,12 +2,12 @@
menuconfig USB4
tristate "Unified support for USB4 and Thunderbolt"
depends on PCI
select APPLE_PROPERTIES if EFI_STUB && X86
select CRC32
- select CRYPTO
- select CRYPTO_HASH
+ select CRYPTO_LIB_SHA256
+ select CRYPTO_LIB_UTILS
select NVMEM
help
USB4 and Thunderbolt driver. USB4 is the public specification
based on the Thunderbolt 3 protocol. This driver is required if
you want to hotplug Thunderbolt and USB4 compliant devices on
diff --git a/drivers/thunderbolt/domain.c b/drivers/thunderbolt/domain.c
index 7e0eb3c07f1c7..5272c255e046d 100644
--- a/drivers/thunderbolt/domain.c
+++ b/drivers/thunderbolt/domain.c
@@ -10,11 +10,11 @@
#include <linux/idr.h>
#include <linux/module.h>
#include <linux/pm_runtime.h>
#include <linux/slab.h>
#include <linux/random.h>
-#include <crypto/hash.h>
+#include <crypto/sha2.h>
#include <crypto/utils.h>
#include "tb.h"
static DEFINE_IDA(tb_domain_ida);
@@ -707,12 +707,10 @@ int tb_domain_challenge_switch_key(struct tb *tb, struct tb_switch *sw)
{
u8 challenge[TB_SWITCH_KEY_SIZE];
u8 response[TB_SWITCH_KEY_SIZE];
u8 hmac[TB_SWITCH_KEY_SIZE];
struct tb_switch *parent_sw;
- struct crypto_shash *tfm;
- struct shash_desc *shash;
int ret;
if (!tb->cm_ops->approve_switch || !tb->cm_ops->challenge_switch_key)
return -EPERM;
@@ -724,49 +722,19 @@ int tb_domain_challenge_switch_key(struct tb *tb, struct tb_switch *sw)
get_random_bytes(challenge, sizeof(challenge));
ret = tb->cm_ops->challenge_switch_key(tb, sw, challenge, response);
if (ret)
return ret;
- tfm = crypto_alloc_shash("hmac(sha256)", 0, 0);
- if (IS_ERR(tfm))
- return PTR_ERR(tfm);
-
- ret = crypto_shash_setkey(tfm, sw->key, TB_SWITCH_KEY_SIZE);
- if (ret)
- goto err_free_tfm;
-
- shash = kzalloc(sizeof(*shash) + crypto_shash_descsize(tfm),
- GFP_KERNEL);
- if (!shash) {
- ret = -ENOMEM;
- goto err_free_tfm;
- }
-
- shash->tfm = tfm;
-
- memset(hmac, 0, sizeof(hmac));
- ret = crypto_shash_digest(shash, challenge, sizeof(hmac), hmac);
- if (ret)
- goto err_free_shash;
+ static_assert(sizeof(hmac) == SHA256_DIGEST_SIZE);
+ hmac_sha256_usingrawkey(sw->key, TB_SWITCH_KEY_SIZE,
+ challenge, sizeof(challenge), hmac);
/* The returned HMAC must match the one we calculated */
- if (crypto_memneq(response, hmac, sizeof(hmac))) {
- ret = -EKEYREJECTED;
- goto err_free_shash;
- }
-
- crypto_free_shash(tfm);
- kfree(shash);
+ if (crypto_memneq(response, hmac, sizeof(hmac)))
+ return -EKEYREJECTED;
return tb->cm_ops->approve_switch(tb, sw);
-
-err_free_shash:
- kfree(shash);
-err_free_tfm:
- crypto_free_shash(tfm);
-
- return ret;
}
/**
* tb_domain_disconnect_pcie_paths() - Disconnect all PCIe paths
* @tb: Domain whose PCIe paths to disconnect
--
2.50.1
Powered by blists - more mailing lists